Cross-Site Request Forgery Vulnerabilities in Cisco Unity Express

CVE-2013-1120

Summary

Cisco Unity Express prior to version 8.0 exhibits multiple vulnerabilities to cross-site request forgery (CSRF). These security flaws enable remote attackers to exploit authentication processes, potentially allowing unauthorized access to sensitive operations and information. Attackers can manipulate user sessions through various vectors, which can lead to significant breaches of security and data integrity.

References