Lucene search

[email protected]CVE-2013-5471

HistorySep 05, 2013 - 3:27 a.m.

CVE-2013-5471

2013-09-0503:27:32

CWE-352

[email protected]

web.nvd.nist.gov

cisco

gss

csrf

vulnerability

web framework

authentication hijacking

nvd

cve-2013-5471

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

7.4 High

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

52.3%

JSON

Cross-site request forgery (CSRF) vulnerability in the web framework in Cisco Global Site Selector (GSS) allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCuh42164.

Affected configurations

NVD

Node

ciscoglobal_site_selectorMatch-

CPENameOperatorVersion
cisco:global_site_selectorcisco global site selectoreq-

CPE	Name	Operator	Version
cisco:global_site_selector	cisco global site selector	eq	-

References

osvdb.org/96823

tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-5471

www.securityfocus.com/bid/62166

www.securitytracker.com/id/1028985

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

7.4 High

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

52.3%

JSON

Related for CVE-2013-5471

cvelist1 nvd1 cisco1 prion1