Lucene search

CiscoCVE-2015-4254

HistoryJul 10, 2015 - 5:59 p.m.

CVE-2015-4254

2015-07-1017:59:02

CWE-352

cisco

web.nvd.nist.gov

cve-2015-4254

csrf

vulnerability

cisco

telepresence

advanced media gateway

nvd

cisco bug id cscuu90732

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

AI Score

7.6

Confidence

Low

EPSS

0.001

Percentile

44.2%

JSON

Cross-site request forgery (CSRF) vulnerability on Cisco TelePresence Advanced Media Gateway devices with software 1.1(1.40) allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCuu90732.

Affected configurations

Nvd

Node

ciscotelepresence_advanced_media_gatewayMatch1.1\(1.40\)

VendorProductVersionCPE
ciscotelepresence_advanced_media_gateway1.1(1.40)cpe:2.3:a:cisco:telepresence_advanced_media_gateway:1.1\(1.40\):*:*:*:*:*:*:*

Vendor	Product	Version	CPE
cisco	telepresence_advanced_media_gateway	1.1(1.40)	cpe:2.3:a:cisco:telepresence_advanced_media_gateway:1.1\(1.40\):::::::*

References

tools.cisco.com/security/center/viewAlert.x?alertId=39797

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

AI Score

7.6

Confidence

Low

EPSS

0.001

Percentile

44.2%

JSON

Related for CVE-2015-4254