Boletines de Vulnerabilidades

Cisco Prime Central for Hosted Collaboration Solution Assurance Unauthenticated Username and Password Enumeration Vulnerability

Información sobre el sistema
   
Software afectado Cisco

Descripción
A vulnerability in the web framework of Cisco Prime Central for Hosted Collaboration Solution (HCS) Assurance could allow an unauthenticated, remote attacker to access sensitive information on the system.The vulnerability is due to improper user authentication and inadequate session management. An unauthenticated, remote attacker could exploit this vulnerability by submitting a crafted HTTP request to the web user interface. Successful exploitation of this vulnerability may reveal sensitive

More info:

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130918-pc?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20Prime%20Central%20for%20Hosted%20Collaboration%20Solution%20Assurance%2

Identificadores estándar
Propiedad Valor
CVE CVE-2013-3473.

Histórico de versiones
Versión Comentario Fecha
1.0 Advisory issued 2013-09-19

Miembros de

CERT
FIRST
TF-CSIRT
EGC Group
UE
Red Nacional de SOC
Foro Nacional de Ciberseguridad
CSIRT.es
Ministerio de Defensa
CNI
CCN
CCN-CERT