Remote Bypass Vulnerability in Cisco WebEx Training Center Registration
CVE-2013-6709

Currently unrated

Key Information:

Vendor: Cisco
Status: Webex Training Center
Vendor: CVE Published:; 14 December 2013

Summary

The registration feature of Cisco WebEx Training Center has a security flaw that exposes the training-session URL prior to the payment being finalized. This issue allows remote attackers to bypass established access restrictions, potentially enabling them to join audio conferences by leveraging credentials embedded within the disclosed URL. This vulnerability could lead to unauthorized participation in training sessions, raising significant security concerns for organizations relying on these platforms for secure communications.

References

http://www.securitytracker.com/id/1029492

vdb-entryx_refsource_SECTRACK

http://tools.cisco.com/security/center/content/CiscoSecur...

vendor-advisoryx_refsource_CISCO

http://tools.cisco.com/security/center/viewAlert.x?alertI...

x_refsource_CONFIRM

Timeline

Vulnerability published
Dec 14, 2013
Vulnerability Reserved
Nov 7, 2013