Cisco Data Center Analytics Framework Cross-Site Request Forgery Vulnerability

2018-02-21T16:00:00
ID CISCO-SA-20180221-DCAF1
Type cisco
Reporter Cisco
Modified 2018-02-20T16:47:33

Description

A vulnerability in the Cisco Data Center Analytics Framework application could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack on an affected system.

The vulnerability is due to improper CSRF protection by the affected application. An attacker could exploit this vulnerability by persuading a user of the affected application to click a malicious link. A successful exploit could allow the attacker to submit arbitrary requests and take unauthorized actions on behalf of the user.

There are no workarounds that address this vulnerability.

This advisory is available at the following link: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180221-dcaf1 ["https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180221-dcaf1"]