CVE-2013-1128Cross-Site Request Forgery in Cisco Unified Meetingplace

CWE-352Cross-Site Request Forgery5 documents5 sources
Severity
6.8MEDIUMNVD
EPSS
0.1%
top 68.09%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Cisco Unified Meetingplace
Timeline
PublishedFeb 15
Latest updateMay 17

Description

Multiple cross-site request forgery (CSRF) vulnerabilities in the server in Cisco Unified MeetingPlace before 7.1(2.2000) allow remote attackers to hijack the authentication of unspecified victims via unknown vectors, aka Bug ID CSCuc64903. NOTE: some of these details are obtained from third party information.

CVSS vector

AV:N/AC:M/C:P/I:P/A:PExploitability: 8.6 | Impact: 6.4

Affected Packages1 packages

🔴Vulnerability Details

2
GHSA
GHSA-qmw9-3g8j-h73f: Multiple cross-site request forgery (CSRF) vulnerabilities in the server in Cisco Unified MeetingPlace before 72022-05-17
CVEList
CVE-2013-1128: Multiple cross-site request forgery (CSRF) vulnerabilities in the server in Cisco Unified MeetingPlace before 72013-02-15

💥Exploits & PoCs

1
Exploit-DB
SAP NetWeaver Message Server - Multiple Vulnerabilities2013-02-17

📋Vendor Advisories

1
Cisco
Cisco Unified MeetingPlace Server Cross-Site Request Forgery Vulnerability2013-02-13
CVE-2013-1128 — Cross-Site Request Forgery in Cisco | cvebase