CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-3124

A vulnerability in the web-based interface of Cisco Hosted Collaboration Mediation Fulfillment (HCM-F) could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack on an affected system. The vulnerability is due to insufficient CSRF protections by the affected software. An attacker could exploit this vulnerability by persuading a targeted user to click a malicious link. A successful exploit could allow the attacker to send arbitrary requests that could change the password of a targeted user. An attacker could then take unauthorized actions on behalf of the targeted user.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 40.7%

CVSS Severity

CVSS v3 Score 6.5

CVSS v2 Score 4.3

References

Products affected by CVE-2020-3124

Cisco » Hosted Collaboration Mediation Fulfillment » Version: N/A

cpe:2.3:a:cisco:hosted_collaboration_mediation_fulfillment:-
Cisco » Hosted Collaboration Mediation Fulfillment » Version: 10.0(1)

cpe:2.3:a:cisco:hosted_collaboration_mediation_fulfillment:10.0(1)
Cisco » Hosted Collaboration Mediation Fulfillment » Version: 10.1(1)

cpe:2.3:a:cisco:hosted_collaboration_mediation_fulfillment:10.1(1)
Cisco » Hosted Collaboration Mediation Fulfillment » Version: 10.1(2)

cpe:2.3:a:cisco:hosted_collaboration_mediation_fulfillment:10.1(2)
Cisco » Hosted Collaboration Mediation Fulfillment » Version: 10.6(1)

cpe:2.3:a:cisco:hosted_collaboration_mediation_fulfillment:10.6(1)
Cisco » Hosted Collaboration Mediation Fulfillment » Version: 10.6(1).0

cpe:2.3:a:cisco:hosted_collaboration_mediation_fulfillment:10.6(1).0
Cisco » Hosted Collaboration Mediation Fulfillment » Version: 10.6(1)_base

cpe:2.3:a:cisco:hosted_collaboration_mediation_fulfillment:10.6(1)_base
Cisco » Hosted Collaboration Mediation Fulfillment » Version: 10.6(2).0

cpe:2.3:a:cisco:hosted_collaboration_mediation_fulfillment:10.6(2).0
Cisco » Hosted Collaboration Mediation Fulfillment » Version: 10.6(2)_base

cpe:2.3:a:cisco:hosted_collaboration_mediation_fulfillment:10.6(2)_base
Cisco » Hosted Collaboration Mediation Fulfillment » Version: 10.6(3).0

cpe:2.3:a:cisco:hosted_collaboration_mediation_fulfillment:10.6(3).0
Cisco » Hosted Collaboration Mediation Fulfillment » Version: 10.6(3)_base

cpe:2.3:a:cisco:hosted_collaboration_mediation_fulfillment:10.6(3)_base
Cisco » Hosted Collaboration Mediation Fulfillment » Version: 11.5

cpe:2.3:a:cisco:hosted_collaboration_mediation_fulfillment:11.5
Cisco » Hosted Collaboration Mediation Fulfillment » Version: 11.5(1).0

cpe:2.3:a:cisco:hosted_collaboration_mediation_fulfillment:11.5(1).0
Cisco » Hosted Collaboration Mediation Fulfillment » Version: 11.5(2)

cpe:2.3:a:cisco:hosted_collaboration_mediation_fulfillment:11.5(2)
Cisco » Hosted Collaboration Mediation Fulfillment » Version: 11.5(3)

cpe:2.3:a:cisco:hosted_collaboration_mediation_fulfillment:11.5(3)
Cisco » Hosted Collaboration Mediation Fulfillment » Version: 12.5

cpe:2.3:a:cisco:hosted_collaboration_mediation_fulfillment:12.5

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-3124

Products

Pricing

Contact Us