PT-2013-3004 · Cisco · Cisco Webex Social
Publicado
2013-05-16
·
Atualizado
2013-05-16
·
CVE-2013-1245
CVSS v2.0
4.0
Média
| Vetor | AV:N/AC:L/Au:S/C:N/I:P/A:N |
Name of the Vulnerable Software and Affected Versions
Cisco WebEx Social (affected versions not specified)
Description
The issue concerns the user-management page in Cisco WebEx Social, where client-side validation is relied upon for certain fields, including
Screen Name, First Name, Middle Name, Last Name, Email Address, and Job Title. This allows remote authenticated users to bypass intended access restrictions by sending crafted requests.Recommendations
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
RCE
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Cisco Webex Social