CVE-2015-0700
Cisco Secure Access Control Server Solution Engine - Cross-Site Request Forgery in Dashboard Page
Title source: llmDescription
Cross-site request forgery (CSRF) vulnerability in the Dashboard page in the monitoring-and-report section in Cisco Secure Access Control Server Solution Engine before 5.5(0.46.5) allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCuj62924.
References (2)
Core 2
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id/1032163
Vendor Advisory vendor-advisory
x_refsource_cisco
http://tools.cisco.com/security/center/viewAlert.x?alertId=38403
Scores
EPSS
0.0145
EPSS Percentile
70.1%
Details
CWE
CWE-352
Status
published
Products (3)
cisco/secure_access_control_server_solution_engine
5.4.0.46.6
cisco/secure_access_control_server_solution_engine
5.5.0.36
cisco/secure_access_control_server_solution_engine
5.5.0.46.4
Published
Apr 17, 2015
Tracked Since
Feb 18, 2026