CVE-2015-4298
Cisco Unified Web and E-Mail Interaction Manager 9.0(2) and 11.0(1) - Authenticated Improper Access Control
Title source: llmDescription
Cisco Unified Web and E-Mail Interaction Manager 9.0(2) and 11.0(1) improperly performs authorization, which allows remote authenticated users to read or write to stored data via unspecified vectors, aka Bug ID CSCuo89056.
References (3)
Core 3
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id/1033286
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/76348
Vendor Advisory vendor-advisory
x_refsource_cisco
http://tools.cisco.com/security/center/viewAlert.x?alertId=40428
Scores
EPSS
0.0246
EPSS Percentile
82.4%
Details
CWE
CWE-284
Status
published
Products (2)
cisco/unified_web_and_e-mail_interaction_manager
9.0\(2\)
cisco/unified_web_and_e-mail_interaction_manager
11.0\(1\)
Published
Aug 19, 2015
Tracked Since
Feb 18, 2026