Cross-Site Request Forgery Affecting Cisco Firepower Devices
CVE-2015-6373

Currently unrated

Key Information:

Vendor
Cisco
Status
Firepower Extensible Operating System
Vendor
CVE Published:
18 November 2015

Summary

A Cross-Site Request Forgery (CSRF) vulnerability exists in the Cisco Firepower Extensible Operating System version 1.1(1.160) intended for Firepower 9000 devices. This flaw allows remote attackers to impersonate legitimate users and potentially hijack their authentication sessions. This vulnerability can lead to unauthorized actions being executed on behalf of authenticated users without their consent.

References

http://tools.cisco.com/security/center/content/CiscoSecur...
vendor-advisoryx_refsource_CISCO

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.