Cross-Site Request Forgery in Cisco Unified Communications Manager IM & Presence Service
CVE-2018-0363
8.8HIGH
Key Information:
- Vendor
Cisco
- Vendor
- CVE Published:
- 21 June 2018
What is CVE-2018-0363?
A vulnerability exists in the web-based management interface of Cisco Unified Communications Manager IM & Presence Service, which can be exploited by an unauthenticated attacker through a CSRF attack. The flaw stems from inadequate protection against CSRF, enabling an attacker to trick a legitimate user into following a malicious link. This exploitation could result in the attacker executing arbitrary actions on the device under the user's authority, thus jeopardizing the integrity of the system.
Affected Version(s)
Cisco Unified Communications Manager IM & Presence Service unknown Cisco Unified Communications Manager IM & Presence Service unknown