Published: 14/12/2013 Updated: 29/11/2017

CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10

VMScore: 445

Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N

The registration component in Cisco WebEx Training Center provides the training-session URL before e-mail confirmation is completed, which allows remote malicious users to bypass intended access restrictions and join an audio conference by entering credential fields from this URL, aka Bug ID CSCul36183.

Vulnerable Product	Search on Vulmon	Subscribe to Product
cisco webex training center -

A vulnerability in the training center registration page of Cisco WebEx Training Center could allow an unauthenticated, remote attacker to attend the audio conference for a training session without having to confirm the email address The vulnerability is due to the disclosure of the training session information URL before registration is complete ...

CWE-264 http://tools.cisco.com/security/center/viewAlert.x?alertId=32157 http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-6965 http://www.securitytracker.com/id/1029492 http://www.securityfocus.com/bid/64281 http://osvdb.org/100911 https://exchange.xforce.ibmcloud.com/vulnerabilities/89691 https://nvd.nist.gov http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/Cisco-SA-20131213-CVE-2013-6965

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2013-6965

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect