Session Hijacking Vulnerability in Cisco Unified MeetingPlace Application Server
CVE-2013-1168

Currently unrated

Key Information:

Vendor
Cisco
Status
Unified Meetingplace
Vendor
CVE Published:
11 April 2013

Summary

A vulnerability exists in the web server of the Cisco Unified MeetingPlace Application Server, which fails to properly invalidate session information upon user logout. This flaw allows remote attackers to take advantage of knowledge of a session cookie, enabling them to hijack an active session. This risk underscores the importance of implementing robust session management practices to protect against unauthorized access.

References

http://tools.cisco.com/security/center/content/CiscoSecur...
vendor-advisoryx_refsource_CISCO

Timeline

  • Vulnerability Reserved

  • Vulnerability published

.