CSRF in Cisco Identity_services_engine
CVE-2012-3908
Multiple cross-site request forgery (CSRF) vulnerabilities in the ISE Administrator user interface (aka the Apache Tomcat interface) on Cisco Identity Services Engine (ISE) 3300 series appliances before 1.1.0.665 Cumulative Patch 1 allow r…
Vulnerability class: CSRF (Cross-Site Request Forgery)
EPSS: 0.001 (34.2th percentile) — read the EPSS interpretation.
Affected products
- Cisco Identity_services_engine — versions 3300
- Cisco Identity_services_engine_software — versions 1.0, 1.0.4, 1.0mr
- N/a — versions n/a
Weakness classification (CWE)
References
- 50680 (x_refsource_SECUNIA, third-party-advisory)
- psirt@cisco.com (x_refsource_CONFIRM, Vendor Advisory)
- 55602 (vdb-entry, x_refsource_BID)
- psirt@cisco.com (x_refsource_MISC)