Cisco Data Center Analytics Framework CVE-2018-0146 Cross Site Request Forgery Vulnerability

Cisco Data Center Analytics Framework is prone to a cross-site request-forgery vulnerability because it fails to properly validate HTTP requests.

Exploiting this issue may allow a remote attacker to perform certain unauthorized actions and gain access to the affected application. Other attacks are also possible.

This issue is being tracked by Cisco Bug ID CSCvg45114.

Information

Bugtraq ID: 103122
Class: Design Error
CVE: CVE-2018-0146

Remote: Yes
Local: No
Published: Feb 21 2018 12:00AM
Updated: Feb 21 2018 12:00AM
Credit: Cisco
Vulnerable: Cisco Data Center Analytics Framework (DCAF) 0

Not Vulnerable:

Exploit

To exploit this issue an attacker must entice an unsuspecting victim to open a malicious URI.

References:

Cisco Homepage (Cisco )
cisco-sa-20180221-dcaf1: Cisco Data Center Analytics Framework Cross-Site Reques (Cisco)

Source: www.securityfocus.com

Exploit Collector

Search Exploit