Lucene search
CiscoCVE-2013-3424HistoryJul 12, 2013 - 9:55 p.m.
CVE-2013-3424
2013-07-1221:55:01
CWE-352
cisco
web.nvd.nist.gov
25
cve-2013-3424
cisco
secure access control system
acs
csrf
vulnerability
nvd
bug id
cscud75177
CVSS2
6.8
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
AI Score
7.3
Confidence
Low
EPSS
0.001
Percentile
38.6%
Cross-site request forgery (CSRF) vulnerability in Administration and View pages in Cisco Secure Access Control System (ACS) allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCud75177.
Affected configurations
Node
ciscosecure_access_control_systemMatch-
| Vendor | Product | Version | CPE |
|---|---|---|---|
| cisco | secure_access_control_system | - | cpe:/a:cisco:secure_access_control_system:-::: |
Related
nvd
nvd
CVE-2013-3424
2013-07-12 21:55:01
cvelist
cvelist
CVE-2013-3424
2013-07-12 21:00:00
prion
prion
Cross site request forgery (csrf)
2013-07-12 21:55:00
cisco
cisco
nessus
nessus
Cisco Secure Access Control System (ACS) Multiple Vulnerabilities
2013-09-12 00:00:00
CVSS2
6.8
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
AI Score
7.3
Confidence
Low
EPSS
0.001
Percentile
38.6%
Related for CVE-2013-3424