Information disclosure in Cisco Webex_training_center

CVE-2013-6972

Cisco WebEx Training Center allows remote attackers to discover session numbers, and bypass host approval for audio-conference attendance, by reading HTML source code, aka Bug ID CSCul57126.

Vulnerability class: Information Disclosure

EPSS: 0.007 (71.5th percentile) — read the EPSS interpretation.

Affected products

Cisco Webex_training_center
N/a — versions n/a

Weakness classification (CWE)

CWE-200 — Information Disclosure

References

100914 (x_refsource_OSVDB, vdb-entry)
1029492 (Third Party Advisory, VDB Entry, vdb-entry, x_refsource_SECTRACK)
cisco-webex-cve20136972-info-disc(89652) (vdb-entry, x_refsource_XF)
20131212 Cisco WebEx Training Center Training Session Number Disclosure Vulnerability (x_refsource_CISCO, vendor-advisory, Vendor Advisory)
psirt@cisco.com (x_refsource_CONFIRM, Vendor Advisory)
64282 (vdb-entry, x_refsource_BID)