CVE-2018-0146 - AskarLabs CVE Database

CVE-2018-0146

Vendor N/A

Product Cisco Data Center Analytics Framework

Weakness CWE-352 · CSRF

Published February 22, 2018

Last update December 2, 2024

View on NVD All CVEs

CVSS base score

—

What the vulnerability does

01Description

A vulnerability in the Cisco Data Center Analytics Framework application could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack on an affected system. The vulnerability is due to improper CSRF protection by the affected application. An attacker could exploit this vulnerability by persuading a user of the affected application to click a malicious link. A successful exploit could allow the attacker to submit arbitrary requests and take unauthorized actions on behalf of the user. Cisco Bug IDs: CSCvg45114.

Key dates

02Disclosure timeline

February 22, 2018 CVE published

December 2, 2024 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2018-0146 CWE — Common Weakness Enumeration https://cwe.mitre.org/data/definitions/352.html

Related vulnerabilities

04Related CVE

CVE-2021-34773 Cisco Unified Communications Products Cross-Site Request Forgery Vulnerability CVE-2025-36411 Multiple vulnerabilities found in IBM ApplinX. CVE-2024-37939 WordPress Patricia Lite theme <= 1.2.3 - Cross Site Request Forgery (CSRF) vulnerability CVE-2024-37490 WordPress Bard theme <= 2.210 - Cross Site Request Forgery (CSRF) vulnerability CVE-2024-11641 VikBooking Hotel Booking Engine & PMS <= 1.7.2 - Cross-Site Request Forgery to Authenticated (Subscriber+) Arbitrary File Upload