CVE-2015-0700

Name of the Vulnerable Software and Affected Versions Cisco Secure Access Control Server Solution Engine versions prior to 5.5(0.46.5)

Description A cross-site request forgery (CSRF) issue exists in the Dashboard page within the monitoring-and-report section, allowing remote attackers to hijack the authentication of arbitrary users.

Recommendations For versions prior to 5.5(0.46.5), update to version 5.5(0.46.5) or later to resolve the issue. As a temporary workaround, consider restricting access to the Dashboard page in the monitoring-and-report section to minimize the risk of exploitation.