Vulnerability Description
Cross-site request forgery (CSRF) vulnerability in the web framework in Cisco Unified MeetingPlace Solution, as used in Unified MeetingPlace Web Conferencing and Unified MeetingPlace, allows remote attackers to hijack the authentication of arbitrary users, aka Bug IDs CSCui45209 and CSCui44674.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Cisco | Unified Meetingplace | All versions |
| Cisco | Unified Meetingplace Web Conferencing | - |
Related Weaknesses (CWE)
References
- http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-5494Vendor Advisory
- http://www.securitytracker.com/id/1029037
- http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-5494Vendor Advisory
- http://www.securitytracker.com/id/1029037
FAQ
What is CVE-2013-5494?
CVE-2013-5494 is a vulnerability with a CVSS score of 6.8 (MEDIUM). Cross-site request forgery (CSRF) vulnerability in the web framework in Cisco Unified MeetingPlace Solution, as used in Unified MeetingPlace Web Conferencing and Unified MeetingPlace, allows remote at...
How severe is CVE-2013-5494?
CVE-2013-5494 has been rated MEDIUM with a CVSS base score of 6.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2013-5494?
Check the references section above for vendor advisories and patch information. Affected products include: Cisco Unified Meetingplace, Cisco Unified Meetingplace Web Conferencing.