PT-2013-3004 · Cisco · Cisco Webex Social
Published
2013-05-16
·
Updated
2013-05-16
·
CVE-2013-1245
CVSS v2.0
4.0
Medium
| Vector | AV:N/AC:L/Au:S/C:N/I:P/A:N |
Name of the Vulnerable Software and Affected Versions
Cisco WebEx Social (affected versions not specified)
Description
The issue concerns the user-management page in Cisco WebEx Social, where client-side validation is relied upon for certain fields, including
Screen Name, First Name, Middle Name, Last Name, Email Address, and Job Title. This allows remote authenticated users to bypass intended access restrictions by sending crafted requests.Recommendations
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
RCE
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Cisco Webex Social