CVE-2015-4298

Cisco Unified Web and E-Mail Interaction Manager 9.0(2) and 11.0(1) - Authenticated Improper Access Control

Title source: llm
STIX 2.1

Description

Cisco Unified Web and E-Mail Interaction Manager 9.0(2) and 11.0(1) improperly performs authorization, which allows remote authenticated users to read or write to stored data via unspecified vectors, aka Bug ID CSCuo89056.

References (3)

Core 3
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://www.securitytracker.com/id/1033286
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/76348
Vendor Advisory vendor-advisory x_refsource_cisco
http://tools.cisco.com/security/center/viewAlert.x?alertId=40428

Scores

EPSS 0.0246
EPSS Percentile 82.4%

Details

CWE
CWE-284
Status published
Products (2)
cisco/unified_web_and_e-mail_interaction_manager 9.0\(2\)
cisco/unified_web_and_e-mail_interaction_manager 11.0\(1\)
Published Aug 19, 2015
Tracked Since Feb 18, 2026