Lucene search
CiscoCVE-2013-6976HistoryDec 19, 2013 - 10:55 p.m.
CVE-2013-6976
2013-12-1922:55:04
CWE-352
cisco
web.nvd.nist.gov
21
cisco
epc3925
vulnerability
csrf
goform/quick_setup
remote attackers
authentication
administrators
password hijacking
CVSS2
6.8
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
AI Score
7.6
Confidence
Low
EPSS
0.005
Percentile
75.3%
Cross-site request forgery (CSRF) vulnerability in goform/Quick_setup on Cisco EPC3925 devices allows remote attackers to hijack the authentication of administrators for requests that change a password via the Password and PasswordReEnter parameters, aka Bug ID CSCuh37496.
Affected configurations
Node
ciscoepc3925Match-
Related
cvelist
cvelist
CVE-2013-6976
2013-12-19 22:00:00
exploitdb
exploitdb
Cisco EPC3925 - Persistent Cross-Site Scripting
2013-12-21 00:00:00
Cisco EPC3925 - Cross-Site Request Forgery
2013-12-16 00:00:00
prion
prion
Cross site request forgery (csrf)
2013-12-19 22:55:00
nvd
nvd
CVE-2013-6976
2013-12-19 22:55:04
CVSS2
6.8
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
AI Score
7.6
Confidence
Low
EPSS
0.005
Percentile
75.3%
Related for CVE-2013-6976