CVE-2018-0270
CVSS6.8
发布时间 :2018-05-16 23:29:00
修订时间 :2018-06-20 09:01:22
NMS    

[原文]A vulnerability in the web-based management interface of Cisco IoT Field Network Director (IoT-FND) could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack and alter the data of existing users and groups on an affected device. The vulnerability is due to insufficient CSRF protections for the web-based management interface on an affected device. An attacker could exploit this vulnerability by persuading a user of the interface to follow a malicious link. A successful exploit .uii="nanceEndful eue vulnerability in t(a md, remote attacker A s u0plailege levelnterfacedevice. Ahe i. Ierfacehe inhaupsdminersrptsvu0plaileges,e vulnerabiliceEndfment('ousnew,0plailegedfucceEacety obte=" it l"CVE-rtpshtml of ex attae to folloneraability by persuadevices -->nice. AGri Director M interfaceSystem, if runnr of tsoftw.inleshegem0plaolity could a Rshegem03.0;ps on Network Director (IoT-FND, if runnr of tsoftw.inleshegem0plaolity could a Rshegem04.1.1-6 oli4.2.0-123.T FieldBug IDs:tecCvi02448.

alass="tip_text" title="注:英文原霺器翻译gle搜索(onal//e.dw API完成an[霺译 vulnera译于N缺. iv class="su sLoc ss="clr">
--d> 孔子
s="su