2 matches found
CVE-2016-1470
Cross-site request forgery CSRF vulnerability in the web-based management interface on Cisco Small Business 220 devices with firmware before 1.0.1.1 allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCuz76230...
CVE-2016-1470
CVE-2016-1470 describes a cross-site request forgery (CSRF) in the web-based management interface of Cisco Small Business 220 Series Smart Plus Switches. Affected devices run firmware prior to 1.0.1.1. The root cause is insufficient CSRF protections, allowing an unauthenticated or remote attacker...