Vulnerability Description
Cross-site request forgery (CSRF) vulnerability in the Dashboard page in the monitoring-and-report section in Cisco Secure Access Control Server Solution Engine before 5.5(0.46.5) allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCuj62924.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Cisco | Secure Access Control Server Solution Engine | 5.4.0.46.6 |
Related Weaknesses (CWE)
References
- http://tools.cisco.com/security/center/viewAlert.x?alertId=38403Vendor Advisory
- http://www.securitytracker.com/id/1032163Third Party AdvisoryVDB Entry
- http://tools.cisco.com/security/center/viewAlert.x?alertId=38403Vendor Advisory
- http://www.securitytracker.com/id/1032163Third Party AdvisoryVDB Entry
FAQ
What is CVE-2015-0700?
CVE-2015-0700 is a vulnerability with a CVSS score of 6.8 (MEDIUM). Cross-site request forgery (CSRF) vulnerability in the Dashboard page in the monitoring-and-report section in Cisco Secure Access Control Server Solution Engine before 5.5(0.46.5) allows remote attack...
How severe is CVE-2015-0700?
CVE-2015-0700 has been rated MEDIUM with a CVSS base score of 6.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2015-0700?
Check the references section above for vendor advisories and patch information. Affected products include: Cisco Secure Access Control Server Solution Engine.