CVE-2015-0651

Cross-site request forgery (CSRF) vulnerability in the web GUI in Cisco Application Networking Manager (ANM), and Device Manager (DM) on Cisco 4710 Application Control Engine (ACE) appliances, allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCuo99753.
CSRF
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
6.8 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:P/I:P/A:P
ciscoCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 34%
VendorProductVersion
ciscoapplication_networking_manager
-
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2015-0651
http://www.securityfocus.com/bid/72796
http://www.securitytracker.com/id/1031815
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2015-0651
http://www.securityfocus.com/bid/72796
http://www.securitytracker.com/id/1031815