Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2014-2193

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2014-2193
Last Modified 20 May 2014 09:56:11
Published 20 May 2014 07:13:37
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2014-2193

Summary

Cisco Unified Web and E-Mail Interaction Manager places session identifiers in GET requests, which allows remote attackers to inject conversation text by obtaining a valid identifier, aka Bug ID CSCuj43084.

Vulnerable Systems

Application

  • Cisco Unified Web And E-mail Interaction Manager -


References

CISCO - 20140519 Cisco Unified Web and E-Mail Interaction Manager Broken Authentication Vulnerability


Last Updated: 27 May 2016 11:05:20