Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2025/02/05 5:39 p.m.7 views

CVE-2019-1904

A vulnerability in the web-based UI web UI of Cisco IOS XE Software could allow an unauthenticated, remote attacker to conduct a cross-site request forgery CSRF attack on an affected system. The vulnerability is due to insufficient CSRF protections for the web UI on an affected device. An attacke...

8.8CVSS7.6AI score0.00974EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2019/07/25 12:0 a.m.28 views

Cisco IOS XE Software Web UI Cross-Site Request Forgery Vulnerability

According to its self-reported version, Cisco IOS XE Software is affected by a cross-site request forgery CSRF, which exists in the web UI of the affected device. A remote attacker can exploit this to perform arbitrary actions with the privilege level of the affected user. Please see the included...

8.8CVSS7.9AI score0.00974EPSS
Exploits0References3
CVE
CVE
added 2019/06/21 2:20 a.m.345 views

CVE-2019-1904

CVE-2019-1904 involves Cisco IOS XE Software’s web-based UI CSRF vulnerability. The issue stems from insufficient CSRF protections in the web UI when the HTTP Server feature is enabled, allowing an unauthenticated, remote attacker to coerce a logged-in user into performing arbitrary actions. If t...

8.8CVSS9.1AI score0.00974EPSS
Exploits0References1Affected Software1
ThreatPost
ThreatPost
added 2019/06/13 1:57 p.m.163 views

High-Severity Cisco Flaw in IOS XE Enables Device Takeover

Cisco has patched a high-severity vulnerability in its software for routers and switches, which could enable a remote attacker to reconfigure or execute commands on impacted devices. IOS XE, a Linux-based version of Cisco’s Internetworking Operating System IOS, is software for Cisco routers and...

6.8CVSS1.8AI score0.00974EPSS
Exploits0References6
Rows per page
Query Builder