Vulnerability Description
Cross-site request forgery (CSRF) vulnerability on Cisco TelePresence MCU 4500 devices with software 4.5(1.55) allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCuu90710.
CVSS Score
6.8
MEDIUM
AV:N/AC:M/Au:N/C:P/I:P/A:P
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Cisco | Telepresence Mcu Software | 4.5\(1.55\) |
Related Weaknesses (CWE)
References
- http://tools.cisco.com/security/center/viewAlert.x?alertId=39801Vendor Advisory
- http://www.securitytracker.com/id/1032838Third Party AdvisoryVDB Entry
- http://tools.cisco.com/security/center/viewAlert.x?alertId=39801Vendor Advisory
- http://www.securitytracker.com/id/1032838Third Party AdvisoryVDB Entry
FAQ
What is CVE-2015-4257?
CVE-2015-4257 is a vulnerability with a CVSS score of 6.8 (MEDIUM). Cross-site request forgery (CSRF) vulnerability on Cisco TelePresence MCU 4500 devices with software 4.5(1.55) allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCuu...
How severe is CVE-2015-4257?
CVE-2015-4257 has been rated MEDIUM with a CVSS base score of 6.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2015-4257?
Check the references section above for vendor advisories and patch information. Affected products include: Cisco Telepresence Mcu Software.