Vulnerability Details CVE-2014-7996
Cross-site request forgery (CSRF) vulnerability in the web framework in Cisco Integrated Management Controller in Cisco Unified Computing System allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCuq45477.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 39.3%
CVSS Severity
CVSS v2 Score 6.8
References
- http://secunia.com/advisories/62565
- http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-7996
- http://tools.cisco.com/security/center/viewAlert.x?alertId=36456
- http://www.securityfocus.com/bid/71171
- https://exchange.xforce.ibmcloud.com/vulnerabilities/98769
- http://secunia.com/advisories/62565
- http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-7996
- http://tools.cisco.com/security/center/viewAlert.x?alertId=36456
- http://www.securityfocus.com/bid/71171
- https://exchange.xforce.ibmcloud.com/vulnerabilities/98769
Products affected by CVE-2014-7996
-
cpe:2.3:h:cisco:unified_computing_system:-