Wednesday, August 2, 2017

Cisco Prime Collaboration Provisioning Tool Pervasive Cross-Site Request Forgery Vulnerability

A vulnerability in the Web UI Application of the Cisco Prime Collaboration Provisioning Tool could allow an unauthenticated, remote attacker to execute unwanted actions.

The vulnerability is due to a lack of defense against cross-site request forgery (CSRF) attacks. An attacker could exploit this vulnerability by forcing the user’s browser to perform any action authorized for that user.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
http://ift.tt/2wlOBzf A vulnerability in the Web UI Application of the Cisco Prime Collaboration Provisioning Tool could allow an unauthenticated, remote attacker to execute unwanted actions.

The vulnerability is due to a lack of defense against cross-site request forgery (CSRF) attacks. An attacker could exploit this vulnerability by forcing the user’s browser to perform any action authorized for that user.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
http://ift.tt/2wlOBzf
Security Impact Rating: Medium
CVE: CVE-2017-6756

from Cisco Security Advisory http://ift.tt/2wlOBzf
Posted by at

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.

Subscribe to: Post Comments (Atom)