CVE-2014-2115 Information

Description

Multiple cross-site request forgery (CSRF) vulnerabilities in CERUserServlet pages in Cisco Emergency Responder (ER) 8.6 and earlier allow remote attackers to hijack the authentication of arbitrary users aka Bug ID CSCun24250.

Reference

http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-2115 http://tools.cisco.com/security/center/viewAlert.x?alertId=33643 http://www.securityfocus.com/bid/66631 http://www.securitytracker.com/id/1030019