NVD

Id
25768  
Name
CVE-2015-4298  
Description
Cisco Unified Web and E-Mail Interaction Manager 9.0(2) and 11.0(1) improperly performs authorization, which allows remote authenticated users to read or write to stored data via unspecified vectors, aka Bug ID CSCuo89056.  
Reject
 
CVSS Version
2  
CVSS Score
6.5  
Severity
Medium  
CVSS Base Score
6.5  
CVSS Impact Subscore
6.4  
CVSS Exploit Subscore
8  
CVSS Vector
(AV:N/AC:L/Au:S/C:P/I:P/A:P)  
Pub Date
2017-01-19  
Published
2015-08-19  
Modified Date
2016-12-28  
Seq
2015-4298  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
136023 25768 CVE-2015-4298 20150813 Cisco Unified Interaction Manager Web Interface Authorization Bypass Vulnerability  View
136024 25768 CVE-2015-4298 76348  View
136025 25768 CVE-2015-4298 1033286  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
9035 JVNDB-2015-004355 Cisco Unified Web and E-mail Interaction Manager における保存データを読まれる脆弱性 Cisco Unified Web and E-mail Interaction Manager は、承認を適切に実行しないため、保存データを読まれる、または書き込まれる脆弱性が存在します。 CVE-2015-4298 81523 CVE-2015-4298 25768 6.5 http://jvndb.jvn.jp/ja/contents/2015/JVNDB-2015-004355.html 2015-08-13 2015-08-25 View