CVE-2015-0702

Unrestricted file upload vulnerability in the Custom Prompts upload implementation in Cisco Unified MeetingPlace 8.6(1.9) allows remote authenticated users to execute arbitrary code by using the languageShortName parameter to upload a file that provides shell access, aka Bug ID CSCus95712.

Severity	HIGH
CVSS	9.0
EPSS	1.68% EPSS medium
CWE	CWE-20
KEV
Published	11 years ago
Modified	2 weeks ago

Public Affected Products

Product	Advisory	Evidence
Cisco Unified MeetingPlace	Cisco-SA-20150420-CVE-2015-0702	Cisco CSAF · structured affected