var-201306-0137
Vulnerability from variot
The Event Center module in Cisco WebEx Meetings Server does not perform request authentication in all intended circumstances, which allows remote attackers to discover host keys and event passwords via crafted URLs, aka Bug ID CSCue62485. Vendors have confirmed this vulnerability Bug ID CSCue62485 It is released as.Skillfully crafted by a third party URL The host key and event password may be broken through. Cisco WebEx Meetings Server is prone to an information-disclosure vulnerability. Successfully exploiting this issue may allow an attacker to obtain sensitive information that may aid in further attacks. Cisco WebEx Meetings Server 1.0 is vulnerable. Cisco WebEx is a set of Web conferencing tools developed by American Cisco (Cisco), which can assist office workers in different places to coordinate and cooperate. WebEx services include Web conferencing, telepresence video conferencing and enterprise instant messaging (IM)
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201306-0137",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "webex meetings server",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": null
},
{
"model": "webex meetings server",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.0"
}
],
"sources": [
{
"db": "BID",
"id": "60373"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-002904"
},
{
"db": "NVD",
"id": "CVE-2013-1205"
},
{
"db": "CNNVD",
"id": "CNNVD-201306-117"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2013-1205"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The vendor reported this issue.",
"sources": [
{
"db": "BID",
"id": "60373"
}
],
"trust": 0.3
},
"cve": "CVE-2013-1205",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 4.3,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2013-1205",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "VHN-61207",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2013-1205",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201306-117",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-61207",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-61207"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-002904"
},
{
"db": "NVD",
"id": "CVE-2013-1205"
},
{
"db": "CNNVD",
"id": "CNNVD-201306-117"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The Event Center module in Cisco WebEx Meetings Server does not perform request authentication in all intended circumstances, which allows remote attackers to discover host keys and event passwords via crafted URLs, aka Bug ID CSCue62485. Vendors have confirmed this vulnerability Bug ID CSCue62485 It is released as.Skillfully crafted by a third party URL The host key and event password may be broken through. Cisco WebEx Meetings Server is prone to an information-disclosure vulnerability. \nSuccessfully exploiting this issue may allow an attacker to obtain sensitive information that may aid in further attacks. \nCisco WebEx Meetings Server 1.0 is vulnerable. Cisco WebEx is a set of Web conferencing tools developed by American Cisco (Cisco), which can assist office workers in different places to coordinate and cooperate. WebEx services include Web conferencing, telepresence video conferencing and enterprise instant messaging (IM)",
"sources": [
{
"db": "NVD",
"id": "CVE-2013-1205"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-002904"
},
{
"db": "BID",
"id": "60373"
},
{
"db": "VULHUB",
"id": "VHN-61207"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2013-1205",
"trust": 2.8
},
{
"db": "JVNDB",
"id": "JVNDB-2013-002904",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201306-117",
"trust": 0.7
},
{
"db": "CISCO",
"id": "20130604 CISCO WEBEX MEETINGS SERVER INFORMATION DISCLOSURE VULNERABILITY",
"trust": 0.6
},
{
"db": "SECUNIA",
"id": "53731",
"trust": 0.6
},
{
"db": "BID",
"id": "60373",
"trust": 0.4
},
{
"db": "SEEBUG",
"id": "SSVID-60841",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-61207",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-61207"
},
{
"db": "BID",
"id": "60373"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-002904"
},
{
"db": "NVD",
"id": "CVE-2013-1205"
},
{
"db": "CNNVD",
"id": "CNNVD-201306-117"
}
]
},
"id": "VAR-201306-0137",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-61207"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T12:30:56.993000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Cisco WebEx Meetings Server Information Disclosure Vulnerability",
"trust": 0.8,
"url": "http://tools.cisco.com/security/center/content/ciscosecuritynotice/cve-2013-1205"
},
{
"title": "29578",
"trust": 0.8,
"url": "http://tools.cisco.com/security/center/viewalert.x?alertid=29578"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-002904"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-287",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-61207"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-002904"
},
{
"db": "NVD",
"id": "CVE-2013-1205"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://tools.cisco.com/security/center/content/ciscosecuritynotice/cve-2013-1205"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-1205"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-1205"
},
{
"trust": 0.6,
"url": "http://secunia.com/advisories/53731"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/en/us/products/ps12732/index.html"
},
{
"trust": 0.3,
"url": "http://tools.cisco.com/security/center/viewalert.x?alertid=29578"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-61207"
},
{
"db": "BID",
"id": "60373"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-002904"
},
{
"db": "NVD",
"id": "CVE-2013-1205"
},
{
"db": "CNNVD",
"id": "CNNVD-201306-117"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-61207"
},
{
"db": "BID",
"id": "60373"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-002904"
},
{
"db": "NVD",
"id": "CVE-2013-1205"
},
{
"db": "CNNVD",
"id": "CNNVD-201306-117"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-06-06T00:00:00",
"db": "VULHUB",
"id": "VHN-61207"
},
{
"date": "2013-06-05T00:00:00",
"db": "BID",
"id": "60373"
},
{
"date": "2013-06-07T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-002904"
},
{
"date": "2013-06-06T13:02:13.007000",
"db": "NVD",
"id": "CVE-2013-1205"
},
{
"date": "2013-06-07T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201306-117"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-06-06T00:00:00",
"db": "VULHUB",
"id": "VHN-61207"
},
{
"date": "2013-06-05T00:00:00",
"db": "BID",
"id": "60373"
},
{
"date": "2013-06-07T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-002904"
},
{
"date": "2013-06-06T14:34:00.280000",
"db": "NVD",
"id": "CVE-2013-1205"
},
{
"date": "2013-06-07T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201306-117"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201306-117"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco WebEx Meetings Server of Event Center Vulnerability to break host key and event password in module",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-002904"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "authorization issue",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201306-117"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.