CSRF in Cisco Unified_intelligence_center
CVE-2015-4274
Cross-site request forgery (CSRF) vulnerability in the web framework in Cisco Unified Intelligence Center 10.0(1) and 10.6(1) allows remote attackers to hijack the authentication of arbitrary users, aka Bug IDs CSCuu94862 and CSCuu97936.
Vulnerability class: CSRF (Cross-Site Request Forgery)
EPSS: 0.001 (31.0th percentile) — read the EPSS interpretation.
Affected products
- Cisco Unified_intelligence_center — versions 10.0\(1\), 10.6\(1\)
- N/a — versions n/a
Weakness classification (CWE)
References
- 1032962 (vdb-entry, x_refsource_SECTRACK)
- 20150715 Cisco Unified Intelligence Center Cross-Site Request Forgery Vulnerability (x_refsource_CISCO, vendor-advisory, Vendor Advisory)