Cross-Site Request Forgery Vulnerability in Cisco TelePresence MCU 4500
CVE-2015-4257

Currently unrated

Key Information:

Vendor: Cisco
Status: Telepresence Mcu Software
Vendor: CVE Published:; 10 July 2015

Summary

A Cross-Site Request Forgery vulnerability exists in Cisco TelePresence MCU 4500 devices running software version 4.5(1.55). This flaw enables remote attackers to exploit the authentication process of legitimate users, which may lead to unauthorized actions and control over user sessions. Organizations using this device should take immediate measures to secure their systems and mitigate the risk of such attacks.

References

http://tools.cisco.com/security/center/viewAlert.x?alertI...

vendor-advisoryx_refsource_CISCO

http://www.securitytracker.com/id/1032838

vdb-entryx_refsource_SECTRACK

Timeline

Vulnerability published
Jul 10, 2015
Vulnerability Reserved
Jun 4, 2015