// For flags

CVE-2013-1232

 

Severity Score

5.0
*CVSS v2

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

The HTTP implementation in Cisco WebEx Node for MCS, WebEx Meetings Server, and WebEx Node for ASR 1000 Series allows remote attackers to read the contents of uninitialized memory locations via a crafted request, aka Bug IDs CSCue36672, CSCue31363, CSCuf17466, and CSCug61252.

La implementación HTTP en Cisco WebEx Node para MCS, WebEx Meetings Server, y WebEx Node para ASR 1000 Series permite a atacantes remotos leer el contenido de las posiciones de memoria sin inicializar mediante una petición especialmente diseñada, también conocido como Bug IDs CSCue36672, CSCue31363, CSCuf17466 y CSCug61252.

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
Low
Authentication
None
Confidentiality
Partial
Integrity
None
Availability
None
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2013-01-11 CVE Reserved
  • 2013-05-04 CVE Published
  • 2024-03-24 EPSS Updated
  • 2024-08-06 CVE Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-20: Improper Input Validation
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Cisco
Search vendor "Cisco"
 Webex Meetings Server
Search vendor "Cisco" for product "Webex Meetings Server"
--
Affected
Cisco
Search vendor "Cisco"
 Webex Node For Asr 1000 Series
Search vendor "Cisco" for product "Webex Node For Asr 1000 Series"
--
Affected
Cisco
Search vendor "Cisco"
 Webex Node For Mcs
Search vendor "Cisco" for product "Webex Node For Mcs"
--
Affected