A vulnerability in the Web UI Application of the Cisco Prime Collaboration Provisioning Tool up to and including 12.2 could allow an unauthenticated, remote malicious user to execute unwanted actions. The vulnerability is due to a lack of defense against cross-site request forgery (CSRF) attacks. An attacker could exploit this vulnerability by forcing the user's browser to perform any action authorized for that user. Cisco Bug IDs: CSCvc90280.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
cisco prime collaboration provisioning 12.2 |