CVE-2013-3424

high

Description

Cross-site request forgery (CSRF) vulnerability in Administration and View pages in Cisco Secure Access Control System (ACS) allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCud75177.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/85625

http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-3424

Details

Source: Mitre, NVD

Published: 2013-07-12

Updated: 2017-08-29

Risk Information

CVSS v2

Base Score: 6.8

Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P

Severity: Medium

CVSS v3

Base Score: 8.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Severity: High

Detections

Analytics