Vulnerability Description
The Event Center module in Cisco WebEx Meetings Server does not perform request authentication in all intended circumstances, which allows remote attackers to discover host keys and event passwords via crafted URLs, aka Bug ID CSCue62485.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Cisco | Webex Meetings Server | - |
Related Weaknesses (CWE)
References
- http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-1205Vendor Advisory
- http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-1205Vendor Advisory
FAQ
What is CVE-2013-1205?
CVE-2013-1205 is a vulnerability with a CVSS score of 4.3 (MEDIUM). The Event Center module in Cisco WebEx Meetings Server does not perform request authentication in all intended circumstances, which allows remote attackers to discover host keys and event passwords vi...
How severe is CVE-2013-1205?
CVE-2013-1205 has been rated MEDIUM with a CVSS base score of 4.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2013-1205?
Check the references section above for vendor advisories and patch information. Affected products include: Cisco Webex Meetings Server.