Cisco IOS XE NGWC Legacy Wireless Device Manager GUI CSRF Vulnerability (cisco-sa-20190821-iosxe-ngwc-csrf)

According to its self-reported version, Cisco IOS XE Software is affected by a vulnerability in the web-based management interface of Cisco IOS XE New Generation Wireless Controller NGWC which allow an unauthenticated, remote attacker to conduct a cross-site request forgery CSRF attack and perfor...

Cisco IOS XE Software, Catalyst, and NGWC GUI Privilege Escalation (cisco-sa-20170927-ngwc)

According to its self-reported version, Cisco IOS XE Software is affected by a privilege escalation vulnerability in the web-based Wireless Controller GUI for Cisco 5760 Wireless LAN Controllers, Cisco Catalyst 4500E Supervisor Engine 8-E Wireless Switches, and Cisco New Generation Wireless...

Cross site request forgery (csrf)

A vulnerability in the web-based management interface of Cisco IOS XE New Generation Wireless Controller NGWC could allow an unauthenticated, remote attacker to conduct a cross-site request forgery CSRF attack and perform arbitrary actions on an affected device. The vulnerability is due to...

CVE-2019-12624 Cisco IOS XE NGWC Legacy Wireless Device Manager GUI Cross-Site Request Forgery Vulnerability

A vulnerability in the web-based management interface of Cisco IOS XE New Generation Wireless Controller NGWC could allow an unauthenticated, remote attacker to conduct a cross-site request forgery CSRF attack and perform arbitrary actions on an affected device. The vulnerability is due to...

CVE-2019-12624

CVE-2019-12624 affects Cisco IOS XE NGWC (Legacy Wireless Device Manager GUI). The web-based management interface lacks CSRF protections, enabling an unauthenticated, remote attacker to coerce actions in a victim’s browser with the user’s privileges via a crafted link. Documented impact is arbitr...

CVE-2019-12624 Cisco IOS XE NGWC Legacy Wireless Device Manager GUI Cross-Site Request Forgery Vulnerability

A vulnerability in the web-based management interface of Cisco IOS XE New Generation Wireless Controller NGWC could allow an unauthenticated, remote attacker to conduct a cross-site request forgery CSRF attack and perform arbitrary actions on an affected device. The vulnerability is due to...

Input validation

A vulnerability in the web-based Wireless Controller GUI of Cisco IOS XE Software for Cisco 5760 Wireless LAN Controllers, Cisco Catalyst 4500E Supervisor Engine 8-E Wireless Switches, and Cisco New Generation Wireless Controllers NGWC 3850 could allow an authenticated, remote attacker to elevate...

Cisco IOS XE Software for Cisco 5760 WLC, Cisco Catalyst 4500E Supervisor Engine 8-E, and Cisco NGWC 3850 GUI Privilege Escalation Vulnerability

A vulnerability in the web-based Wireless Controller GUI of Cisco IOS XE Software for Cisco 5760 Wireless LAN Controllers, Cisco Catalyst 4500E Supervisor Engine 8-E Wireless Switches, and Cisco New Generation Wireless Controllers NGWC 3850 could allow an authenticated, remote attacker to elevate...