CVE-2015-0651

Name of the Vulnerable Software and Affected Versions Cisco Application Networking Manager (ANM) (affected versions not specified) Cisco Device Manager (DM) on Cisco 4710 Application Control Engine (ACE) appliances (affected versions not specified)

Description A cross-site request forgery (CSRF) issue in the web GUI of the affected products allows remote attackers to hijack the authentication of arbitrary users.

Recommendations For Cisco Application Networking Manager (ANM), update to a version that includes the fix for Bug ID CSCuo99753. For Cisco Device Manager (DM) on Cisco 4710 Application Control Engine (ACE) appliances, update to a version that includes the fix for Bug ID CSCuo99753. As a temporary workaround, consider implementing additional authentication measures to minimize the risk of exploitation.