CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2013-1169

Cisco Unified MeetingPlace Web Conferencing Server 7.x before 7.1MR1 Patch 2, 8.0 before 8.0MR1 Patch 2, and 8.5 before 8.5MR3 Patch 1, when the Remember Me option is used, does not properly verify cookies, which allows remote attackers to impersonate users via a crafted login request, aka Bug ID CSCuc64846.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.004

EPSS Ranking 61.9%

CVSS Severity

CVSS v2 Score 9.3

References

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130410-mp
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130410-mp

Products affected by CVE-2013-1169

Cisco » Unified Meetingplace Web Conferencing Server » Version: 7.1

cpe:2.3:a:cisco:unified_meetingplace_web_conferencing_server:7.1
Cisco » Unified Meetingplace Web Conferencing Server » Version: 8.0

cpe:2.3:a:cisco:unified_meetingplace_web_conferencing_server:8.0
Cisco » Unified Meetingplace Web Conferencing Server » Version: 8.5

cpe:2.3:a:cisco:unified_meetingplace_web_conferencing_server:8.5

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2013-1169

Products

Pricing

Contact Us