CyberSec.Space Logo
返回 CVE 浏览器

CVE-2014-2115

MEDIUM
6.8
CVSS Severity Score
EPSS Score0.1050%
EPSS Percentile42.14th
Published2014年4月4日
Last Modified2026年5月6日

Vulnerability Description

Multiple cross-site request forgery (CSRF) vulnerabilities in CERUserServlet pages in Cisco Emergency Responder (ER) 8.6 and earlier allow remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCun24250.

Affected Platforms (CPE)

📦
Cisco

Emergency Responder

<= 8.6

References & Advisories

🔗 http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-2115
🔗 http://tools.cisco.com/security/center/viewAlert.x?alertId=33643
🔗 http://www.securityfocus.com/bid/66631
🔗 http://www.securitytracker.com/id/1030019
🔗 http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-2115
🔗 http://tools.cisco.com/security/center/viewAlert.x?alertId=33643
🔗 http://www.securityfocus.com/bid/66631
🔗 http://www.securitytracker.com/id/1030019

相关漏洞威胁

CVE-2008-115410.0

The Disaster Recovery Framework (DRF) master server in Cisco Unified Communications products, including Unified Communications Man...

CVE-2016-64688.8

A vulnerability in the web-based management interface of Cisco Emergency Responder could allow an unauthenticated, remote attacker...

CVE-2017-67797.5

Multiple Cisco products are affected by a vulnerability in local file management for certain system log files of Cisco collaborati...

CVE-2015-64056.8

Cross-site request forgery (CSRF) vulnerability in Cisco Emergency Responder 10.5(1) and 10.5(1a) allows remote attackers to hijac...