CVE-2015-0588

CVE

Medium

Cross-site request forgery (CSRF) vulnerability in Cisco Unified Communications Domain Manager (UCDM) 10 allows remote attackers to hijack …

CVSS

6.8

Medium

EPSS

0.01

p65

Published

2015-01-01

Updated

2015-01-01

Description

Cross-site request forgery (CSRF) vulnerability in Cisco Unified Communications Domain Manager (UCDM) 10 allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCuo77055.

Tags · CWE

CWE-352

CAPEC-62

CAPEC-111

CAPEC-462

CAPEC-467

Affected products

Unified_communications_domain_manager

CVSS vector

AV:N/AC:M/Au:N/C:P/I:P/A:P

Timeline

2015-01-01

Published

2015-01-01

Updated

CVSS 3.1 breakdown

Attack Vector

AV: N

Network (N)

Attack Complexity

AC: M

Medium

Authentication

Au: N

None (N)

Confidentiality Impact

C: P

Partial

Integrity Impact

I: P

Partial

Availability Impact

A: P

Partial

Exploit indicators

EPSS

0.013 · p65

Known exploited (KEV)

Known exploits — Сканер-ВС

No Сканер-ВС checks registered for this vulnerability yet.

Affected products

Cisco

Unified Communications Domain Manager

Product	Vendor	Status
unified_communications_domain_manager	*	Tracked

Source databases

CVE