Lucene search
HistoryMay 26, 2014 - 12:25 a.m.
CVE-2014-3267
cisco
security manager
csrf
vulnerability
cve-2014-3267
nvd
bug id cscuo46427
6.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
7.5 High
AI Score
Confidence
Low
0.001 Low
EPSS
Percentile
50.7%
Cross-site request forgery (CSRF) vulnerability in the web framework in Cisco Security Manager 4.6 and earlier allows remote attackers to hijack the authentication of arbitrary users for requests that make unspecified changes, aka Bug ID CSCuo46427.
Affected configurations
Node
ciscosecurity_managerRange≤4.6
ORciscosecurity_managerMatch4.0-
ORciscosecurity_managerMatch4.0sp1
ORciscosecurity_managerMatch4.0.1-
ORciscosecurity_managerMatch4.0.1sp1
ORciscosecurity_managerMatch4.0.1sp2
ORciscosecurity_managerMatch4.1
ORciscosecurity_managerMatch4.1sp1
ORciscosecurity_managerMatch4.1sp2
ORciscosecurity_managerMatch4.2-
ORciscosecurity_managerMatch4.2sp1
ORciscosecurity_managerMatch4.3-
ORciscosecurity_managerMatch4.3sp1
ORciscosecurity_managerMatch4.3sp2
ORciscosecurity_managerMatch4.4-
ORciscosecurity_managerMatch4.4sp1
ORciscosecurity_managerMatch4.4sp2
ORciscosecurity_managerMatch4.5
References
Social References
More
Related
nvd
nvd
CVE-2014-3267
2014-05-26 00:25:31
cisco
cisco
Cisco Security Manager Cross-Site Request Forgery Vulnerability
2014-05-21 20:07:24
prion
prion
Cross site request forgery (csrf)
2014-05-26 00:25:00
cvelist
cvelist
CVE-2014-3267
2014-05-23 22:00:00
6.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
7.5 High
AI Score
Confidence
Low
0.001 Low
EPSS
Percentile
50.7%
Related for CVE-2014-3267