Cross-site Request Forgery Vulnerability in Cisco Unified Intelligence Center
CVE-2015-4274

Currently unrated

Key Information:

Vendor: Cisco
Status: Unified Intelligence Center
Vendor: CVE Published:; 16 July 2015

Summary

A cross-site request forgery (CSRF) vulnerability exists in the web framework of Cisco Unified Intelligence Center versions 10.0(1) and 10.6(1). This security flaw allows remote attackers to exploit the authentication process and hijack the sessions of arbitrary users. By tricking users into clicking on malicious links or visiting compromised websites, attackers can gain unauthorized access to sensitive information and actions within the application, thereby posing a significant security risk to organizations relying on this product.

References

http://www.securitytracker.com/id/1032962

vdb-entryx_refsource_SECTRACK

http://tools.cisco.com/security/center/viewAlert.x?alertI...

vendor-advisoryx_refsource_CISCO

Timeline

Vulnerability published
Jul 16, 2015
Vulnerability Reserved
Jun 4, 2015