4 matches found
CVE-2014-2190
Cross-site request forgery CSRF vulnerability in the web framework in Cisco Broadcast Access Center for Telco and Wireless aka BAC-TW allows remote attackers to hijack the authentication of arbitrary users for requests that make BAC-TW changes, aka Bug IDs CSCuo23804 and CSCuo26389...
Cross site request forgery (csrf)
Cross-site request forgery CSRF vulnerability in the web framework in Cisco Broadcast Access Center for Telco and Wireless aka BAC-TW allows remote attackers to hijack the authentication of arbitrary users for requests that make BAC-TW changes, aka Bug IDs CSCuo23804 and CSCuo26389...
CVE-2014-2190
Cross-site request forgery CSRF vulnerability in the web framework in Cisco Broadcast Access Center for Telco and Wireless aka BAC-TW allows remote attackers to hijack the authentication of arbitrary users for requests that make BAC-TW changes, aka Bug IDs CSCuo23804 and CSCuo26389...
CVE-2014-2190
Cisco BAC-TW’s web framework suffers a CSRF vulnerability where an unauthenticated attacker can trick an authenticated user into performing changes on the BAC-TW interface. The issue stems from insufficient CSRF protections, enabling cross-site requests that may modify BAC-TW settings. Cisco’s ad...