A Read-Only User Effect Change vulnerability in the Policy Builder interface of Cisco Policy Suite could allow an authenticated, remote malicious user to make policy changes in the Policy Builder interface. The vulnerability is due to insufficient authorization controls. An attacker could exploit this vulnerability by accessing the Policy Builder interface and modifying an HTTP request. A successful exploit could allow the malicious user to make changes to existing policies. Cisco Bug IDs: CSCvi35007.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
cisco mobility_services_engine_3365_firmware 18.0.0 |
||
cisco mobility_services_engine_3355_firmware 18.0.0 |
||
cisco mobility_services_engine_3310_firmware 18.0.0 |