CVE Daily

CVE-2014-7996

Cross-site request forgery (CSRF) vulnerability in the web framework in Cisco In...

Medium CVSS 6.8

Overview

Cross-site request forgery (CSRF) vulnerability in the web framework in Cisco Integrated Management Controller in Cisco Unified Computing System allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCuq45477.

CWE: CWE-352 Published: 2014-11-18T23:59:04.567
Risk analysis

This vulnerability is rated 🟡 MEDIUM.

  • CVSS: 6.8 (MEDIUM)
  • Detected tags: none (tag impact: LOW)

Recommended actions:

  • Prioritize remediation based on business criticality and exposure.
  • Limit exposure and increase monitoring until fixed.

Recommended tools

Tags