CVE-2019-1632

Name of the Vulnerable Software and Affected Versions Cisco Integrated Management Controller (IMC) (affected versions not specified)

Description A vulnerability in the web-based management interface of Cisco Integrated Management Controller (IMC) could allow an authenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack and perform arbitrary actions on an affected device. The issue is due to insufficient CSRF protections for the web-based management interface. An attacker could exploit this by persuading a user to follow a malicious link, allowing the attacker to use a web browser and the privileges of the user to perform arbitrary actions on the affected device.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.