Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
seebugRootSSV:61169
HistoryDec 17, 2013 - 12:00 a.m.

Cisco WebEx Training Center会话密码和访问代码泄漏漏洞

2013-12-1700:00:00
Root
www.seebug.org
11

EPSS

0.001

Percentile

48.3%

JSON

Bugtraq ID:64276
CVE ID:CVE-2013-6709

Cisco WebEx Training Center是一款互动式培训解决方案,可开展电子教学。

Cisco WebEx Training Center注册页面存在安全漏洞,允许远程未验证攻击者无需支付或者注册培训,获取付费培训的密码和访问代码。
漏洞是由于在注册和付费完成之前泄漏了培训会话信息URL,攻击者可收集此URL中的会话访问代码和密码,利用这些信息加入音频会议。
0
Cisco WebEx Training Center
厂商补丁:

Cisco

目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:

http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-6709

Related

cisco 1
prion 1
nvd 1
cvelist 1
cve 1
cisco
cisco
Cisco Webex Training Center Session Password and Access Code Disclosure Vulnerability
2013-12-13 19:01:01
prion
prion
Authentication flaw
2013-12-14 22:55:00
nvd
nvd
CVE-2013-6709
2013-12-14 22:55:03
cvelist
cvelist
CVE-2013-6709
2013-12-14 22:00:00
cve
cve
CVE-2013-6709
2013-12-14 22:55:03

EPSS

0.001

Percentile

48.3%

JSON
Related for SSV:61169
cisco1prion1nvd1cvelist1cve1