Test Kennung:	1.3.6.1.4.1.25623.1.0.106859
Kategorie:	CISCO
Titel:	Cisco Prime Collaboration Assurance Cross-Site Request Forgery Vulnerability
Zusammenfassung:	A vulnerability in the web-based management interface of Cisco Prime;Collaboration Assurance could allow an unauthenticated, remote attacker to conduct a cross-site request forgery;(CSRF) attack and perform arbitrary actions on an affected device.
Beschreibung:	Summary: A vulnerability in the web-based management interface of Cisco Prime Collaboration Assurance could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack and perform arbitrary actions on an affected device. Vulnerability Insight: The vulnerability is due to insufficient CSRF protections for the web-based management interface of an affected device. An attacker could exploit this vulnerability by persuading a user of the interface to follow a crafted link. Vulnerability Impact: A successful exploit could allow the attacker to perform arbitrary actions on a targeted device via a web browser and with the privileges of the user. Solution: See the referenced vendor advisory for a solution. CVSS Score: 6.8 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2017-6659 BugTraq ID: 98970 http://www.securityfocus.com/bid/98970 http://www.securitytracker.com/id/1038633
Copyright	Copyright (C) 2017 Greenbone AG

Dies ist nur einer von 146377 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.