CVE-2014-2193

Currently unrated

Key Information:

Vendor
Cisco
Status
Unified Web And E-mail Interaction Manager
Vendor
CVE Published:
20 May 2014

Summary

Cisco Unified Web and E-Mail Interaction Manager places session identifiers in GET requests, which allows remote attackers to inject conversation text by obtaining a valid identifier, aka Bug ID CSCuj43084.

References

http://tools.cisco.com/security/center/content/CiscoSecur...
vendor-advisoryx_refsource_CISCO

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.