CVE-2013-6968
https://notcve.org/view.php?id=CVE-2013-6968
Cisco WebEx Training Center provides different error messages for registration attempts depending on whether the e-mail address exists, which allows remote attackers to enumerate attendees via a series of requests, aka Bug ID CSCul36003. Cisco WebEx Training Center proporciona diferentes mensajes de error en intentos de registro dependiendo si la dirección de e-mail existe, lo que permite a atacantes remotos enumerar asistentes a través de una serie de peticiones, también conocido como Bug ID CSCul36003. • http://osvdb.org/100913 http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-6968 http://tools.cisco.com/security/center/viewAlert.x?alertId=32147 http://www.securitytracker.com/id/1029492 https://exchange.xforce.ibmcloud.com/vulnerabilities/89688 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVE-2013-6710
https://notcve.org/view.php?id=CVE-2013-6710
Cross-site request forgery (CSRF) vulnerability in Cisco WebEx Training Center allows remote attackers to hijack the authentication of unspecified victims via unknown vectors, aka Bug ID CSCul25567. Vulnerabilidad Cross-site requets forgery (CSRF) en Cisco WeBeX Training Center permite a atacantes remotos secuestrar la autenticación de victimas no especificadas a través de vectores desconocidos, tambien conocido como Bug ID CSCul25567. • http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-6710 http://tools.cisco.com/security/center/viewAlert.x?alertId=32154 http://www.securitytracker.com/id/1029492 • CWE-352: Cross-Site Request Forgery (CSRF) •
CVE-2013-6709
https://notcve.org/view.php?id=CVE-2013-6709
The registration component in Cisco WebEx Training Center provides the training-session URL before payment is completed, which allows remote attackers to bypass intended access restrictions and join an audio conference by entering credential fields from this URL, aka Bug ID CSCul57111. El componente de registro en Cisco WebEx Training Center proporciona la URL de capacitación de sesión antes de que se complete el pago, que permite a atacantes remotos evitar las restricciones de acceso previstos y unirse a una conferencia de audio mediante la introducción de campos de credenciales de esta URL, también conocido como Bug ID CSCul57111. • http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-6709 http://tools.cisco.com/security/center/viewAlert.x?alertId=32153 http://www.securitytracker.com/id/1029492 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVE-2013-6973
https://notcve.org/view.php?id=CVE-2013-6973
Cisco WebEx Training Center allows remote attackers to discover registration IDs via a crafted URL, aka Bug ID CSCul57121. Cisco WebEx Training Center permite a atacantes remotos descubrir IDs de registro a través de URL manipuladas, también conocido como Bug ID CSCul57121. • http://osvdb.org/100915 http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-6973 http://tools.cisco.com/security/center/viewAlert.x?alertId=32144 http://www.securityfocus.com/bid/64286 http://www.securitytracker.com/id/1029492 https://exchange.xforce.ibmcloud.com/vulnerabilities/89651 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVE-2013-1110
https://notcve.org/view.php?id=CVE-2013-1110
Cisco WebEx Training Center allow remote authenticated users to bypass intended privilege restrictions and (1) enable or (2) disable training-center recordings via a crafted URL, aka Bug ID CSCzu81065. Cisco WebEx Training Center permite a usuarios remotos autenticados eludir restricciones de privilegios previstos y (1) activar o desactivar (2) centro de formación-grabaciones a través de una URL hecha a mano, también conocido como Bug ID CSCzu81065. • http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-1110 http://www.securityfocus.com/bid/57488 http://www.securitytracker.com/id/1028013 • CWE-264: Permissions, Privileges, and Access Controls •