Lucene search

[email protected]NVD:CVE-2013-1109

HistoryJan 17, 2013 - 3:55 p.m.

CVE-2013-1109

2013-01-1715:55:01

CWE-352

[email protected]

web.nvd.nist.gov

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

AI Score

7.2

Confidence

Low

EPSS

0.001

Percentile

38.6%

JSON

Cross-site request forgery (CSRF) vulnerability in testingLibraryAction.do in the Training Center testing library in Cisco WebEx Training Center allows remote attackers to hijack the authentication of arbitrary users for requests that delete tests, aka Bug ID CSCzu81067.

Affected configurations

Nvd

Node

ciscowebex_training_centerMatch-

VendorProductVersionCPE
ciscowebex_training_center-cpe:2.3:a:cisco:webex_training_center:-:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
cisco	webex_training_center	-	cpe:2.3:a:cisco:webex_training_center:-:::::::*

References

tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-1109

www.securitytracker.com/id/1028016

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

AI Score

7.2

Confidence

Low

EPSS

0.001

Percentile

38.6%

JSON

Related for NVD:CVE-2013-1109

prion1 cve1 cvelist1