Lucene search
+L

23 matches found

NVD
NVD
added 2024/08/21 8:15 p.m.23 views

CVE-2024-20486

A vulnerability in the web-based management interface of Cisco Identity Services Engine ISE could allow an unauthenticated, remote attacker to conduct a cross-site request forgery CSRF attack and perform arbitrary actions on an affected device. This vulnerability is due to insufficient CSRF...

8.8CVSS0.00266EPSS
Exploits0References1
NVD
NVD
added 2024/04/03 5:15 p.m.25 views

CVE-2024-20368

A vulnerability in the web-based management interface of Cisco Identity Services Engine ISE could allow an unauthenticated, remote attacker to conduct a cross-site request forgery CSRF attack and perform arbitrary actions on an affected device. This vulnerability is due to insufficient CSRF...

8.8CVSS6.7AI score0.00296EPSS
Exploits0References1
Prion
Prion
added 2024/02/07 5:15 p.m.28 views

Cross site request forgery (csrf)

A vulnerability in the SOAP API of Cisco Expressway Series and Cisco TelePresence Video Communication Server could allow an unauthenticated, remote attacker to conduct a cross-site request forgery CSRF attack on an affected system. This vulnerability is due to insufficient CSRF protections for th...

5.8CVSS7.5AI score0.00603EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2024/02/07 4:15 p.m.44 views

CVE-2024-20255

A vulnerability in the SOAP API of Cisco Expressway Series and Cisco TelePresence Video Communication Server could allow an unauthenticated, remote attacker to conduct a cross-site request forgery CSRF attack on an affected system. This vulnerability is due to insufficient CSRF protections for th...

8.2CVSS8.5AI score0.00603EPSS
Exploits0References1
NVD
NVD
added 2023/03/23 5:15 p.m.26 views

CVE-2023-20113

A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an unauthenticated, remote attacker to conduct a cross-site request forgery CSRF attack on an affected system. This vulnerability is due to insufficient CSRF protections for the web-based management...

8.1CVSS7.3AI score0.00261EPSS
Exploits0References1
Cisco
Cisco
added 2022/11/02 4:0 p.m.38 views

Cisco Identity Services Engine Cross-Site Request Forgery Vulnerability

A vulnerability in the web-based management interface of Cisco Identity Services Engine ISE could allow an unauthenticated, remote attacker to conduct a cross-site request forgery CSRF attack and perform arbitrary actions on an affected device. This vulnerability is due to insufficient CSRF...

8.8CVSS9AI score0.00408EPSS
Exploits0References1
Prion
Prion
added 2022/04/21 7:15 p.m.18 views

Cross site request forgery (csrf)

A vulnerability in the web-based management interface of Cisco Unified Communications Manager Unified CM Software and Cisco Unified CM Session Management Edition SME Software could allow an authenticated, remote attacker to conduct a cross-site request forgery CSRF attack on an affected device...

6CVSS6.9AI score0.00438EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2022/04/15 2:20 p.m.31 views

CVE-2022-20735 Cisco SD-WAN vManage Software Cross-Site Request Forgery Vulnerability

A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an unauthenticated, remote attacker to conduct a cross-site request forgery CSRF attack on an affected system. This vulnerability is due to insufficient CSRF protections for the web-based management...

6.5CVSS7AI score0.00467EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2021/11/04 3:35 p.m.11 views

CVE-2021-34773 Cisco Unified Communications Products Cross-Site Request Forgery Vulnerability

A vulnerability in the web-based management interface of Cisco Unified Communications Manager Unified CM, Cisco Unified Communications Manager Session Management Edition Unified CM SME, and Cisco Unified Communications Manager IM & Presence Service Unified CM IM&P could allow an unauthenticated,...

6.5CVSS7.4AI score0.00486EPSS
Exploits0References1
NVD
NVD
added 2021/02/24 8:15 p.m.13 views

CVE-2021-1227

A vulnerability in the NX-API feature of Cisco NX-OS Software could allow an unauthenticated, remote attacker to conduct a cross-site request forgery CSRF attack on an affected system. This vulnerability is due to insufficient CSRF protections for the NX-API on an affected device. An attacker cou...

8.1CVSS0.00668EPSS
Exploits0References1
NVD
NVD
added 2021/01/20 8:15 p.m.40 views

CVE-2021-1257

A vulnerability in the web-based management interface of Cisco DNA Center Software could allow an unauthenticated, remote attacker to conduct a cross-site request forgery CSRF attack to manipulate an authenticated user into executing malicious actions without their awareness or consent. The...

