CVE-2014-7996

Sažetak

Cross-site request forgery (CSRF) vulnerability in the web framework in Cisco Integrated Management Controller in Cisco Unified Computing System allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCuq45477.

Reference

http://secunia.com/advisories/62565
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-7996
http://tools.cisco.com/security/center/viewAlert.x?alertId=36456
http://www.securityfocus.com/bid/71171
https://exchange.xforce.ibmcloud.com/vulnerabilities/98769

CVSS

Base:	6.8
Impact:	6.4
Exploitability:	8.6

Pristup

Vektor	Složenost	Autentikacija
NETWORK	MEDIUM	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	PARTIAL	PARTIAL

CVSS vektor

AV:N/AC:M/Au:N/C:P/I:P/A:P

Zadnje važnije ažuriranje

08-09-2017 - 01:29

Objavljeno

18-11-2014 - 23:59