N/A

A vulnerability in the web-based management interface of Cisco Emergency Responder could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack and perform arbitrary actions on an affected device. More Information: CSCvb06663. Known Affected Releases: 11.5(1.10000.4). Known Fixed Releases: 12.0(0.98000.14).

N/A

N/A

Cisco Emergency Responder 跨站请求伪造漏洞

Cisco Emergency Responder（ER）是美国思科（Cisco）公司的一套IP通信系统中的应急呼叫软件。该软件提供实时定位跟踪数据库和呼叫者的位置等功能。 Cisco ER的基于Web的管理界面中存在跨站请求伪造漏洞。攻击者可利用该漏洞在目标设备上执行任意操作。

N/A

N/A