CSRF Vulnerabilities in Cisco Secure Access Control Server (ACS) 5.2 Allow Authentication Hijacking (Bug ID CSCtr78143)

CSRF Vulnerabilities in Cisco Secure Access Control Server (ACS) 5.2 Allow Authentication Hijacking (Bug ID CSCtr78143)

CVE-2011-3293 · MEDIUM Severity

AV:N/AC:M/AU:N/C:P/I:P/A:P

Multiple cross-site request forgery (CSRF) vulnerabilities in the Solution Engine in Cisco Secure Access Control Server (ACS) 5.2 allow remote attackers to hijack the authentication of administrators for requests that insert cross-site scripting (XSS) sequences, aka Bug ID CSCtr78143.

Learn more about our Cis Benchmark Audit For Cisco.