Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
seebugRootSSV:61180
HistoryDec 18, 2013 - 12:00 a.m.

Cisco WebEx Training Center email枚举漏洞

2013-12-1800:00:00
Root
www.seebug.org
12

EPSS

0.003

Percentile

65.9%

JSON

Bugtraq ID:64292
CVE ID:CVE-2013-6968

Cisco WebEx Training Center是一款互动式培训解决方案,可开展电子教学。

Cisco WebEx Training Center中的培训注册页面存在安全漏洞,允许远程未验证远程攻击者枚举注册参会者的Email地址。
漏洞是由于注册错误系哦啊系,允许用户通过判断注册过程中返回的不同消息来获取其他用户的email地址信息。攻击者发送多个注册请求可触发该漏洞。
0
Cisco WebEx Training Center
厂商补丁:

Cisco

用户可参考如下厂商提供的安全公告获得补丁信息:

http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-6968

Related

cvelist 1
cisco 1
nvd 1
cve 1
prion 1
cvelist
cvelist
CVE-2013-6968
2013-12-14 22:00:00
cisco
cisco
Cisco WebEx Training Center Registered Attendee Email Enumeration Vulnerability
2013-12-13 15:08:00
nvd
nvd
CVE-2013-6968
2013-12-14 22:55:14
cve
cve
CVE-2013-6968
2013-12-14 22:55:14
prion
prion
Design/Logic Flaw
2013-12-14 22:55:00

EPSS

0.003

Percentile

65.9%

JSON
Related for SSV:61180
cvelist1cisco1nvd1cve1prion1