CyberSec.Space Logo
Back to CVE Browser

CVE-2015-6405

MEDIUM
6.8
CVSS Severity Score
EPSS Score0.0480%
EPSS Percentile40.93th
PublishedDec 13, 2015
Last ModifiedMay 6, 2026

Vulnerability Description

Cross-site request forgery (CSRF) vulnerability in Cisco Emergency Responder 10.5(1) and 10.5(1a) allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCuv26501.

Affected Platforms (CPE)

πŸ“¦
Cisco

Emergency Responder

= 10.5\(1a\)

References & Advisories

πŸ”— http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151209-cers
πŸ”— http://www.securityfocus.com/bid/78812
πŸ”— http://www.securitytracker.com/id/1034385
πŸ”— http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151209-cers
πŸ”— http://www.securityfocus.com/bid/78812
πŸ”— http://www.securitytracker.com/id/1034385

Related Vulnerabilities

CVE-2008-115410.0

The Disaster Recovery Framework (DRF) master server in Cisco Unified Communications products, including Unified Communications Man...

CVE-2016-64688.8

A vulnerability in the web-based management interface of Cisco Emergency Responder could allow an unauthenticated, remote attacker...

CVE-2017-67797.5

Multiple Cisco products are affected by a vulnerability in local file management for certain system log files of Cisco collaborati...

CVE-2014-21156.8

Multiple cross-site request forgery (CSRF) vulnerabilities in CERUserServlet pages in Cisco Emergency Responder (ER) 8.6 and earli...