2 matches found
CVE-2014-2115
Multiple cross-site request forgery CSRF vulnerabilities in CERUserServlet pages in Cisco Emergency Responder ER 8.6 and earlier allow remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCun24250...
CVE-2014-2115
CVE-2014-2115 affects Cisco Emergency Responder (ER) CERUserServlet pages in ER 8.6 and earlier. The root cause is insufficient CSRF protections, enabling unauthenticated, remote attackers to abuse an authenticated user’s session to perform unauthorized actions. Impact is session hijacking via CS...