CVE-2015-6299

SQL injection vulnerability in the web interface in Cisco Unity Connection 9.1(1.2) and earlier allows remote authenticated users to execute arbitrary SQL commands via a crafted POST request, aka Bug ID CSCuv63824.

Data: Cisco advisories 1 day ago · Cisco CSAF 4 hours ago · NVD CVEs 7 hours ago · NVD CPEs 1 day ago · CISA KEV 1 day ago · EPSS 1 day ago

Severity	MEDIUM
CVSS	6.5
EPSS	0.29% EPSS medium
CWE	CWE-89
KEV
Published	10 years ago
Modified	2 weeks ago

Products with public affected evidence

Product	Advisory	Affected evidence
Cisco Unity Connection	Cisco-SA-20150918-CVE-2015-6299	structured affected CSAF product_status