CVE-2013-1168
published 2013-04-11CVE-2013-1168: The web server in Cisco Unified MeetingPlace Application Server 7.x before 7.1MR1 Patch 2, 8.0 before 8.0MR1 Patch 1, and 8.5 before 8.5MR3 Patch 1 does not…
high7.6CVSS 3.1
AVNACHAuNCCICAC
The web server in Cisco Unified MeetingPlace Application Server 7.x before 7.1MR1 Patch 2, 8.0 before 8.0MR1 Patch 1, and 8.5 before 8.5MR3 Patch 1 does not invalidate a session upon a logout action, which makes it easier for remote attackers to hijack sessions by leveraging knowledge of a session cookie, aka Bug ID CSCuc64885.
Affected
11 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| cisco | unified_meetingplace | — | — |
| cisco | unified_meetingplace | — | — |
| cisco | unified_meetingplace | — | — |
| cisco | unified_meetingplace | — | — |
| cisco | unified_meetingplace | — | — |
| cisco | unified_meetingplace | — | — |
| cisco | unified_meetingplace | — | — |
| cisco | unified_meetingplace | — | — |
| cisco | unified_meetingplace | — | — |
| cisco | unified_meetingplace | — | — |
| cisco | unified_meetingplace_solution | — | — |