CVE-2015-0699: SQL Injection
First published: Wed Apr 15 2015(Updated: )
SQL injection vulnerability in the Interactive Voice Response (IVR) component in Cisco Unified Communications Manager (UCM) 10.5(1.98991.13) allows remote attackers to execute arbitrary SQL commands via unspecified vectors, aka Bug ID CSCut21563.
Credit: ykramarz@cisco.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Cisco Unified Communications Domain Manager | =10.5\(1.98991.13\) |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2015-0699?
CVE-2015-0699 is considered a high severity vulnerability due to the potential for remote SQL injection attacks.
How do I fix CVE-2015-0699?
To fix CVE-2015-0699, you should upgrade to a patched version of Cisco Unified Communications Manager that addresses the vulnerability.
What systems are affected by CVE-2015-0699?
CVE-2015-0699 specifically affects Cisco Unified Communications Manager version 10.5(1.98991.13).
What kind of attack is possible with CVE-2015-0699?
CVE-2015-0699 allows remote attackers to execute arbitrary SQL commands against the system.
When was CVE-2015-0699 published?
CVE-2015-0699 was published in 2015.
- agent/author
- agent/description
- agent/event
- agent/first-publish-date
- agent/last-modified-date
- agent/references
- agent/severity
- agent/softwarecombine
- agent/tags
- agent/type
- agent/weakness
- collector/nvd-index
- vendor/cisco
- canonical/cisco unified communications domain manager
- version/cisco unified communications domain manager/10.5\(1.98991.13\)