CVE-2011-3293

Cisco Secure Access Control Server - Cross-Site Request Forgery

Title source: llm
STIX 2.1

Description

Multiple cross-site request forgery (CSRF) vulnerabilities in the Solution Engine in Cisco Secure Access Control Server (ACS) 5.2 allow remote attackers to hijack the authentication of administrators for requests that insert cross-site scripting (XSS) sequences, aka Bug ID CSCtr78143.

References (3)

Core 3
Core References
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/49101
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/53436

Scores

EPSS 0.0113
EPSS Percentile 62.5%

Details

CWE
CWE-352
Status published
Products (1)
cisco/secure_access_control_server 5.2
Published May 02, 2012
Tracked Since Feb 18, 2026