CVE-2017-6659: CSRF
First published: Tue Jun 13 2017(Updated: )
A vulnerability in the web-based management interface of Cisco Prime Collaboration Assurance could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack and perform arbitrary actions on an affected device. More Information: CSCvc91800. Known Affected Releases: 11.5(0) 11.6.
Credit: ykramarz@cisco.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Cisco Prime Collaboration Assurance | =11.5\(0\) | |
| Cisco Prime Collaboration Assurance | =11.6 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2017-6659?
CVE-2017-6659 is classified as a high severity vulnerability due to its potential for unauthorized actions on affected devices.
How do I fix CVE-2017-6659?
To remediate CVE-2017-6659, it is recommended to apply the security updates provided by Cisco for Prime Collaboration Assurance.
Which versions of Cisco Prime Collaboration Assurance are affected by CVE-2017-6659?
CVE-2017-6659 affects Cisco Prime Collaboration Assurance versions 11.5(0) and 11.6.
What type of attack is possible due to CVE-2017-6659?
CVE-2017-6659 allows for cross-site request forgery (CSRF) attacks, enabling unauthorized actions by attackers.
Can an unauthenticated attacker exploit CVE-2017-6659?
Yes, CVE-2017-6659 can be exploited by an unauthenticated, remote attacker.
- collector/nvd-index
- agent/severity
- agent/references
- agent/tags
- agent/event
- agent/weakness
- agent/author
- agent/type
- agent/description
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- vendor/cisco
- canonical/cisco prime collaboration assurance
- version/cisco prime collaboration assurance/11.5\(0\)
- version/cisco prime collaboration assurance/11.6