Email Enumeration Vulnerability in Cisco WebEx Training Center
CVE-2013-6968

Currently unrated

Key Information:

Vendor

Cisco
Status
Webex Training Center
Vendor
CVE Published:
14 December 2013

What is CVE-2013-6968?

The WebEx Training Center by Cisco contains a vulnerability that permits unauthorized users to infer the existence of attendees' email addresses. This occurs due to the system's provision of differing error messages based on whether an email address is recognized during the registration process. Attackers can exploit this flaw by performing systematic registration attempts, potentially allowing them to build a list of valid email addresses associated with the service. Ensuring proper error handling and validation practices can mitigate this risk.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www.securitytracker.com/id/1029492
vdb-entryx_refsource_SECTRACK
http://osvdb.org/100913
vdb-entryx_refsource_OSVDB
http://tools.cisco.com/security/center/content/CiscoSecur...
vendor-advisoryx_refsource_CISCO

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.