Lucene search

[email protected]NVD:CVE-2013-1128

HistoryFeb 15, 2013 - 12:09 p.m.

CVE-2013-1128

2013-02-1512:09:29

CWE-352

[email protected]

web.nvd.nist.gov

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

AI Score

7.3

Confidence

Low

EPSS

0.002

Percentile

52.5%

JSON

Multiple cross-site request forgery (CSRF) vulnerabilities in the server in Cisco Unified MeetingPlace before 7.1(2.2000) allow remote attackers to hijack the authentication of unspecified victims via unknown vectors, aka Bug ID CSCuc64903. NOTE: some of these details are obtained from third party information.

Affected configurations

Nvd

Node

ciscounified_meetingplaceRange≤7.1

ciscounified_meetingplaceMatch5.4

ciscounified_meetingplaceMatch6.0

ciscounified_meetingplaceMatch6.1

ciscounified_meetingplaceMatch7.0

ciscounified_meetingplaceMatch7.0.1

ciscounified_meetingplaceMatch7.0.2

ciscounified_meetingplaceMatch7.0.2mr1

ciscounified_meetingplaceMatch7.0.3

ciscounified_meetingplaceMatch7.0.3mr2

VendorProductVersionCPE
ciscounified_meetingplace*cpe:2.3:a:cisco:unified_meetingplace:*:*:*:*:*:*:*:*
ciscounified_meetingplace5.4cpe:2.3:a:cisco:unified_meetingplace:5.4:*:*:*:*:*:*:*
ciscounified_meetingplace6.0cpe:2.3:a:cisco:unified_meetingplace:6.0:*:*:*:*:*:*:*
ciscounified_meetingplace6.1cpe:2.3:a:cisco:unified_meetingplace:6.1:*:*:*:*:*:*:*
ciscounified_meetingplace7.0cpe:2.3:a:cisco:unified_meetingplace:7.0:*:*:*:*:*:*:*
ciscounified_meetingplace7.0.1cpe:2.3:a:cisco:unified_meetingplace:7.0.1:*:*:*:*:*:*:*
ciscounified_meetingplace7.0.2cpe:2.3:a:cisco:unified_meetingplace:7.0.2:*:*:*:*:*:*:*
ciscounified_meetingplace7.0.2cpe:2.3:a:cisco:unified_meetingplace:7.0.2:mr1:*:*:*:*:*:*
ciscounified_meetingplace7.0.3cpe:2.3:a:cisco:unified_meetingplace:7.0.3:*:*:*:*:*:*:*
ciscounified_meetingplace7.0.3cpe:2.3:a:cisco:unified_meetingplace:7.0.3:mr2:*:*:*:*:*:*

Vendor	Product	Version	CPE
cisco	unified_meetingplace	*	cpe:2.3:a:cisco:unified_meetingplace::::::::
cisco	unified_meetingplace	5.4	cpe:2.3:a:cisco:unified_meetingplace:5.4:::::::*
cisco	unified_meetingplace	6.0	cpe:2.3:a:cisco:unified_meetingplace:6.0:::::::*
cisco	unified_meetingplace	6.1	cpe:2.3:a:cisco:unified_meetingplace:6.1:::::::*
cisco	unified_meetingplace	7.0	cpe:2.3:a:cisco:unified_meetingplace:7.0:::::::*
cisco	unified_meetingplace	7.0.1	cpe:2.3:a:cisco:unified_meetingplace:7.0.1:::::::*
cisco	unified_meetingplace	7.0.2	cpe:2.3:a:cisco:unified_meetingplace:7.0.2:::::::*
cisco	unified_meetingplace	7.0.2	cpe:2.3:a:cisco:unified_meetingplace:7.0.2:mr1::::::
cisco	unified_meetingplace	7.0.3	cpe:2.3:a:cisco:unified_meetingplace:7.0.3:::::::*
cisco	unified_meetingplace	7.0.3	cpe:2.3:a:cisco:unified_meetingplace:7.0.3:mr2::::::

References

secunia.com/advisories/52194

tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-1128

tools.cisco.com/security/center/viewAlert.x?alertId=28217

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

AI Score

7.3

Confidence

Low

EPSS

0.002

Percentile

52.5%

JSON

Related for NVD:CVE-2013-1128

cvelist1 prion1 cve1 cisco1