CVE-2024-20486 | Cisco Identity Services Engine Software up to 3.3.0 Web-based Management Interface cross-site request forgery (cisco-sa-ise-csrf-y4ZUz5Rj)

Inserito da Angelo Barbosa | Ago 21, 2024 | CVE

A vulnerability classified as problematic was found in Cisco Identity Services Engine Software. This vulnerability affects unknown code of the component Web-based Management Interface. The manipulation leads to cross-site request forgery.

This vulnerability was named CVE-2024-20486. The attack can be initiated remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-20486 | Cisco Identity Services Engine Software up to 3.3.0 Web-based Management Interface cross-site request forgery (cisco-sa-ise-csrf-y4ZUz5Rj)

Post correlati

CVE-2023-4220 | Chamilo LMS up to 1.11.24 bigUpload.php unrestricted upload

CVE-2024-38570 | Linux Kernel up to 6.6.32/6.8.11/6.9.2 gfs2 sd_dead_glocks use after free

CVE-2024-2731 | Mautic up to 4.4.9 access control

CVE-2024-38541 | Linux Kernel up to 6.6.32/6.8.11/6.9.2 of_modalias buffer overflow