| |
Vulnerability CVE-2013-3451
Published: 2013-08-05
Description: |
Multiple cross-site request forgery (CSRF) vulnerabilities in Cisco Unified Communications Manager (Unified CM) allow remote attackers to hijack the authentication of arbitrary users for requests that perform arbitrary Unified CM operations, aka Bug ID CSCui13033. |
See advisories in our WLB2 database: | Topic | Author | Date |
High |
| SEC | 10.05.2013 |
Type:
CWE-264 (Permissions, Privileges, and Access Controls)
CVSS2 => (AV:N/AC:M/Au:N/C:P/I:P/A:P)
CVSS Base Score |
Impact Subscore |
Exploitability Subscore |
6.8/10 |
6.4/10 |
8.6/10 |
Exploit range |
Attack complexity |
Authentication |
Remote |
Medium |
No required |
Confidentiality impact |
Integrity impact |
Availability impact |
Partial |
Partial |
Partial |
References: |
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-3451
|
|
|
closedb();
?>
Copyright 2024, cxsecurity.com
|
|
|