Lucene search

CiscoCVE-2013-1128

HistoryFeb 15, 2013 - 12:09 p.m.

CVE-2013-1128

2013-02-1512:09:29

CWE-352

cisco

web.nvd.nist.gov

cve-2013-1128

cisco

unified meetingplace

csrf

vulnerabilities

security

nvd

bug id

cscuc64903

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

AI Score

7.4

Confidence

Low

EPSS

0.002

Percentile

52.5%

JSON

Multiple cross-site request forgery (CSRF) vulnerabilities in the server in Cisco Unified MeetingPlace before 7.1(2.2000) allow remote attackers to hijack the authentication of unspecified victims via unknown vectors, aka Bug ID CSCuc64903. NOTE: some of these details are obtained from third party information.

Affected configurations

Nvd

Node

ciscounified_meetingplaceRange≤7.1

ciscounified_meetingplaceMatch5.4

ciscounified_meetingplaceMatch6.0

ciscounified_meetingplaceMatch6.1

ciscounified_meetingplaceMatch7.0

ciscounified_meetingplaceMatch7.0.1

ciscounified_meetingplaceMatch7.0.2

ciscounified_meetingplaceMatch7.0.2mr1

ciscounified_meetingplaceMatch7.0.3

ciscounified_meetingplaceMatch7.0.3mr2

VendorProductVersionCPE
ciscounified_meetingplace*cpe:2.3:a:cisco:unified_meetingplace:*:*:*:*:*:*:*:*
ciscounified_meetingplace5.4cpe:2.3:a:cisco:unified_meetingplace:5.4:*:*:*:*:*:*:*
ciscounified_meetingplace6.0cpe:2.3:a:cisco:unified_meetingplace:6.0:*:*:*:*:*:*:*
ciscounified_meetingplace6.1cpe:2.3:a:cisco:unified_meetingplace:6.1:*:*:*:*:*:*:*
ciscounified_meetingplace7.0cpe:2.3:a:cisco:unified_meetingplace:7.0:*:*:*:*:*:*:*
ciscounified_meetingplace7.0.1cpe:2.3:a:cisco:unified_meetingplace:7.0.1:*:*:*:*:*:*:*
ciscounified_meetingplace7.0.2cpe:2.3:a:cisco:unified_meetingplace:7.0.2:*:*:*:*:*:*:*
ciscounified_meetingplace7.0.2cpe:2.3:a:cisco:unified_meetingplace:7.0.2:mr1:*:*:*:*:*:*
ciscounified_meetingplace7.0.3cpe:2.3:a:cisco:unified_meetingplace:7.0.3:*:*:*:*:*:*:*
ciscounified_meetingplace7.0.3cpe:2.3:a:cisco:unified_meetingplace:7.0.3:mr2:*:*:*:*:*:*

Vendor	Product	Version	CPE
cisco	unified_meetingplace	*	cpe:2.3:a:cisco:unified_meetingplace::::::::
cisco	unified_meetingplace	5.4	cpe:2.3:a:cisco:unified_meetingplace:5.4:::::::*
cisco	unified_meetingplace	6.0	cpe:2.3:a:cisco:unified_meetingplace:6.0:::::::*
cisco	unified_meetingplace	6.1	cpe:2.3:a:cisco:unified_meetingplace:6.1:::::::*
cisco	unified_meetingplace	7.0	cpe:2.3:a:cisco:unified_meetingplace:7.0:::::::*
cisco	unified_meetingplace	7.0.1	cpe:2.3:a:cisco:unified_meetingplace:7.0.1:::::::*
cisco	unified_meetingplace	7.0.2	cpe:2.3:a:cisco:unified_meetingplace:7.0.2:::::::*
cisco	unified_meetingplace	7.0.2	cpe:2.3:a:cisco:unified_meetingplace:7.0.2:mr1::::::
cisco	unified_meetingplace	7.0.3	cpe:2.3:a:cisco:unified_meetingplace:7.0.3:::::::*
cisco	unified_meetingplace	7.0.3	cpe:2.3:a:cisco:unified_meetingplace:7.0.3:mr2::::::

References

secunia.com/advisories/52194

tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-1128

tools.cisco.com/security/center/viewAlert.x?alertId=28217

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

AI Score

7.4

Confidence

Low

EPSS

0.002

Percentile

52.5%

JSON

Related for CVE-2013-1128