Lucene search
HistoryDec 03, 2015 - 3:59 a.m.
CVE-2015-6390
cve-2015-6390
cross-site scripting
xss
cisco unity connection
nvd
vulnerability
bug id cscup92741
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
5.8 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
49.2%
Cross-site scripting (XSS) vulnerability in the management interface in Cisco Unity Connection 9.1(1.10) allows remote attackers to inject arbitrary web script or HTML via a crafted value in a URL, aka Bug ID CSCup92741.
Affected configurations
Node
ciscounity_connectionMatch9.1\(1.10\)
| CPE | Name | Operator | Version |
|---|---|---|---|
| cisco:unity_connection | cisco unity connection | eq | 9.1\(1.10\) |
Related
cvelist
cvelist
CVE-2015-6390
2015-12-03 02:00:00
cisco
cisco
Cisco Unity Connection Cross-Site Scripting Vulnerability
2015-12-02 00:00:00
nvd
nvd
CVE-2015-6390
2015-12-03 03:59:02
prion
prion
Cross site scripting
2015-12-03 03:59:00
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
5.8 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
49.2%
Related for CVE-2015-6390