PT-2015-6447 · Cisco · Cisco Prime Collaboration

Publicado

2015-06-17

·

Atualizado

2016-12-07

·

CVE-2015-4188

CVSS v2.0

5.0

Média

VetorAV:N/AC:L/Au:N/C:P/I:N/A:N
Name of the Vulnerable Software and Affected Versions Cisco Prime Collaboration version 10.5(1)
Description A SQL injection issue in the Manager interface allows remote attackers to execute arbitrary SQL commands via a crafted URL.
Recommendations For Cisco Prime Collaboration version 10.5(1), update to a version that includes the fix for Bug IDs CSCuu29910, CSCuu29928, and CSCuu59104 to resolve the issue.

Correção

SQL injection

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-89

Identificadores relacionados

CVE-2015-4188

Produtos afetados

Cisco Prime Collaboration