Vulnerability in Cisco Webex
CVE-2013-3425
The Meeting Center component in Cisco WebEx 11 generates different error messages for invalid file-access attempts depending on whether a file exists, which allows remote authenticated users to enumerate files via a series of SPI calls, ak…
EPSS: 0.002 (39.9th percentile) — read the EPSS interpretation.
Affected products
- Cisco Webex — versions 11.0
- N/a — versions n/a
Weakness classification (CWE)
References
- 20130730 Cisco WebEx Information Disclosure through Inconsistent Error Messages Vulnerability (x_refsource_CISCO, vendor-advisory, Vendor Advisory)
- cisco-webex-cve20133425-info-disc(86150) (vdb-entry, x_refsource_XF)
- 95876 (x_refsource_OSVDB, vdb-entry)