Published: 16/09/2013 Updated: 18/10/2013

CVSS v2 Base Score: 6.8 | Impact Score: 6.4 | Exploitability Score: 8.6

VMScore: 605

Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P

Subscribe to Unified Meetingplace Web Conferencing

Cross-site request forgery (CSRF) vulnerability in the web framework in Cisco Unified MeetingPlace Solution, as used in Unified MeetingPlace Web Conferencing and Unified MeetingPlace, allows remote malicious users to hijack the authentication of arbitrary users, aka Bug IDs CSCui45209 and CSCui44674.

Vulnerable Product	Search on Vulmon	Subscribe to Product
cisco unified meetingplace web conferencing -
cisco unified meetingplace

A vulnerability in the web framework code of Cisco Unified MeetingPlace Solution could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack against the user of the web interface The vulnerability is due to insufficient CSRF protections An attacker could exploit this vulnerability by convincing the user ...

CWE-352 http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-5494 http://www.securitytracker.com/id/1029037 https://nvd.nist.gov http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/Cisco-SA-20130913-CVE-2013-5494

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2013-5494

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect