A vulnerability in the administrative interface of Cisco Context Directory Agent (CDA) could allow an authenticated, remote malicious user to perform administrative actions. The vulnerability is due to insufficient authorization enforcement. An attacker could exploit this vulnerability by accessing an active session. An exploit could allow the malicious user to perform administrative actions. Cisco has confirmed the vulnerability in a security notice; however, software updates are not available. To exploit this vulnerability, an attacker must authenticate to a targeted device. This access requirement reduces the likelihood of a successful exploit.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
cisco context directory agent - |