Improper Cookie Verification in Cisco Unified MeetingPlace Web Conferencing Server (Bug ID CSCuc64846)

Improper Cookie Verification in Cisco Unified MeetingPlace Web Conferencing Server (Bug ID CSCuc64846)

CVE-2013-1169 · HIGH Severity

AV:N/AC:M/AU:N/C:C/I:C/A:C

Cisco Unified MeetingPlace Web Conferencing Server 7.x before 7.1MR1 Patch 2, 8.0 before 8.0MR1 Patch 2, and 8.5 before 8.5MR3 Patch 1, when the Remember Me option is used, does not properly verify cookies, which allows remote attackers to impersonate users via a crafted login request, aka Bug ID CSCuc64846.

Learn more about our Web App Pen Testing.