CSRF in Cisco Identity_services_engine
CVE-2013-3420
Cross-site request forgery (CSRF) vulnerability in the web framework on the Cisco Identity Services Engine (ISE) allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCuh25506.
Vulnerability class: CSRF (Cross-Site Request Forgery)
EPSS: 0.001 (31.0th percentile) — read the EPSS interpretation.
Affected products
- Cisco Identity_services_engine
- Cisco Identity_services_engine_software
- N/a — versions n/a
Weakness classification (CWE)
References
- 20130717 Cisco Identity Services Engine Cross-Site Request Forgery Vulnerability (x_refsource_CISCO, vendor-advisory, Vendor Advisory)