Session Number Disclosure in Cisco WebEx Training Center
CVE-2013-6972

Currently unrated

Key Information:

Vendor: Cisco
Status: Webex Training Center
Vendor: CVE Published:; 14 December 2013

Summary

Cisco WebEx Training Center is susceptible to a vulnerability that enables remote attackers to access session numbers. This flaw allows attackers to bypass host approval for audio-conference attendance by manipulating HTML source code, potentially leading to unauthorized access to training sessions. Organizations using Cisco WebEx should be aware of this issue and take appropriate measures to secure their conference settings.

References

http://osvdb.org/100914

vdb-entryx_refsource_OSVDB

http://www.securitytracker.com/id/1029492

vdb-entryx_refsource_SECTRACK

https://exchange.xforce.ibmcloud.com/vulnerabilities/89652

vdb-entryx_refsource_XF

Timeline

Vulnerability published
Dec 14, 2013
Vulnerability Reserved
Dec 5, 2013