CVE-2013-6709

Опубликовано: 14 дек. 2013

Источник: nvd

CVSS2: 5

EPSS Низкий

Описание

The registration component in Cisco WebEx Training Center provides the training-session URL before payment is completed, which allows remote attackers to bypass intended access restrictions and join an audio conference by entering credential fields from this URL, aka Bug ID CSCul57111.

Ссылки

http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-6709
Vendor Advisory
http://tools.cisco.com/security/center/viewAlert.x?alertId=32153
Vendor Advisory
http://www.securitytracker.com/id/1029492
Third Party Advisory
VDB Entry
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-6709
Vendor Advisory
http://tools.cisco.com/security/center/viewAlert.x?alertId=32153
Vendor Advisory
http://www.securitytracker.com/id/1029492
Third Party Advisory
VDB Entry

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:cisco:webex_training_center:-:*:*:*:*:*:*:*

EPSS

Процентиль: 50%

0.00267

Низкий

5 Medium

CVSS2

Дефекты

CWE-200

Связанные уязвимости

GHSA-5q4g-hqx9-m5x4

github

больше 3 лет назад