CVE-2015-0702

Unrestricted file upload vulnerability in the Custom Prompts upload implementation in Cisco Unified MeetingPlace 8.6(1.9) allows remote authenticated users to execute arbitrary code by using the languageShortName parameter to upload a file that provides shell access, aka Bug ID CSCus95712.
References
Configurations

Configuration 1 (hide)

cpe:2.3:a:cisco:unified_meetingplace:8.6\(1.9\):*:*:*:*:*:*:*

History

No history.

Information

Published : 2015-04-21 02:59

Updated : 2024-02-04 18:35


NVD link : CVE-2015-0702

Mitre link : CVE-2015-0702

CVE.ORG link : CVE-2015-0702


JSON object : View

Products Affected

cisco

  • unified_meetingplace
CWE
CWE-20

Improper Input Validation

CWE-434

Unrestricted Upload of File with Dangerous Type