8.8CVSS7.7AI score0.00836EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2021/01/20 12:0 a.m.4 views

PT-2021-1872 · Cisco · Cisco Dna Center

Name of the Vulnerable Software and Affected Versions: Cisco DNA Center Software affected versions not specified Description: A vulnerability in the web-based management interface could allow an unauthenticated, remote attacker to conduct a cross-site request forgery CSRF attack, manipulating an...

8.8CVSS7.2AI score0.00836EPSS
Exploits0References8
Prion
Prion
added 2020/09/23 1:15 a.m.12 views

Cross site request forgery (csrf)

A vulnerability in the web-based interface of Cisco Hosted Collaboration Mediation Fulfillment HCM-F could allow an unauthenticated, remote attacker to conduct a cross-site request forgery CSRF attack on an affected system. The vulnerability is due to insufficient CSRF protections by the affected...

4.3CVSS6.8AI score0.005EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2020/09/23 12:25 a.m.20 views

CVE-2020-3135 Cisco Unified Communications Manager Cross-Site Request Forgery Vulnerability

A vulnerability in the web-based management interface of Cisco Unified Communications Manager UCM could allow an unauthenticated, remote attacker to conduct a cross-site request forgery CSRF attack on an affected device. The vulnerability is due to insufficient CSRF protections for the web-based...

6.5CVSS9AI score0.00536EPSS
Exploits0References1
Prion
Prion
added 2020/09/16 7:15 p.m.21 views

Cross site request forgery (csrf)

A vulnerability in the web-based management interface of RAD SecFlow-1v os-image SF02902.3.01.26 could allow an unauthenticated, remote attacker to conduct a cross-site request forgery CSRF attack on an affected system. The vulnerability is due to insufficient CSRF protections for the web UI on a...

9.3CVSS7.6AI score0.04663EPSS
Exploits7References2Affected Software1
Vulnrichment
Vulnrichment
added 2020/02/19 7:16 p.m.10 views

CVE-2020-3114 Cisco Data Center Network Manager Cross-Site Request Forgery Vulnerability

A vulnerability in the web-based management interface of Cisco Data Center Network Manager DCNM could allow an unauthenticated, remote attacker to conduct a cross-site request forgery CSRF attack on an affected system. The vulnerability is due to insufficient CSRF protections for the web-based...

8.8CVSS7.4AI score0.00566EPSS
Exploits0References1
Prion
Prion
added 2019/10/02 7:15 p.m.21 views

Cross site request forgery (csrf)

A vulnerability in the web-based interface of Cisco Unified Communications Manager, Cisco Unified Communications Manager Session Management Edition SME, Cisco Unified Communications Manager IM and Presence Unified CM IM&P Service, and Cisco Unity Connection could allow an unauthenticated, remote...

4.3CVSS6.8AI score0.00671EPSS
Exploits0References1Affected Software3
Cvelist
Cvelist
added 2019/08/21 6:5 p.m.33 views

CVE-2019-12624 Cisco IOS XE NGWC Legacy Wireless Device Manager GUI Cross-Site Request Forgery Vulnerability

A vulnerability in the web-based management interface of Cisco IOS XE New Generation Wireless Controller NGWC could allow an unauthenticated, remote attacker to conduct a cross-site request forgery CSRF attack and perform arbitrary actions on an affected device. The vulnerability is due to...

8.8CVSS8.9AI score0.18706EPSS
Exploits2References1
NVD
NVD
added 2019/03/22 8:29 p.m.20 views

CVE-2019-1764

A vulnerability in the web-based management interface of Session Initiation Protocol SIP Software for Cisco IP Phone 8800 Series could allow an unauthenticated, remote attacker to conduct a cross-site request forgery CSRF attack. The vulnerability is due to insufficient CSRF protections for the...

8.8CVSS8.5AI score0.00698EPSS
Exploits0References1
Cvelist
Cvelist
added 2018/08/01 8:0 p.m.21 views

CVE-2018-0413

A vulnerability in the web-based management interface of Cisco Identity Services Engine ISE could allow an unauthenticated, remote attacker to conduct a cross-site request forgery CSRF attack and perform arbitrary actions on an affected device. The vulnerability is due to insufficient CSRF...

8.8AI score0.01231EPSS
Exploits0References3
Rows per page
Query Builder