CVE-2011-3293

Currently unrated

Key Information:

Vendor: Cisco
Status: Secure Access Control Server
Vendor: CVE Published:; 2 May 2012

Summary

Multiple cross-site request forgery (CSRF) vulnerabilities in the Solution Engine in Cisco Secure Access Control Server (ACS) 5.2 allow remote attackers to hijack the authentication of administrators for requests that insert cross-site scripting (XSS) sequences, aka Bug ID CSCtr78143.

References

http://secunia.com/advisories/49101

third-party-advisoryx_refsource_SECUNIA

http://www.securityfocus.com/bid/53436

vdb-entryx_refsource_BID

http://www.cisco.com/web/software/282766937/37718/Acs-5-2...

x_refsource_CONFIRM

Timeline

Vulnerability published
May 2, 2012
Vulnerability Reserved
Aug 29, 2011