Lucene search
CiscoCVE-2015-4256HistoryJul 10, 2015 - 12:59 a.m.
CVE-2015-4256
2015-07-1000:59:03
CWE-352
cisco
web.nvd.nist.gov
24
cve-2015-4256
csrf
vulnerability
cisco telepresence
ip vcr
remote attackers
authentication
bug id cscuu90736
nvd
CVSS2
6.8
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
AI Score
7.5
Confidence
Low
EPSS
0.001
Percentile
32.7%
Cross-site request forgery (CSRF) vulnerability on Cisco TelePresence IP VCR devices with software 3.0(1.27) allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCuu90736.
Affected configurations
Node
ciscotelepresence_ip_vcr_3.0Match1.27
| Vendor | Product | Version | CPE |
|---|---|---|---|
| cisco | telepresence_ip_vcr_3.0 | 1.27 | cpe:2.3:a:cisco:telepresence_ip_vcr_3.0:1.27:*:*:*:*:*:*:* |
Related
nvd
nvd
CVE-2015-4256
2015-07-10 00:59:03
cvelist
cvelist
CVE-2015-4256
2015-07-10 00:00:00
prion
prion
Cross site request forgery (csrf)
2015-07-10 00:59:00
cisco
cisco
Cisco TelePresence IP VCR Cross-Site Request Forgery Vulnerability
2015-07-09 21:28:08
CVSS2
6.8
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
AI Score
7.5
Confidence
Low
EPSS
0.001
Percentile
32.7%
Related for CVE-2015-4256