A vulnerability in the web-based management interface of Cisco UCS Director Software and Cisco Integrated Management Controller (IMC) Supervisor Software could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack and perform arbitrary actions on an affected system. The vulnerability is due to insufficient CSRF protection by the web-based management interface of the affected software. An attacker could exploit this vulnerability by persuading a user of the affected interface to click a malicious link. A successful exploit could allow the attacker to perform arbitrary actions, via the user's web browser and with the user's privileges, on an affected system. Cisco Bug IDs: CSCvf71929.
Metrics
Affected Vendors & Products
References
History
Mon, 02 Dec 2024 21:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
MITRE
Status: PUBLISHED
Assigner: cisco
Published: 2018-02-22T00:00:00
Updated: 2024-12-02T21:05:00.929Z
Reserved: 2017-11-27T00:00:00
Link: CVE-2018-0148
Vulnrichment
Updated: 2024-08-05T03:14:16.921Z
NVD
Status : Modified
Published: 2018-02-22T00:29:00.533
Modified: 2024-11-21T03:37:36.690
Link: CVE-2018-0148
Redhat
No data.