Lucene search

[email protected]CVE-2013-1120

HistoryOct 03, 2022 - 4:14 p.m.

CVE-2013-1120

2022-10-0316:14:48

CWE-352

[email protected]

web.nvd.nist.gov

cisco

unity express

csrf

cve-2013-1120

bug id cscue35910

nvd

security vulnerabilities

remote attack

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

7.2 High

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

36.1%

JSON

Multiple cross-site request forgery (CSRF) vulnerabilities on the Cisco Unity Express with software before 8.0 allow remote attackers to hijack the authentication of unspecified victims via unknown vectors, aka Bug ID CSCue35910.

Affected configurations

NVD

Node

ciscounity_express_softwareRange≤7.4

ciscounity_express_softwareMatch1.1.1

ciscounity_express_softwareMatch1.1.2

ciscounity_express_softwareMatch2.0

ciscounity_express_softwareMatch2.1

ciscounity_express_softwareMatch2.2

ciscounity_express_softwareMatch2.3

ciscounity_express_softwareMatch3.0

ciscounity_express_softwareMatch3.1

ciscounity_express_softwareMatch3.2

ciscounity_express_softwareMatch7.0

ciscounity_express_softwareMatch7.1

ciscounity_express_softwareMatch7.2

ciscounity_express_softwareMatch7.3

AND

ciscounity_express

CPENameOperatorVersion
cisco:unity_express_softwarecisco unity express softwarele7.4
cisco:unity_express_softwarecisco unity express softwareeq1.1.1
cisco:unity_express_softwarecisco unity express softwareeq1.1.2
cisco:unity_express_softwarecisco unity express softwareeq2.0
cisco:unity_express_softwarecisco unity express softwareeq2.1
cisco:unity_express_softwarecisco unity express softwareeq2.2
cisco:unity_express_softwarecisco unity express softwareeq2.3
cisco:unity_express_softwarecisco unity express softwareeq3.0
cisco:unity_express_softwarecisco unity express softwareeq3.1
cisco:unity_express_softwarecisco unity express softwareeq3.2

CPE	Name	Operator	Version
cisco:unity_express_software	cisco unity express software	le	7.4
cisco:unity_express_software	cisco unity express software	eq	1.1.1
cisco:unity_express_software	cisco unity express software	eq	1.1.2
cisco:unity_express_software	cisco unity express software	eq	2.0
cisco:unity_express_software	cisco unity express software	eq	2.1
cisco:unity_express_software	cisco unity express software	eq	2.2
cisco:unity_express_software	cisco unity express software	eq	2.3
cisco:unity_express_software	cisco unity express software	eq	3.0
cisco:unity_express_software	cisco unity express software	eq	3.1
cisco:unity_express_software	cisco unity express software	eq	3.2