Published: 14/12/2013 Updated: 15/09/2016

CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10

VMScore: 445

Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N

The registration component in Cisco WebEx Training Center provides the training-session URL before payment is completed, which allows remote malicious users to bypass intended access restrictions and join an audio conference by entering credential fields from this URL, aka Bug ID CSCul57111.

Vulnerable Product	Search on Vulmon	Subscribe to Product
cisco webex training center -

A vulnerability in the registration pages of Cisco WebEx Training Center could allow an unauthenticated, remote attacker to obtain the password and access code for a paid training without paying or registering for the training The vulnerability is due to disclosure of the training session information URL before the registration and payment are co ...

CWE-200 http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-6709 http://tools.cisco.com/security/center/viewAlert.x?alertId=32153 http://www.securitytracker.com/id/1029492 https://nvd.nist.gov http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/Cisco-SA-20131213-CVE-2013-6709

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2013-6709

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect