First published: Fri Feb 03 2017(Updated: )
A vulnerability in the web framework of Cisco Prime Service Catalog could allow an authenticated, remote attacker to conduct a web URL redirect attack against a user who is logged in to an affected system. More Information: CSCvb21745. Known Affected Releases: 10.0_R2_tanggula.
Credit: ykramarz@cisco.com
Affected Software | Affected Version | How to fix |
---|---|---|
Cisco Prime Service Catalog | =10.0\(r2\)_base |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The severity of CVE-2017-3810 is medium, with a score of 5.4.
To remediate CVE-2017-3810, it is advised to upgrade to a patched version of Cisco Prime Service Catalog.
CVE-2017-3810 allows an authenticated remote attacker to conduct a web URL redirect attack.
Cisco Prime Service Catalog version 10.0\(R2\)_base is known to be affected by CVE-2017-3810.
No, CVE-2017-3810 requires an authenticated user to be exploited.