CVE-2013-5489

Currently unrated

Key Information:

Vendor: Cisco
Status: Socialminer
Vendor: CVE Published:; 13 September 2013

Summary

The gadget implementation in Cisco SocialMiner does not properly restrict the content of GET requests, which allows remote attackers to obtain sensitive information by reading (1) web-server access logs, (2) web-server Referer logs, or (3) the browser history, aka Bug ID CSCuh74125.

References

http://tools.cisco.com/security/center/viewAlert.x?alertI...

x_refsource_CONFIRM

https://exchange.xforce.ibmcloud.com/vulnerabilities/86965

vdb-entryx_refsource_XF

http://tools.cisco.com/security/center/content/CiscoSecur...

vendor-advisoryx_refsource_CISCO

Timeline

Vulnerability published
Sep 13, 2013
Vulnerability Reserved
Aug 22, 2013