CVE-2014-2115

Cisco Emergency Responder < 8.6 - Cross-Site Request Forgery in CERUserServlet Pages

Title source: llm
STIX 2.1

Description

Multiple cross-site request forgery (CSRF) vulnerabilities in CERUserServlet pages in Cisco Emergency Responder (ER) 8.6 and earlier allow remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCun24250.

References (4)

Core 4
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://www.securitytracker.com/id/1030019
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/66631

Scores

EPSS 0.0065
EPSS Percentile 46.7%

Details

CWE
CWE-352
Status published
Products (1)
cisco/emergency_responder < 8.6
Published Apr 04, 2014
Tracked Since Feb 18, 2026