CVE-2015-4298

Cisco Unified Web and E-Mail Interaction Manager 9.0(2) and 11.0(1) improperly performs authorization, which allows remote authenticated users to read or write to stored data via unspecified vectors, aka Bug ID CSCuo89056.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
6.5 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:S/C:P/I:P/A:P
ciscoCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 70%
VendorProductVersion
ciscounified_web_and_e-mail_interaction_manager
9.0\(2\)
ciscounified_web_and_e-mail_interaction_manager
11.0\(1\)
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://tools.cisco.com/security/center/viewAlert.x?alertId=40428
http://www.securityfocus.com/bid/76348
http://www.securitytracker.com/id/1033286
http://tools.cisco.com/security/center/viewAlert.x?alertId=40428
http://www.securityfocus.com/bid/76348
http://www.securitytracker.com/id/1033286