CVE-2013-1168
Published Apr 11, 2013
Last updated 12 years ago
Overview
- Description
- The web server in Cisco Unified MeetingPlace Application Server 7.x before 7.1MR1 Patch 2, 8.0 before 8.0MR1 Patch 1, and 8.5 before 8.5MR3 Patch 1 does not invalidate a session upon a logout action, which makes it easier for remote attackers to hijack sessions by leveraging knowledge of a session cookie, aka Bug ID CSCuc64885.
- Source
- ykramarz@cisco.com
- NVD status
- Analyzed
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 7.6
- Impact score
- 10
- Exploitability score
- 4.9
- Vector string
- AV:N/AC:H/Au:N/C:C/I:C/A:C
Weaknesses
- nvd@nist.gov
- NVD-CWE-noinfo
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:unified_meetingplace:7.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F1B3B645-4500-4B63-8D1A-1139537DA522"
},
{
"criteria": "cpe:2.3:a:cisco:unified_meetingplace:7.0.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5CB60381-CF25-41F1-B54B-CA0F1D77CEC5"
},
{
"criteria": "cpe:2.3:a:cisco:unified_meetingplace:7.0.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0B746BD5-7783-4510-9260-88E6865277A0"
},
{
"criteria": "cpe:2.3:a:cisco:unified_meetingplace:7.0.2:mr1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3D94A24A-E9DE-46A4-AEAF-30DC05FEB685"
},
{
"criteria": "cpe:2.3:a:cisco:unified_meetingplace:7.0.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7EBB601D-887C-40DC-97D0-448D9193F2FF"
},
{
"criteria": "cpe:2.3:a:cisco:unified_meetingplace:7.0.3:mr2:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "25556F86-581D-412C-B41B-36B30E12F41A"
},
{
"criteria": "cpe:2.3:a:cisco:unified_meetingplace:7.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "CB025761-696C-41B4-9A7C-67CF7A6DBECB"
},
{
"criteria": "cpe:2.3:a:cisco:unified_meetingplace:7.1:mr1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E86A7C56-CFB8-4279-85A2-090CF6B1E1B8"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:unified_meetingplace:8.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5E33B950-9CA4-4438-A7F1-1630CC26E81A"
},
{
"criteria": "cpe:2.3:a:cisco:unified_meetingplace:8.0:mr1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8A8703D6-20FB-40EC-B516-FAF77ED21D29"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:unified_meetingplace:8.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5FF3D6AE-38E4-40C7-AD5D-C7DA67AB9DCC"
},
{
"criteria": "cpe:2.3:a:cisco:unified_meetingplace:8.5.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3A049567-12BC-4A08-B776-C038248E655F"
},
{
"criteria": "cpe:2.3:a:cisco:unified_meetingplace:8.5.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E02FBDCD-FED2-4B6B-B5AC-EB9915ED31E8"
},
{
"criteria": "cpe:2.3:a:cisco:unified_meetingplace:8.5.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "BD2F2149-16AE-425E-BAFB-DC5987CBB406"
}
],
"operator": "OR"
}
]
}
]