Lucene search
PRIOn knowledge basePRION:CVE-2019-12624HistoryAug 21, 2019 - 7:15 p.m.
Cross site request forgery (csrf)
2019-08-2119:15:00
PRIOn knowledge base
www.prio-n.com
4
A vulnerability in the web-based management interface of Cisco IOS XE New Generation Wireless Controller (NGWC) could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack and perform arbitrary actions on an affected device. The vulnerability is due to insufficient CSRF protections for the web-based management interface of the affected software. An attacker could exploit this vulnerability by persuading a user of the interface to follow a crafted link. A successful exploit could allow the attacker to perform arbitrary actions on an affected device by using a web browser and with the privileges of the user.
| CPE | Name | Operator | Version |
|---|---|---|---|
| ios_xe | eq | >= 3.0.xe AND <= 3.11.xe |
Related
cve
cve
CVE-2019-12624
2019-08-21 19:15:13
exploitpack
exploitpack
Cisco Wireless Controller 3.6.10E - Cross-Site Request Forgery
2019-07-24 00:00:00
nvd
nvd
CVE-2019-12624
2019-08-21 19:15:13
nessus
nessus
cvelist
cvelist
cisco
cisco
exploitdb
exploitdb
Cisco Wireless Controller 3.6.10E - Cross-Site Request Forgery
2019-07-24 00:00:00