A vulnerability in the web-based management interface of Cisco Mobility Express Software could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack on an affected system. The vulnerability is due to insufficient CSRF protections for the web-based management interface on an affected device. An attacker could exploit this vulnerability by persuading a user with an active session on an affected device to follow a malicious link. A successful exploit could allow the attacker to perform arbitrary actions, including modifying the configuration, with the privilege level of the user.
Metrics
Affected Vendors & Products
References
History
Fri, 15 Nov 2024 18:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|

Status: PUBLISHED
Assigner: cisco
Published:
Updated: 2024-11-15T17:28:53.825Z
Reserved: 2019-12-12T00:00:00
Link: CVE-2020-3261

Updated: 2024-08-04T07:30:57.614Z

Status : Modified
Published: 2020-04-15T21:15:36.060
Modified: 2024-11-21T05:30:40.760
Link: CVE-2020-3261

No data.

No data.