CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 0CVE-2013-6972
https://notcve.org/view.php?id=CVE-2013-6972
Cisco WebEx Training Center allows remote attackers to discover session numbers, and bypass host approval for audio-conference attendance, by reading HTML source code, aka Bug ID CSCul57126. Cisco WebEx Training Center permite a atacantes remotos descubrir números de sesión, y evadir la aprobación de host para asistencias de audio-conference, mediante la lectura de código fuente HTML, también conocido como Bug ID CSCul57126. • http://osvdb.org/100914 http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-6972 http://tools.cisco.com/security/center/viewAlert.x?alertId=32145 http://www.securityfocus.com/bid/64282 http://www.securitytracker.com/id/1029492 https://exchange.xforce.ibmcloud.com/vulnerabilities/89652 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2013-6963
https://notcve.org/view.php?id=CVE-2013-6963
Cross-site scripting (XSS) vulnerability in the registration component in Cisco WebEx Training Center allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug ID CSCul36207. Vulnerabilidad de XSS en el componente de registro en Cisco WebEx Training Center permite a atacantes remotos inyectar script web o HTML arbitrario a través de una URL manipulada, también conocido como Bug ID CSCul36207. • http://osvdb.org/100907 http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-6963 http://www.securityfocus.com/bid/64277 http://www.securitytracker.com/id/1029492 https://exchange.xforce.ibmcloud.com/vulnerabilities/89695 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2013-6969
https://notcve.org/view.php?id=CVE-2013-6969
The training-registration page in Cisco WebEx Training Center allows remote attackers to modify unspecified fields via unknown vectors, aka Bug ID CSCul35990. La página training-registration en Cisco WebEx Training Center permite a atacantes remotos modificar campos no especificados a través de vectores desconocidos, también conocido como Bug ID CSCul35990. • http://osvdb.org/101003 http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-6969 http://www.securityfocus.com/bid/64305 https://exchange.xforce.ibmcloud.com/vulnerabilities/89684 • CWE-20: Improper Input Validation •
CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 0CVE-2013-6965
https://notcve.org/view.php?id=CVE-2013-6965
The registration component in Cisco WebEx Training Center provides the training-session URL before e-mail confirmation is completed, which allows remote attackers to bypass intended access restrictions and join an audio conference by entering credential fields from this URL, aka Bug ID CSCul36183. El componente de registro en Cisco WebEx Training Center proporciona la URL de sesión antes de que se complete la confirmación por e-mail, lo que permite a atacantes remotos evitar las restricciones de acceso previstos y unirse a una conferencia de audio mediante la introducción de campos de credenciales de esta URL, también conocido como Bug ID CSCul36183. • http://osvdb.org/100911 http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-6965 http://tools.cisco.com/security/center/viewAlert.x?alertId=32157 http://www.securityfocus.com/bid/64281 http://www.securitytracker.com/id/1029492 https://exchange.xforce.ibmcloud.com/vulnerabilities/89691 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 0CVE-2013-6968
https://notcve.org/view.php?id=CVE-2013-6968
Cisco WebEx Training Center provides different error messages for registration attempts depending on whether the e-mail address exists, which allows remote attackers to enumerate attendees via a series of requests, aka Bug ID CSCul36003. Cisco WebEx Training Center proporciona diferentes mensajes de error en intentos de registro dependiendo si la dirección de e-mail existe, lo que permite a atacantes remotos enumerar asistentes a través de una serie de peticiones, también conocido como Bug ID CSCul36003. • http://osvdb.org/100913 http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-6968 http://tools.cisco.com/security/center/viewAlert.x?alertId=32147 http://www.securitytracker.com/id/1029492 https://exchange.xforce.ibmcloud.com/vulnerabilities/89688 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •