Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2014-2115

Overview

Vulnerability Score 6.8 6.8
CVE Id CVE-2014-2115
Last Modified 16 Sep 2015 03:14:05
Published 04 Apr 2014 11:10:37
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2014-2115

Summary

Multiple cross-site request forgery (CSRF) vulnerabilities in CERUserServlet pages in Cisco Emergency Responder (ER) 8.6 and earlier allow remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCun24250.

Vulnerable Systems

Application

  • Cisco Emergency Responder 8.6


References

CONFIRM - http://tools.cisco.com/security/center/viewAlert.x?alertId=33643

CISCO - 20140403 Cisco Emergency Responder Cross-Site Request Forgery Vulnerability

SECTRACK - 1030019

BID - 66631


Last Updated: 27 May 2016 11:08:38