Access Control Vulnerability in Cisco WebEx Training Center
CVE-2013-6965

Currently unrated

Key Information:

Vendor: Cisco
Status: Webex Training Center
Vendor: CVE Published:; 14 December 2013

Summary

The registration component in Cisco WebEx Training Center allows remote attackers to bypass email verification, enabling unauthorized users to access audio conferences. This occurs when the training-session URL is provided prior to email confirmation, allowing attackers to join sessions by exploiting this flaw.

References

http://tools.cisco.com/security/center/viewAlert.x?alertI...

x_refsource_CONFIRM

http://www.securitytracker.com/id/1029492

vdb-entryx_refsource_SECTRACK

http://osvdb.org/100911

vdb-entryx_refsource_OSVDB

Timeline

Vulnerability published
Dec 14, 2013
Vulnerability Reserved
Dec 5, 2013