Lucene search
CiscoCVE-2013-3472HistoryAug 29, 2013 - 12:07 p.m.
CVE-2013-3472
2013-08-2912:07:54
CWE-352
cisco
web.nvd.nist.gov
28
cve-2013-3472
csrf
elm
cisco unified communications manager
bug id cscui58210
CVSS2
6.8
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
AI Score
7.4
Confidence
Low
EPSS
0.001
Percentile
38.6%
Cross-site request forgery (CSRF) vulnerability in the Enterprise License Manager (ELM) in Cisco Unified Communications Manager (CM) allows remote attackers to hijack the authentication of arbitrary users for requests that make ELM modifications, aka Bug ID CSCui58210.
Affected configurations
Node
ciscounified_communications_manager
| Vendor | Product | Version | CPE |
|---|---|---|---|
| cisco | unified_communications_manager | * | cpe:2.3:a:cisco:unified_communications_manager:*:*:*:*:*:*:*:* |
Related
cvelist
cvelist
CVE-2013-3472
2013-08-29 10:00:00
nvd
nvd
CVE-2013-3472
2013-08-29 12:07:54
prion
prion
Cross site request forgery (csrf)
2013-08-29 12:07:00
CVSS2
6.8
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
AI Score
7.4
Confidence
Low
EPSS
0.001
Percentile
38.6%
Related for CVE-2013-3472