CVE-2013-3395

Cross-site request forgery (CSRF) vulnerability in the web framework on Cisco IronPort Web Security Appliance (WSA) devices, Email Security Appliance (ESA) devices, and Content Security Management Appliance (SMA) devices allows remote attackers to hijack the authentication of arbitrary users, aka Bug IDs CSCuh70263, CSCuh70323, and CSCuh26634.

Severity	MEDIUM
CVSS	6.8
CWE	CWE-352
KEV
Published	12 years ago
Modified	2 weeks ago

Related Products

Product	Advisory
Cisco Web Security Appliance (WSA)	Cisco-SA-20130701-CVE-2013-3395
Cisco Secure Web Appliance	Cisco-SA-20130701-CVE-2013-3395
Cisco Secure Email and Web Manager	Cisco-SA-20130701-CVE-2013-3395
Cisco Secure Email	Cisco-SA-20130701-CVE-2013-3395
Cisco Email Security Appliance (ESA)	Cisco-SA-20130701-CVE-2013-3395
Cisco Content Security Management Appliance (SMA)	Cisco-SA-20130701-CVE-2013-3395