Vulnerability in Cisco Mediasense

CVE-2013-5502

The web interface in Cisco MediaSense does not properly protect the client-server communication channel, which allows remote attackers to obtain sensitive query string or cookie information via unspecified vectors, aka Bug ID CSCuj23344.

EPSS: 0.003 (51.9th percentile) — read the EPSS interpretation.

Affected products

Cisco Mediasense
N/a — versions n/a

Weakness classification (CWE)

CWE-264

References

20130920 Cisco MediaSense Sensitive Data in Query String/Cookie Vulnerability (x_refsource_CISCO, vendor-advisory, Vendor Advisory)
psirt@cisco.com (x_refsource_CONFIRM, Vendor Advisory)
97532 (x_refsource_OSVDB, vdb-entry)