ID
VAR-201307-0523
TITLE
Cisco WebEx One-Click Client Password Encryption Information Disclosure Vulnerability
Trust: 0.9
DESCRIPTION
Cisco WebEx is a set of Web conferencing tools from Cisco in the United States. This tool can assist remote office staff to coordinate and cooperate. WebEx services include Web conferencing, telepresence video conferencing, and enterprise instant messaging (IM). An information disclosure vulnerability exists in the Cisco WebEx One-Click Client. An attacker could use this vulnerability to gain sensitive information, such as stored passwords, which can help launch further attacks
Trust: 0.81
AFFECTED PRODUCTS
| vendor: | cisco | model: | webex | scope: | eq | version: | 27.10 | Trust: 0.3 |
| vendor: | cisco | model: | webex | scope: | eq | version: | 26.49.32 | Trust: 0.3 |
| vendor: | cisco | model: | webex t27 sp28 | scope: | - | version: | - | Trust: 0.3 |
| vendor: | cisco | model: | webex t27 sp25 ep3 | scope: | - | version: | - | Trust: 0.3 |
| vendor: | cisco | model: | webex t27 sp23 | scope: | - | version: | - | Trust: 0.3 |
| vendor: | cisco | model: | webex t27 sp21 ep9 | scope: | - | version: | - | Trust: 0.3 |
| vendor: | cisco | model: | webex t27 sp11 ep23 | scope: | - | version: | - | Trust: 0.3 |
| vendor: | cisco | model: | webex t27 ld sp32 cp1 | scope: | - | version: | - | Trust: 0.3 |
| vendor: | cisco | model: | webex t27 ld sp32 | scope: | - | version: | - | Trust: 0.3 |
| vendor: | cisco | model: | webex t27 lc sp25 ep9 | scope: | - | version: | - | Trust: 0.3 |
| vendor: | cisco | model: | webex t27 lc sp25 ep10 | scope: | - | version: | - | Trust: 0.3 |
| vendor: | cisco | model: | webex t27 lb sp21 ep10 | scope: | - | version: | - | Trust: 0.3 |
| vendor: | cisco | model: | webex t27 l sp11 ep26 | scope: | - | version: | - | Trust: 0.3 |
| vendor: | cisco | model: | webex t27 fr20 | scope: | - | version: | - | Trust: 0.3 |
| vendor: | cisco | model: | webex t26 sp49 ep40 | scope: | - | version: | - | Trust: 0.3 |
| vendor: | cisco | model: | webex | scope: | eq | version: | 3.26 | Trust: 0.3 |
| vendor: | cisco | model: | webex | scope: | eq | version: | 28.4 | Trust: 0.3 |
| vendor: | cisco | model: | webex | scope: | eq | version: | 28.1.0 | Trust: 0.3 |
| vendor: | cisco | model: | webex 27lc sp22 | scope: | - | version: | - | Trust: 0.3 |
| vendor: | cisco | model: | webex 27lb sp21 ep3 | scope: | - | version: | - | Trust: 0.3 |
| vendor: | cisco | model: | webex | scope: | eq | version: | 27.32.2 | Trust: 0.3 |
| vendor: | cisco | model: | webex | scope: | eq | version: | 27.32.10 | Trust: 0.3 |
| vendor: | cisco | model: | webex | scope: | eq | version: | 27.25.11 | Trust: 0.3 |
| vendor: | cisco | model: | webex | scope: | eq | version: | 27.00 | Trust: 0.3 |
| vendor: | cisco | model: | webex | scope: | eq | version: | 26.00 | Trust: 0.3 |
THREAT TYPE
local
Trust: 0.9
TYPE
information disclosure
Trust: 0.6
EXTERNAL IDS
| db: | BID | id: | 61304 | Trust: 0.9 |
| db: | CNNVD | id: | CNNVD-201307-547 | Trust: 0.6 |
REFERENCES
| url: | http://www.securityfocus.com/bid/61304 | Trust: 0.6 |
| url: | http://www.cisco.com/web/products/quad/index.html | Trust: 0.3 |
| url: | https://github.com/opensecurityresearch/onedecrypt/ | Trust: 0.3 |
| url: | http://blog.opensecurityresearch.com/2013/07/quick-reversing-webex-one-click.html | Trust: 0.3 |
CREDITS
Brad Antoniewicz of Open Security Research
Trust: 0.9
SOURCES
| db: | BID | id: | 61304 |
| db: | CNNVD | id: | CNNVD-201307-547 |
LAST UPDATE DATE
2022-05-17T02:09:06.481000+00:00
SOURCES UPDATE DATE
| db: | BID | id: | 61304 | date: | 2013-07-09T00:00:00 |
| db: | CNNVD | id: | CNNVD-201307-547 | date: | 2013-07-10T00:00:00 |
SOURCES RELEASE DATE
| db: | BID | id: | 61304 | date: | 2013-07-09T00:00:00 |
| db: | CNNVD | id: | CNNVD-201307-547 | date: | 2013-07-10T00:00:00 |