NVD

Id
23160  
Name
CVE-2015-0702  
Description
Unrestricted file upload vulnerability in the Custom Prompts upload implementation in Cisco Unified MeetingPlace 8.6(1.9) allows remote authenticated users to execute arbitrary code by using the languageShortName parameter to upload a file that provides shell access, aka Bug ID CSCus95712.  
Reject
 
CVSS Version
2  
CVSS Score
9  
Severity
High  
CVSS Base Score
9  
CVSS Impact Subscore
10  
CVSS Exploit Subscore
8  
CVSS Vector
(AV:N/AC:L/Au:S/C:C/I:C/A:C)  
Pub Date
2017-01-19  
Published
2015-04-20  
Modified Date
2017-01-06  
Seq
2015-0702  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
123011 23160 CVE-2015-0702 20150420 Cisco Unified MeetingPlace Custom Prompts languageShortName Parameter Arbitrary Code Execution Vulnerability  View
123012 23160 CVE-2015-0702 1032165  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
7093 JVNDB-2015-002413 Cisco Unified MeetingPlace の Custom Prompts のアップロードの実装における任意のコードを実行される脆弱性 Cisco Unified MeetingPlace の Custom Prompts のアップロードの実装には、ファイルを無制限にアップロードされることにより、任意のコードを実行される脆弱性が存在します。 CVE-2015-0702 77913 CVE-2015-0702 23160 9 http://jvndb.jvn.jp/ja/contents/2015/JVNDB-2015-002413.html 2015-04-20 2015-04-22 View