CVE Database · CVE-2014-2115
CVSS v3.1
N/A
EPSS
0.64%
Published
Apr 4, 2014
Modified
May 6, 2026
Public PoC / Exploit
All weaponized →No public PoC or exploit code indexed for this CVE.
Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.
Description
Multiple cross-site request forgery (CSRF) vulnerabilities in CERUserServlet pages in Cisco Emergency Responder (ER) 8.6 and earlier allow remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCun24250.
Weaknesses (CWE)
Affected Products (1)
References (8)
