Lucene search

[email protected]CVE-2013-3438

HistoryJul 24, 2013 - 12:01 p.m.

CVE-2013-3438

2013-07-2412:01:00

CWE-264

[email protected]

web.nvd.nist.gov

cisco

unified meetingplace

web conferencing

security

vulnerability

cve-2013-3438

nvd

6.9 Medium

AI Score

Confidence

Low

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

0.002 Low

EPSS

Percentile

58.6%

JSON

The web framework in the server in Cisco Unified MeetingPlace Web Conferencing allows remote attackers to bypass intended access restrictions and read unspecified web pages via crafted parameters, aka Bug ID CSCuh86385.

CPENameOperatorVersion
cisco:unified_meetingplace_web_conferencingcisco unified meetingplace web conferencingeq-

CPE	Name	Operator	Version
cisco:unified_meetingplace_web_conferencing	cisco unified meetingplace web conferencing	eq	-

References

osvdb.org/95583

tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-3438

tools.cisco.com/security/center/viewAlert.x?alertId=30186

6.9 Medium

AI Score

Confidence

Low

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

0.002 Low

EPSS

Percentile

58.6%

JSON

Related for CVE-2013-3438

prion1 cvelist1 cisco1