var-201301-0349
Vulnerability from variot
Cisco WebEx Training Center allow remote authenticated users to bypass intended privilege restrictions and (1) enable or (2) disable training-center recordings via a crafted URL, aka Bug ID CSCzu81065. Cisco WebEx Training Center Has been bypassed by permissions, training-center Records of (1) Activation, or (2) There are vulnerabilities that are disabled. Attackers can exploit this issue to bypass security restrictions to perform unauthorized actions; this may aid in launching further attacks. Cisco WebEx is a set of Web conferencing tools developed by American Cisco (Cisco), which can assist office workers in different places to coordinate and cooperate. WebEx services include Web conferencing, telepresence video conferencing and enterprise instant messaging (IM)
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201301-0349",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "webex training center",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": null
},
{
"model": "webex training center",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-001230"
},
{
"db": "CNNVD",
"id": "CNNVD-201301-405"
},
{
"db": "NVD",
"id": "CVE-2013-1110"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:cisco:webex_training_center",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-001230"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco",
"sources": [
{
"db": "BID",
"id": "57488"
}
],
"trust": 0.3
},
"cve": "CVE-2013-1110",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.0,
"id": "CVE-2013-1110",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.0,
"id": "VHN-61112",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:S/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2013-1110",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2013-1110",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-201301-405",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-61112",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-61112"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-001230"
},
{
"db": "CNNVD",
"id": "CNNVD-201301-405"
},
{
"db": "NVD",
"id": "CVE-2013-1110"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco WebEx Training Center allow remote authenticated users to bypass intended privilege restrictions and (1) enable or (2) disable training-center recordings via a crafted URL, aka Bug ID CSCzu81065. Cisco WebEx Training Center Has been bypassed by permissions, training-center Records of (1) Activation, or (2) There are vulnerabilities that are disabled. \nAttackers can exploit this issue to bypass security restrictions to perform unauthorized actions; this may aid in launching further attacks. Cisco WebEx is a set of Web conferencing tools developed by American Cisco (Cisco), which can assist office workers in different places to coordinate and cooperate. WebEx services include Web conferencing, telepresence video conferencing and enterprise instant messaging (IM)",
"sources": [
{
"db": "NVD",
"id": "CVE-2013-1110"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-001230"
},
{
"db": "BID",
"id": "57488"
},
{
"db": "VULHUB",
"id": "VHN-61112"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2013-1110",
"trust": 2.8
},
{
"db": "BID",
"id": "57488",
"trust": 1.4
},
{
"db": "SECTRACK",
"id": "1028013",
"trust": 1.1
},
{
"db": "JVNDB",
"id": "JVNDB-2013-001230",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201301-405",
"trust": 0.7
},
{
"db": "CISCO",
"id": "20130116 CISCO WEBEX ENABLE/DISABLE AVAILABILITY OF RECORDINGS",
"trust": 0.6
},
{
"db": "SEEBUG",
"id": "SSVID-60606",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-61112",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-61112"
},
{
"db": "BID",
"id": "57488"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-001230"
},
{
"db": "CNNVD",
"id": "CNNVD-201301-405"
},
{
"db": "NVD",
"id": "CVE-2013-1110"
}
]
},
"id": "VAR-201301-0349",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-61112"
}
],
"trust": 0.01
},
"last_update_date": "2024-11-23T22:13:53.911000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Cisco WebEx Enable/Disable Availability of Recordings",
"trust": 0.8,
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-1110"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-001230"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-264",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-61112"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-001230"
},
{
"db": "NVD",
"id": "CVE-2013-1110"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://tools.cisco.com/security/center/content/ciscosecuritynotice/cve-2013-1110"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/bid/57488"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1028013"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-1110"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-1110"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-61112"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-001230"
},
{
"db": "CNNVD",
"id": "CNNVD-201301-405"
},
{
"db": "NVD",
"id": "CVE-2013-1110"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-61112"
},
{
"db": "BID",
"id": "57488"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-001230"
},
{
"db": "CNNVD",
"id": "CNNVD-201301-405"
},
{
"db": "NVD",
"id": "CVE-2013-1110"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-01-21T00:00:00",
"db": "VULHUB",
"id": "VHN-61112"
},
{
"date": "2013-01-22T00:00:00",
"db": "BID",
"id": "57488"
},
{
"date": "2013-01-23T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-001230"
},
{
"date": "2013-01-22T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201301-405"
},
{
"date": "2013-01-21T21:55:01.603000",
"db": "NVD",
"id": "CVE-2013-1110"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-02-02T00:00:00",
"db": "VULHUB",
"id": "VHN-61112"
},
{
"date": "2013-01-22T00:00:00",
"db": "BID",
"id": "57488"
},
{
"date": "2013-01-23T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-001230"
},
{
"date": "2013-01-22T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201301-405"
},
{
"date": "2024-11-21T01:48:55.533000",
"db": "NVD",
"id": "CVE-2013-1110"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201301-405"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco WebEx Training Center Vulnerabilities bypassing permissions restrictions",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-001230"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "permissions and access control",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201301-405"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.