CVE-2013-1205 : The Event Center module in Cisco WebEx Meetings Server does not perform request

The Event Center module in Cisco WebEx Meetings Server does not perform request authentication in all intended circumstances, which allows remote attackers to discover host keys and event passwords via crafted URLs, aka Bug ID CSCue62485.

Published 2013-06-06 13:02:13

Updated 2025-04-11 00:51:22

Source Cisco Systems, Inc.

View at NVD, CVE.org

Products affected by CVE-2013-1205

Cisco » Webex Meetings Server » Version: N/A
cpe:2.3:a:cisco:webex_meetings_server:-:*:*:*:*:*:*:*
Matching versions

Exploit prediction scoring system (EPSS) score for CVE-2013-1205

EPSS FAQ

0.31%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 51 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2013-1205

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source	First Seen
4.3	MEDIUM	AV:N/AC:M/Au:N/C:P/I:N/A:N	8.6	2.9	NIST
Access Vector: Network Access Complexity: Medium Authentication: None Confidentiality Impact: Partial Integrity Impact: None Availability Impact: None

CWE ids for CVE-2013-1205

CWE-287 Improper Authentication

When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.

Assigned by: nvd@nist.gov (Primary)

References for CVE-2013-1205

http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-1205

Cisco WebEx Meetings Server Information Disclosure Vulnerability
Vendor Advisory

Jump to

Vulnerability Details : CVE-2013-1205

Products affected by CVE-2013-1205

Exploit prediction scoring system (EPSS) score for CVE-2013-1205

CVSS scores for CVE-2013-1205

CWE ids for CVE-2013-1205

References for CVE-2013-1205