CVE-2015-0753

Published: May 29, 2015Modified: May 6, 2026

6.8

Vector

AV:N/AC:M/Au:N/C:P/I:P/A:P

Exploitability: 8.6 / Impact: 6.4

Source: NVD

Description

SQL injection vulnerability in Cisco Unified Email Interaction Manager (EIM) and Unified Web Interaction Manager (WIM) 9.0(2) allows remote attackers to execute arbitrary SQL commands via unspecified vectors, aka Bug ID CSCuu30028.

Affected (1)

Products: Cisco: Unified Web And E Mail Interaction Manager

Cisco

1 product

Unified Web And E Mail Interaction Manager

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Cisco Unified Web And E Mail Interaction Manager	Version 9.0(2)

Related CWEs

CWE-20

Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

References (4)

http://tools.cisco.com/security/center/viewAlert.x?alertId=39013

Source: psirt@cisco.com

Vendor Advisory

http://www.securitytracker.com/id/1032422

Source: psirt@cisco.com

Third Party AdvisoryVDB Entry

http://tools.cisco.com/security/center/viewAlert.x?alertId=39013

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://www.securitytracker.com/id/1032422

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party AdvisoryVDB Entry

Timeline

No history available yet.