CVE-2015-5023
MEDIUMIBM Curam Social Program Management - SQL Injection
Title source: ruleDescription
SQL injection vulnerability in IBM Curam Social Program Management 6.1 before 6.1.1 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors.
Scores
CVSS v3
5.4
EPSS
0.0013
EPSS Percentile
31.8%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
Classification
CWE
CWE-89
Status
draft
Affected Products (7)
ibm/curam_social_program_management
ibm/curam_social_program_management
ibm/curam_social_program_management
ibm/curam_social_program_management
ibm/curam_social_program_management
ibm/curam_social_program_management
ibm/curam_social_program_management
Timeline
Published
Jan 03, 2016
Tracked Since
Feb 18, 2026