CVE-2013-6965

The registration component in Cisco WebEx Training Center provides the training-session URL before e-mail confirmation is completed, which allows remote attackers to bypass intended access restrictions and join an audio conference by entering credential fields from this URL, aka Bug ID CSCul36183.
Configurations

Configuration 1 (hide)

cpe:2.3:a:cisco:webex_training_center:-:*:*:*:*:*:*:*

History

21 Nov 2024, 02:00

Type Values Removed Values Added
References () http://osvdb.org/100911 - () http://osvdb.org/100911 -
References () http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-6965 - Vendor Advisory () http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-6965 - Vendor Advisory
References () http://tools.cisco.com/security/center/viewAlert.x?alertId=32157 - Vendor Advisory () http://tools.cisco.com/security/center/viewAlert.x?alertId=32157 - Vendor Advisory
References () http://www.securityfocus.com/bid/64281 - () http://www.securityfocus.com/bid/64281 -
References () http://www.securitytracker.com/id/1029492 - Third Party Advisory, VDB Entry () http://www.securitytracker.com/id/1029492 - Third Party Advisory, VDB Entry
References () https://exchange.xforce.ibmcloud.com/vulnerabilities/89691 - () https://exchange.xforce.ibmcloud.com/vulnerabilities/89691 -

Information

Published : 2013-12-14 22:55

Updated : 2024-11-21 02:00


NVD link : CVE-2013-6965

Mitre link : CVE-2013-6965

CVE.ORG link : CVE-2013-6965


JSON object : View

Products Affected

cisco

  • webex_training_center
CWE
CWE-264

Permissions, Privileges, and Access Controls