CyberSec.Space Logo
Back to CVE Browser

CVE-2016-6468

HIGH
8.8
CVSS Severity Score
EPSS Score0.1480%
EPSS Percentile8.38th
PublishedDec 14, 2016
Last ModifiedMay 6, 2026

Vulnerability Description

A vulnerability in the web-based management interface of Cisco Emergency Responder could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack and perform arbitrary actions on an affected device. More Information: CSCvb06663. Known Affected Releases: 11.5(1.10000.4). Known Fixed Releases: 12.0(0.98000.14).

Affected Platforms (CPE)

πŸ“¦
Cisco

Emergency Responder

= 11.5\(1.10000.4\)

References & Advisories

πŸ”— http://www.securityfocus.com/bid/94786
πŸ”— http://www.securitytracker.com/id/1037428
πŸ”— https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161207-cer
πŸ”— http://www.securityfocus.com/bid/94786
πŸ”— http://www.securitytracker.com/id/1037428
πŸ”— https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161207-cer

Related Vulnerabilities

CVE-2008-115410.0

The Disaster Recovery Framework (DRF) master server in Cisco Unified Communications products, including Unified Communications Man...

CVE-2017-67797.5

Multiple Cisco products are affected by a vulnerability in local file management for certain system log files of Cisco collaborati...

CVE-2014-21156.8

Multiple cross-site request forgery (CSRF) vulnerabilities in CERUserServlet pages in Cisco Emergency Responder (ER) 8.6 and earli...

CVE-2015-64056.8

Cross-site request forgery (CSRF) vulnerability in Cisco Emergency Responder 10.5(1) and 10.5(1a) allows remote attackers to hijac...