CVE-2013-6687

{"id": "CVE-2013-6687", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 4.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N", "authentication": "SINGLE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2014-01-16T19:55:04.560", "references": [{"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-6687", "tags": ["Vendor Advisory"], "source": "ykramarz@cisco.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-255"}]}], "descriptions": [{"lang": "en", "value": "The web portal in the Enterprise License Manager component in Cisco WebEx Meetings Server allows remote authenticated users to discover the cleartext administrative password by reading HTML source code, aka Bug ID CSCul33876."}, {"lang": "es", "value": "El portal web del componente Enterprise License Manager de Cisco WebEx Meetings Server permite a usuarios autenticados remotamente descubrir la contrase\u00f1a administrativa en claro mediante la lectura de c\u00f3digo HTML, tambi\u00e9n conocido como Bug ID CSCul33876."}], "lastModified": "2014-01-17T15:12:05.330", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:cisco:webex_meetings_server:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9FE5F3F6-C7AE-4384-B58D-F0506719E35C"}], "operator": "OR"}]}], "sourceIdentifier": "ykramarz@cisco.com"}