| |
Vulnerability CVE-2013-1120
Published: 2013-02-06
Description: |
Multiple cross-site request forgery (CSRF) vulnerabilities on the Cisco Unity Express with software before 8.0 allow remote attackers to hijack the authentication of unspecified victims via unknown vectors, aka Bug ID CSCue35910. |
See advisories in our WLB2 database: | Topic | Author | Date |
Low |
| Jacob Holcomb | 05.02.2013 |
Type:
CWE-352 (Cross-Site Request Forgery (CSRF))
CVSS2 => (AV:N/AC:M/Au:N/C:P/I:P/A:P)
CVSS Base Score |
Impact Subscore |
Exploitability Subscore |
6.8/10 |
6.4/10 |
8.6/10 |
Exploit range |
Attack complexity |
Authentication |
Remote |
Medium |
No required |
Confidentiality impact |
Integrity impact |
Availability impact |
Partial |
Partial |
Partial |
References: |
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-1120
|
|
|
closedb();
?>
Copyright 2024, cxsecurity.com
|
|
|