[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

241641

 
 

909

 
 

192372

 
 

277

Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2023-20180Date: (C)2023-07-12   (M)2024-02-16


A vulnerability in the web interface of Cisco Webex Meetings could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack on an affected system. This vulnerability is due to insufficient CSRF protections for the web interface on an affected system. An attacker could exploit this vulnerability by persuading a user of the interface to click a malicious link. A successful exploit could allow the attacker to perform arbitrary actions. These actions could include joining meetings and scheduling training sessions.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V3 Severity:CVSS V2 Severity:
CVSS Score : 4.3CVSS Score :
Exploit Score: 2.8Exploit Score:
Impact Score: 1.4Impact Score:
 
CVSS V3 Metrics:CVSS V2 Metrics:
Attack Vector: NETWORKAccess Vector:
Attack Complexity: LOWAccess Complexity:
Privileges Required: NONEAuthentication:
User Interaction: REQUIREDConfidentiality:
Scope: UNCHANGEDIntegrity:
Confidentiality: NONEAvailability:
Integrity: LOW 
Availability: NONE 
  
Reference:
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sxsscsrf-2L24bBx6

CWE    1
CWE-352

© SecPod Technologies