Cross-Site Request Forgery in Cisco Secure Access Control Server Solution Engine
CVE-2015-0700

Currently unrated

Key Information:

Vendor
Cisco
Status
Secure Access Control Server Solution Engine
Vendor
CVE Published:
17 April 2015

Summary

A Cross-Site Request Forgery (CSRF) vulnerability exists in the Dashboard page of Cisco Secure Access Control Server Solution Engine prior to version 5.5(0.46.5). This vulnerability enables remote attackers to exploit user sessions and potentially hijack the authentication of arbitrary users, exposing sensitive information and allowing unauthorized access. It is crucial for organizations using affected versions to apply security updates and implement appropriate security measures to mitigate potential risks.

References

http://www.securitytracker.com/id/1032163
vdb-entryx_refsource_SECTRACK
http://tools.cisco.com/security/center/viewAlert.x?alertI...
vendor-advisoryx_refsource_CISCO

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.