Release date:
Updated on:
Affected Systems:
Cisco Prime Infrastructure 1.x
Cisco Prime Infrastructure
Description:
--------------------------------------------------------------------------------
CVE (CAN) ID: CVE-2013-1153
Cisco Prime Infrastructure is a solution for wireless management through Cisco technology LMS and NCS.
Because malicious HTTP requests are not verified, Cisco Prime Infrastructure allows users to perform some unauthorized operations through cross-site request forgery attacks.
<* Source: vendor
Link: http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-1153
Http://secunia.com/advisories/52495/
*>
Suggestion:
--------------------------------------------------------------------------------
Vendor patch:
Cisco
-----
Currently, the vendor does not provide patches or upgrade programs. We recommend that users who use the software follow the vendor's homepage to obtain the latest version:
Http://www.cisco.com/go/psirt