ID de Prueba:	1.3.6.1.4.1.25623.1.0.106859
Categoría:	CISCO
Título:	Cisco Prime Collaboration Assurance Cross-Site Request Forgery Vulnerability
Resumen:	A vulnerability in the web-based management interface of Cisco Prime;Collaboration Assurance could allow an unauthenticated, remote attacker to conduct a cross-site request forgery;(CSRF) attack and perform arbitrary actions on an affected device.
Descripción:	Summary: A vulnerability in the web-based management interface of Cisco Prime Collaboration Assurance could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack and perform arbitrary actions on an affected device. Vulnerability Insight: The vulnerability is due to insufficient CSRF protections for the web-based management interface of an affected device. An attacker could exploit this vulnerability by persuading a user of the interface to follow a crafted link. Vulnerability Impact: A successful exploit could allow the attacker to perform arbitrary actions on a targeted device via a web browser and with the privileges of the user. Solution: See the referenced vendor advisory for a solution. CVSS Score: 6.8 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2017-6659 BugTraq ID: 98970 http://www.securityfocus.com/bid/98970 http://www.securitytracker.com/id/1038633
Copyright	Copyright (C) 2017 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.