Lucene search
CiscoCVE-2013-3397HistoryOct 03, 2022 - 4:14 p.m.
CVE-2013-3397
2022-10-0316:14:46
CWE-352
cisco
web.nvd.nist.gov
27
cve-2013-3397
csrf
unified serviceability component
cisco unified communications manager
cucm
bug id cscuh10298
nvd
CVSS2
6.8
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
AI Score
7.5
Confidence
Low
EPSS
0.001
Percentile
35.9%
Cross-site request forgery (CSRF) vulnerability in the Unified Serviceability component in Cisco Unified Communications Manager (CUCM) allows remote attackers to hijack the authentication of arbitrary users for requests that perform Unified Serviceability actions, aka Bug ID CSCuh10298.
Affected configurations
Node
ciscounified_communications_manager
| Vendor | Product | Version | CPE |
|---|---|---|---|
| cisco | unified_communications_manager | cpe:/a:cisco:unified_communications_manager:::: |
Related
prion
prion
Cross site request forgery (csrf)
2013-06-26 21:55:00
nvd
nvd
CVE-2013-3397
2013-06-26 21:55:04
cisco
cisco
Cisco Unified Communications Manager Unified Serviceability CSRF Vulnerability
2013-06-26 19:56:06
cvelist
cvelist
CVE-2013-3397
2022-10-03 16:14:46
CVSS2
6.8
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
AI Score
7.5
Confidence
Low
EPSS
0.001
Percentile
35.9%
Related for CVE-2013-3397