CVE-2017-6756

CVE-2017-6756

Vendor N/A
Product Cisco Prime Collaboration Provisioning Tool
Weakness CWE-352 · CSRF
Published August 7, 2017
Last update August 5, 2024
View on NVD All CVEs

CVSS base score

What the vulnerability does

01Description

A vulnerability in the Web UI Application of the Cisco Prime Collaboration Provisioning Tool through 12.2 could allow an unauthenticated, remote attacker to execute unwanted actions. The vulnerability is due to a lack of defense against cross-site request forgery (CSRF) attacks. An attacker could exploit this vulnerability by forcing the user's browser to perform any action authorized for that user. Cisco Bug IDs: CSCvc90280.

Key dates

02Disclosure timeline

August 7, 2017 CVE published
August 5, 2024 Record updated

Related vulnerabilities

04Related CVE

CVE-2024-25932 WordPress Change Table Prefix plugin <= 2.0 - Cross Site Request Forgery (CSRF) vulnerability CVE-2020-36669 JetBackup – WP Backup, Migrate & Restore <= 1.3.9 - Cross-Site Request Forgery to Arbitrary File Upload CVE-2022-47136 WordPress Ninja Tables Plugin <= 4.3.4 is vulnerable to Cross Site Request Forgery (CSRF) CVE-2023-2746 Rockwell Automation Enhanced HIM Vulnerable to Cross-Site Request Forgery Attack CVE-2022-29413 WordPress Hermit 音乐播放器 plugin <= 3.1.6 - Cross-Site Request Forgery (CSRF) leading to Stored Cross-Site Scripting (XSS) vulnerability