Sign-up

ID

VAR-201312-0259


CVE

CVE-2013-6970


TITLE

Cisco WebEx Meeting Center Vulnerability in which important information is obtained

Trust: 0.8

sources: JVNDB: JVNDB-2013-005571

DESCRIPTION

Cisco WebEx Meeting Center allows remote attackers to obtain sensitive information by reading verbose error messages within server responses, aka Bug ID CSCul35928. Cisco WebEx Meeting Center Contains a vulnerability in which important information is obtained. Successfully exploiting this issue may allow an attacker to obtain sensitive information that may aid in further attacks. This issue is tracked by Cisco Bug ID CSCul35928. The product invites others to join the meeting via email or instant messaging (IM), enabling online product demonstrations, information sharing, and more

Trust: 1.98

sources: NVD: CVE-2013-6970 // JVNDB: JVNDB-2013-005571 // BID: 64306 // VULHUB: VHN-66972

AFFECTED PRODUCTS

vendor:ciscomodel:webex meeting centerscope:eqversion: -

Trust: 1.6

vendor:ciscomodel:webex meeting centerscope: - version: -

Trust: 0.8

sources: JVNDB: JVNDB-2013-005571 // CNNVD: CNNVD-201312-280 // NVD: CVE-2013-6970

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2013-6970
value: MEDIUM

Trust: 1.0

NVD: CVE-2013-6970
value: MEDIUM

Trust: 0.8

CNNVD: CNNVD-201312-280
value: MEDIUM

Trust: 0.6

VULHUB: VHN-66972
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2013-6970
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-66972
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: VULHUB: VHN-66972 // JVNDB: JVNDB-2013-005571 // CNNVD: CNNVD-201312-280 // NVD: CVE-2013-6970

PROBLEMTYPE DATA

problemtype:CWE-200

Trust: 1.9

sources: VULHUB: VHN-66972 // JVNDB: JVNDB-2013-005571 // NVD: CVE-2013-6970

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201312-280

TYPE

information disclosure

Trust: 0.6

sources: CNNVD: CNNVD-201312-280

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2013-005571

PATCH
title:Cisco WebEx Meeting Center Verbose Server Error Responses Vulnerabilityurl:http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-6970
Trust: 0.8
sources:
            
            
            JVNDB: JVNDB-2013-005571

EXTERNAL IDS
db:NVDid:CVE-2013-6970
Trust: 2.8
db:BIDid:64306
Trust: 1.4
db:OSVDBid:101002
Trust: 1.1
db:JVNDBid:JVNDB-2013-005571
Trust: 0.8
db:CNNVDid:CNNVD-201312-280
Trust: 0.7
db:CISCOid:20131213 CISCO WEBEX MEETING CENTER VERBOSE SERVER ERROR RESPONSES VULNERABILITY
Trust: 0.6
db:VULHUBid:VHN-66972
Trust: 0.1
sources:
            
            
            VULHUB: VHN-66972 // 
            
            
            
            BID: 64306 // 
            
            
            
            JVNDB: JVNDB-2013-005571 // 
            
            
            
            CNNVD: CNNVD-201312-280 // 
            
            
            
            NVD: CVE-2013-6970

REFERENCES
url:http://tools.cisco.com/security/center/content/ciscosecuritynotice/cve-2013-6970
Trust: 1.7
url:http://www.securityfocus.com/bid/64306
Trust: 1.1
url:http://osvdb.org/101002
Trust: 1.1
url:https://exchange.xforce.ibmcloud.com/vulnerabilities/89708
Trust: 1.1
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-6970
Trust: 0.8
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-6970
Trust: 0.8
url:http://www.cisco.com/
Trust: 0.3
sources:
            
            
            VULHUB: VHN-66972 // 
            
            
            
            BID: 64306 // 
            
            
            
            JVNDB: JVNDB-2013-005571 // 
            
            
            
            CNNVD: CNNVD-201312-280 // 
            
            
            
            NVD: CVE-2013-6970

CREDITS
Cisco
Trust: 0.3
sources:
            
            
            BID: 64306

SOURCES
db:VULHUBid:VHN-66972
db:BIDid:64306
db:JVNDBid:JVNDB-2013-005571
db:CNNVDid:CNNVD-201312-280
db:NVDid:CVE-2013-6970

LAST UPDATE DATE
2024-11-23T22:46:08.959000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-66972date:2017-11-29T00:00:00
db:BIDid:64306date:2013-12-13T00:00:00
db:JVNDBid:JVNDB-2013-005571date:2013-12-18T00:00:00
db:CNNVDid:CNNVD-201312-280date:2013-12-17T00:00:00
db:NVDid:CVE-2013-6970date:2024-11-21T02:00:04.957

SOURCES RELEASE DATE
db:VULHUBid:VHN-66972date:2013-12-14T00:00:00
db:BIDid:64306date:2013-12-13T00:00:00
db:JVNDBid:JVNDB-2013-005571date:2013-12-18T00:00:00
db:CNNVDid:CNNVD-201312-280date:2013-12-17T00:00:00
db:NVDid:CVE-2013-6970date:2013-12-14T22:55:14.520