Cross-Site Request Forgery Vulnerability in Cisco TelePresence Serial Gateway
CVE-2015-4253

Currently unrated

Key Information:

Vendor: Cisco
Status: Telepresence Serial Gateway
Vendor: CVE Published:; 10 July 2015

What is CVE-2015-4253?

A Cross-Site Request Forgery (CSRF) vulnerability exists in Cisco TelePresence Serial Gateway devices running software version 1.0(1.42). This issue allows remote attackers to impersonate authenticated users and perform unauthorized actions on their behalf. Specifically, this flaw can be exploited to hijack user authentication, leveraging the victim's session privileges, which may lead to significant security risks within the network environment. Users are encouraged to update their software to mitigate this vulnerability.

References

http://www.securitytracker.com/id/1032838

vdb-entryx_refsource_SECTRACK

http://tools.cisco.com/security/center/viewAlert.x?alertI...

vendor-advisoryx_refsource_CISCO

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 10, 2015
Vulnerability Reserved
Jun 4, 2015