Lucene search
HistoryOct 30, 2015 - 10:59 a.m.
CVE-2015-6350
cve-2015-6350
sql injection
cisco
prime service catalog 11.0
remote authenticated users
arbitrary sql commands
6.5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:P/A:P
8.2 High
AI Score
Confidence
Low
0.001 Low
EPSS
Percentile
41.4%
SQL injection vulnerability in the web framework in Cisco Prime Service Catalog 11.0 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors, aka Bug ID CSCuw50843.
Affected configurations
Node
ciscoprime_service_catalogMatch11.0_base
| CPE | Name | Operator | Version |
|---|---|---|---|
| cisco:prime_service_catalog | cisco prime service catalog | eq | 11.0_base |
Related
nvd
nvd
CVE-2015-6350
2015-10-30 10:59:08
prion
prion
Sql injection
2015-10-30 10:59:00
cvelist
cvelist
CVE-2015-6350
2015-10-30 10:00:00
cisco
cisco
Cisco Prime Service Catalog SQL Injection Vulnerability
2015-10-28 19:30:00
6.5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:P/A:P
8.2 High
AI Score
Confidence
Low
0.001 Low
EPSS
Percentile
41.4%
Related for CVE-2015-6350