CSRF Vulnerability in Cisco Unified MeetingPlace 8.6(1.9) SOAP API Endpoints

CSRF Vulnerability in Cisco Unified MeetingPlace 8.6(1.9) SOAP API Endpoints

CVE-2015-0705 · MEDIUM Severity

AV:N/AC:M/AU:N/C:P/I:P/A:P

Cross-site request forgery (CSRF) vulnerability in the SOAP API endpoints of the web-services directory in Cisco Unified MeetingPlace 8.6(1.9) allows remote attackers to hijack the authentication of administrators for requests that create administrative accounts, aka Bug ID CSCus97494.

Learn more about our Cis Benchmark Audit For Cisco.