- Description
- SQL injection vulnerability in Cisco Unified Email Interaction Manager (EIM) and Unified Web Interaction Manager (WIM) 9.0(2) allows remote attackers to execute arbitrary SQL commands via unspecified vectors, aka Bug ID CSCuu30028.
- Source
- ykramarz@cisco.com
- NVD status
- Modified
CVSS 2.0
- Type
- Primary
- Base score
- 6.8
- Impact score
- 6.4
- Exploitability score
- 8.6
- Vector string
- AV:N/AC:M/Au:N/C:P/I:P/A:P
- nvd@nist.gov
- CWE-20
- Hype score
- Not currently trending
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:unified_web_and_e-mail_interaction_manager:9.0\\(2\\):*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "250253EA-5E9C-4F9F-86EF-1E9B87FEB936"
}
],
"operator": "OR"
}
]
}
]