2 results (0.004 seconds)

CVSS: 8.1EPSS: 0%CPEs: 51EXPL: 0

CVE-2020-3261 – Cisco Mobility Express Software Cross-Site Request Forgery Vulnerability

https://notcve.org/view.php?id=CVE-2020-3261

15 Apr 2020 — A vulnerability in the web-based management interface of Cisco Mobility Express Software could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack on an affected system. The vulnerability is due to insufficient CSRF protections for the web-based management interface on an affected device. An attacker could exploit this vulnerability by persuading a user with an active session on an affected device to follow a malicious link. A successful exploit could allow the at... • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-mob-exp-csrf-b8tFec24 • CWE-352: Cross-Site Request Forgery (CSRF) •

CVSS: 7.4EPSS: 0%CPEs: 24EXPL: 0

CVE-2019-15264 – Cisco Aironet Access Points and Catalyst 9100 Access Points CAPWAP Denial of Service Vulnerability

https://notcve.org/view.php?id=CVE-2019-15264

16 Oct 2019 — A vulnerability in the Control and Provisioning of Wireless Access Points (CAPWAP) protocol implementation of Cisco Aironet and Catalyst 9100 Access Points (APs) could allow an unauthenticated, adjacent attacker to cause an affected device to restart unexpectedly, resulting in a denial of service (DoS) condition. The vulnerability is due to improper resource management during CAPWAP message processing. An attacker could exploit this vulnerability by sending a high volume of legitimate wireless management fr... • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191016-airo-capwap-dos • CWE-400: Uncontrolled Resource Consumption •