ID
VAR-201301-0347
CVE
CVE-2013-1108
TITLE
Cisco WebEx Training Center Vulnerable to deleting hands-on lab session reservations
Trust: 0.8
sources:
JVNDB: JVNDB-2013-001229
DESCRIPTION
Cisco WebEx Training Center allows remote authenticated users to remove hands-on lab-session reservations via a crafted URL, aka Bug ID CSCzu81064. Attackers can exploit this issue to bypass security restrictions to perform unauthorized actions; this may aid in launching further attacks
Trust: 1.98
sources:
NVD: CVE-2013-1108 //
JVNDB: JVNDB-2013-001229 //
BID: 57487 //
VULHUB: VHN-61110
AFFECTED PRODUCTS
| vendor: | cisco | model: | webex training center | scope: | eq | version: | - | Trust: 1.6 |
| vendor: | cisco | model: | webex training center | scope: | - | version: | - | Trust: 0.8 |
| vendor: | cisco | model: | webex training center | scope: | eq | version: | 0 | Trust: 0.3 |
sources:
BID: 57487 //
JVNDB: JVNDB-2013-001229 //
CNNVD: CNNVD-201301-404 //
NVD: CVE-2013-1108
CVSS
SEVERITY | CVSSV2 | CVSSV3 | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|
sources:
VULHUB: VHN-61110 //
JVNDB: JVNDB-2013-001229 //
CNNVD: CNNVD-201301-404 //
NVD: CVE-2013-1108
PROBLEMTYPE DATA
| problemtype: | CWE-264 | Trust: 1.9 |
sources:
VULHUB: VHN-61110 //
JVNDB: JVNDB-2013-001229 //
NVD: CVE-2013-1108
THREAT TYPE
remote
Trust: 0.6
sources:
CNNVD: CNNVD-201301-404
TYPE
permissions and access control
Trust: 0.6
sources:
CNNVD: CNNVD-201301-404
CONFIGURATIONS
sources:
JVNDB: JVNDB-2013-001229
PATCH
| title: | Cisco WebEx Cancel Hands-on Lab Session Reservation | url: | http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-1108 | Trust: 0.8 |
sources:
JVNDB: JVNDB-2013-001229
EXTERNAL IDS
| db: | NVD | id: | CVE-2013-1108 | Trust: 2.8 |
| db: | SECTRACK | id: | 1028014 | Trust: 1.1 |
| db: | JVNDB | id: | JVNDB-2013-001229 | Trust: 0.8 |
| db: | CNNVD | id: | CNNVD-201301-404 | Trust: 0.7 |
| db: | CISCO | id: | 20130115 CISCO WEBEX CANCEL HANDS-ON LAB SESSION RESERVATION | Trust: 0.6 |
| db: | BID | id: | 57487 | Trust: 0.4 |
| db: | VULHUB | id: | VHN-61110 | Trust: 0.1 |
sources:
VULHUB: VHN-61110 //
BID: 57487 //
JVNDB: JVNDB-2013-001229 //
CNNVD: CNNVD-201301-404 //
NVD: CVE-2013-1108
REFERENCES
| url: | http://tools.cisco.com/security/center/content/ciscosecuritynotice/cve-2013-1108 | Trust: 2.0 |
| url: | http://www.securitytracker.com/id/1028014 | Trust: 1.1 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-1108 | Trust: 0.8 |
| url: | http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-1108 | Trust: 0.8 |
| url: | http://www.cisco.com/en/us/products/ps10410/index.html | Trust: 0.3 |
sources:
VULHUB: VHN-61110 //
BID: 57487 //
JVNDB: JVNDB-2013-001229 //
CNNVD: CNNVD-201301-404 //
NVD: CVE-2013-1108
CREDITS
Cisco
Trust: 0.3
sources:
BID: 57487
SOURCES
| db: | VULHUB | id: | VHN-61110 |
| db: | BID | id: | 57487 |
| db: | JVNDB | id: | JVNDB-2013-001229 |
| db: | CNNVD | id: | CNNVD-201301-404 |
| db: | NVD | id: | CVE-2013-1108 |
LAST UPDATE DATE
2024-11-23T21:55:39.006000+00:00
SOURCES UPDATE DATE
| db: | VULHUB | id: | VHN-61110 | date: | 2013-02-02T00:00:00 |
| db: | BID | id: | 57487 | date: | 2013-01-15T00:00:00 |
| db: | JVNDB | id: | JVNDB-2013-001229 | date: | 2013-01-23T00:00:00 |
| db: | CNNVD | id: | CNNVD-201301-404 | date: | 2013-01-22T00:00:00 |
| db: | NVD | id: | CVE-2013-1108 | date: | 2024-11-21T01:48:55.313 |
SOURCES RELEASE DATE
| db: | VULHUB | id: | VHN-61110 | date: | 2013-01-21T00:00:00 |
| db: | BID | id: | 57487 | date: | 2013-01-15T00:00:00 |
| db: | JVNDB | id: | JVNDB-2013-001229 | date: | 2013-01-23T00:00:00 |
| db: | CNNVD | id: | CNNVD-201301-404 | date: | 2013-01-22T00:00:00 |
| db: | NVD | id: | CVE-2013-1108 | date: | 2013-01-21T21:55:01.543 |