Cross-Site Request Forgery Vulnerability in Cisco Unified Communications Domain Manager
CVE-2015-0588

Currently unrated

Key Information:

Vendor: Cisco
Status: Unified Communications Domain Manager
Vendor: CVE Published:; 15 January 2015

Summary

A security flaw exists in Cisco Unified Communications Domain Manager 10 that enables remote attackers to exploit cross-site request forgery vulnerabilities. This can result in unauthorized actions being performed on behalf of authenticated users without their consent, potentially leading to significant security breaches. An attacker can leverage this vulnerability to hijack user sessions and perform actions that compromise the confidentiality and integrity of the system.

References

http://www.securitytracker.com/id/1031559

vdb-entryx_refsource_SECTRACK

http://tools.cisco.com/security/center/content/CiscoSecur...

vendor-advisoryx_refsource_CISCO

http://secunia.com/advisories/62352

third-party-advisoryx_refsource_SECUNIA

Timeline

Vulnerability published
Jan 15, 2015
Vulnerability Reserved
Jan 7, 2015