CVE-2014-7996

CVE Database · CVE-2014-7996

CVE-2014-7996

· N/AModified

CVSS v3.1

N/A

EPSS

0.64%

Published

Nov 18, 2014

Modified

May 6, 2026

Public PoC / Exploit

All weaponized →

No public PoC or exploit code indexed for this CVE.

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

Cross-site request forgery (CSRF) vulnerability in the web framework in Cisco Integrated Management Controller in Cisco Unified Computing System allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCuq45477.

Weaknesses (CWE)

CWE-352

Affected Products (1)

cisco · unified_computing_systemvulnerable

References (10)

http://secunia.com/advisories/62565

http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-7996

Vendor Advisory

http://tools.cisco.com/security/center/viewAlert.x?alertId=36456

Vendor Advisory

http://www.securityfocus.com/bid/71171

https://exchange.xforce.ibmcloud.com/vulnerabilities/98769

http://secunia.com/advisories/62565

http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-7996

Vendor Advisory

http://tools.cisco.com/security/center/viewAlert.x?alertId=36456

Vendor Advisory

http://www.securityfocus.com/bid/71171

KEV Catalog EPSS Scores Vendors All CVEs