CVE-2015-6350

2015-10-3010:00:00

cisco

www.cve.org

7.9 High

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

41.4%

JSON

SQL injection vulnerability in the web framework in Cisco Prime Service Catalog 11.0 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors, aka Bug ID CSCuw50843.

References

tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151028-psc

www.securitytracker.com/id/1034023