CVE-2013-1120
Cisco Unity Express - Multiple Vulnerabilities
Severity Score
6.8
*CVSS v2
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
1
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
Multiple cross-site request forgery (CSRF) vulnerabilities on the Cisco Unity Express with software before 8.0 allow remote attackers to hijack the authentication of unspecified victims via unknown vectors, aka Bug ID CSCue35910.
Múltiples vulnerabilidades de falsificación de petición en sitios cruzados (CSRF) en Cisco Unity Express con software anterior a v8.0 permite a atacantes remotos secuestrar la autenticación de usuarios mediante vectores desconocidos. Bug ID CSCue35910.
Cisco Unity suffers from cross site request forgery and cross site scripting vulnerabilities.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2013-01-11 CVE Reserved
- 2013-02-05 CVE Published
- 2013-02-05 First Exploit
- 2024-09-17 CVE Updated
- 2024-09-17 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-352: Cross-Site Request Forgery (CSRF)
CAPEC
References (2)
URL | Tag | Source |
---|
URL | Date | SRC |
---|---|---|
https://www.exploit-db.com/exploits/24449 | 2013-02-05 |
URL | Date | SRC |
---|
URL | Date | SRC |
---|---|---|
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-1120 | 2013-02-07 |
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Cisco Search vendor "Cisco" | Unity Express Software Search vendor "Cisco" for product "Unity Express Software" | <= 7.4 Search vendor "Cisco" for product "Unity Express Software" and version " <= 7.4" | - |
Affected
| in | Cisco Search vendor "Cisco" | Unity Express Search vendor "Cisco" for product "Unity Express" | * | - |
Affected
|
Cisco Search vendor "Cisco" | Unity Express Software Search vendor "Cisco" for product "Unity Express Software" | 1.1.1 Search vendor "Cisco" for product "Unity Express Software" and version "1.1.1" | - |
Affected
| in | Cisco Search vendor "Cisco" | Unity Express Search vendor "Cisco" for product "Unity Express" | * | - |
Affected
|
Cisco Search vendor "Cisco" | Unity Express Software Search vendor "Cisco" for product "Unity Express Software" | 1.1.2 Search vendor "Cisco" for product "Unity Express Software" and version "1.1.2" | - |
Affected
| in | Cisco Search vendor "Cisco" | Unity Express Search vendor "Cisco" for product "Unity Express" | * | - |
Affected
|
Cisco Search vendor "Cisco" | Unity Express Software Search vendor "Cisco" for product "Unity Express Software" | 2.0 Search vendor "Cisco" for product "Unity Express Software" and version "2.0" | - |
Affected
| in | Cisco Search vendor "Cisco" | Unity Express Search vendor "Cisco" for product "Unity Express" | * | - |
Affected
|
Cisco Search vendor "Cisco" | Unity Express Software Search vendor "Cisco" for product "Unity Express Software" | 2.1 Search vendor "Cisco" for product "Unity Express Software" and version "2.1" | - |
Affected
| in | Cisco Search vendor "Cisco" | Unity Express Search vendor "Cisco" for product "Unity Express" | * | - |
Affected
|
Cisco Search vendor "Cisco" | Unity Express Software Search vendor "Cisco" for product "Unity Express Software" | 2.2 Search vendor "Cisco" for product "Unity Express Software" and version "2.2" | - |
Affected
| in | Cisco Search vendor "Cisco" | Unity Express Search vendor "Cisco" for product "Unity Express" | * | - |
Affected
|
Cisco Search vendor "Cisco" | Unity Express Software Search vendor "Cisco" for product "Unity Express Software" | 2.3 Search vendor "Cisco" for product "Unity Express Software" and version "2.3" | - |
Affected
| in | Cisco Search vendor "Cisco" | Unity Express Search vendor "Cisco" for product "Unity Express" | * | - |
Affected
|
Cisco Search vendor "Cisco" | Unity Express Software Search vendor "Cisco" for product "Unity Express Software" | 3.0 Search vendor "Cisco" for product "Unity Express Software" and version "3.0" | - |
Affected
| in | Cisco Search vendor "Cisco" | Unity Express Search vendor "Cisco" for product "Unity Express" | * | - |
Affected
|
Cisco Search vendor "Cisco" | Unity Express Software Search vendor "Cisco" for product "Unity Express Software" | 3.1 Search vendor "Cisco" for product "Unity Express Software" and version "3.1" | - |
Affected
| in | Cisco Search vendor "Cisco" | Unity Express Search vendor "Cisco" for product "Unity Express" | * | - |
Affected
|
Cisco Search vendor "Cisco" | Unity Express Software Search vendor "Cisco" for product "Unity Express Software" | 3.2 Search vendor "Cisco" for product "Unity Express Software" and version "3.2" | - |
Affected
| in | Cisco Search vendor "Cisco" | Unity Express Search vendor "Cisco" for product "Unity Express" | * | - |
Affected
|
Cisco Search vendor "Cisco" | Unity Express Software Search vendor "Cisco" for product "Unity Express Software" | 7.0 Search vendor "Cisco" for product "Unity Express Software" and version "7.0" | - |
Affected
| in | Cisco Search vendor "Cisco" | Unity Express Search vendor "Cisco" for product "Unity Express" | * | - |
Affected
|
Cisco Search vendor "Cisco" | Unity Express Software Search vendor "Cisco" for product "Unity Express Software" | 7.1 Search vendor "Cisco" for product "Unity Express Software" and version "7.1" | - |
Affected
| in | Cisco Search vendor "Cisco" | Unity Express Search vendor "Cisco" for product "Unity Express" | * | - |
Affected
|
Cisco Search vendor "Cisco" | Unity Express Software Search vendor "Cisco" for product "Unity Express Software" | 7.2 Search vendor "Cisco" for product "Unity Express Software" and version "7.2" | - |
Affected
| in | Cisco Search vendor "Cisco" | Unity Express Search vendor "Cisco" for product "Unity Express" | * | - |
Affected
|
Cisco Search vendor "Cisco" | Unity Express Software Search vendor "Cisco" for product "Unity Express Software" | 7.3 Search vendor "Cisco" for product "Unity Express Software" and version "7.3" | - |
Affected
| in | Cisco Search vendor "Cisco" | Unity Express Search vendor "Cisco" for product "Unity Express" | * | - |
Affected
|