CVE-2013-6709: Infoleak
First published: Sat Dec 14 2013(Updated: )
The registration component in Cisco WebEx Training Center provides the training-session URL before payment is completed, which allows remote attackers to bypass intended access restrictions and join an audio conference by entering credential fields from this URL, aka Bug ID CSCul57111.
Credit: ykramarz@cisco.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Cisco WebEx Training Center |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2013-6709?
CVE-2013-6709 is classified as a medium severity vulnerability.
How do I fix CVE-2013-6709?
To fix CVE-2013-6709, users should update to the latest version of Cisco WebEx Training Center.
Who is affected by CVE-2013-6709?
CVE-2013-6709 affects users of Cisco WebEx Training Center.
What type of vulnerability is CVE-2013-6709?
CVE-2013-6709 is a security vulnerability that allows unauthorized access to audio conferences.
Can CVE-2013-6709 be exploited remotely?
Yes, CVE-2013-6709 can be exploited by remote attackers without requiring local access.
- collector/nvd-index
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/weakness
- agent/description
- agent/references
- agent/last-modified-date
- agent/author
- agent/event
- agent/tags
- agent/first-publish-date
- agent/source
- vendor/cisco
- canonical/cisco webex training center