Cross-Site Request Forgery Vulnerability in Cisco WebEx Training Center
CVE-2013-6710

Currently unrated

Key Information:

Vendor: Cisco
Status: Webex Training Center
Vendor: CVE Published:; 14 December 2013

What is CVE-2013-6710?

The Cisco WebEx Training Center is susceptible to a Cross-Site Request Forgery (CSRF) vulnerability that enables remote attackers to hijack the authentication of unspecified victims. Attackers can exploit this weakness to execute unauthorized actions on behalf of the user, potentially compromising sensitive information and services. The security issue arises from the application not implementing proper validation mechanisms for critical user actions, leaving it open to malicious exploits through crafted requests.

References

http://www.securitytracker.com/id/1029492

vdb-entryx_refsource_SECTRACK

http://tools.cisco.com/security/center/viewAlert.x?alertI...

x_refsource_CONFIRM

http://tools.cisco.com/security/center/content/CiscoSecur...

vendor-advisoryx_refsource_CISCO

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Dec 14, 2013
Vulnerability Reserved
Nov 7, 2013