Lucene search
HistoryMay 02, 2012 - 10:09 a.m.
CVE-2011-3293
CVSS2
6.8
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
AI Score
6.5
Confidence
High
EPSS
0.001
Percentile
49.1%
Multiple cross-site request forgery (CSRF) vulnerabilities in the Solution Engine in Cisco Secure Access Control Server (ACS) 5.2 allow remote attackers to hijack the authentication of administrators for requests that insert cross-site scripting (XSS) sequences, aka Bug ID CSCtr78143.
Affected configurations
Node
ciscosecure_access_control_serverMatch5.2
| Vendor | Product | Version | CPE |
|---|---|---|---|
| cisco | secure_access_control_server | 5.2 | cpe:2.3:h:cisco:secure_access_control_server:5.2:*:*:*:*:*:*:* |
Related
ptsecurity
ptsecurity
prion
prion
Cross site request forgery (csrf)
2012-05-02 10:09:00
cve
cve
CVE-2011-3293
2012-05-02 10:09:21
cvelist
cvelist
CVE-2011-3293
2012-05-02 10:00:00
CVSS2
6.8
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
AI Score
6.5
Confidence
High
EPSS
0.001
Percentile
49.1%
Related for NVD:CVE-2011-3293