CSRF in Cisco Content_security_management_appliance

CVE-2013-3395

Cross-site request forgery (CSRF) vulnerability in the web framework on Cisco IronPort Web Security Appliance (WSA) devices, Email Security Appliance (ESA) devices, and Content Security Management Appliance (SMA) devices allows remote atta…

Vulnerability class: CSRF (Cross-Site Request Forgery)

EPSS: 0.001 (31.0th percentile) — read the EPSS interpretation.

Affected products

Cisco Content_security_management_appliance
Cisco Email_security_appliance_firmware
Cisco Web_security_appliance
N/a — versions n/a

Weakness classification (CWE)

CWE-352 — Cross-Site Request Forgery (CSRF)

References

20130626 Cisco IronPort Cross-Site Request Forgery Vulnerability (x_refsource_CISCO, vendor-advisory, Vendor Advisory)