Vulnerability Description
Cisco Unified Web and E-Mail Interaction Manager 9.0(2) and 11.0(1) improperly performs authorization, which allows remote authenticated users to read or write to stored data via unspecified vectors, aka Bug ID CSCuo89056.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Cisco | Unified Web And E-Mail Interaction Manager | 9.0\(2\) |
Related Weaknesses (CWE)
References
- http://tools.cisco.com/security/center/viewAlert.x?alertId=40428Vendor Advisory
- http://www.securityfocus.com/bid/76348Third Party AdvisoryVDB Entry
- http://www.securitytracker.com/id/1033286Third Party AdvisoryVDB Entry
- http://tools.cisco.com/security/center/viewAlert.x?alertId=40428Vendor Advisory
- http://www.securityfocus.com/bid/76348Third Party AdvisoryVDB Entry
- http://www.securitytracker.com/id/1033286Third Party AdvisoryVDB Entry
FAQ
What is CVE-2015-4298?
CVE-2015-4298 is a vulnerability with a CVSS score of 6.5 (MEDIUM). Cisco Unified Web and E-Mail Interaction Manager 9.0(2) and 11.0(1) improperly performs authorization, which allows remote authenticated users to read or write to stored data via unspecified vectors, ...
How severe is CVE-2015-4298?
CVE-2015-4298 has been rated MEDIUM with a CVSS base score of 6.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2015-4298?
Check the references section above for vendor advisories and patch information. Affected products include: Cisco Unified Web And E-Mail Interaction Manager.