Cisco WebEx One-Click Password Disclosure

Medium Nessus Plugin ID 69275


The remote host has software installed that stores credentials in an insecure fashion.


The remote host has a version of Cisco WebEx One-Click installed that stores credentials in the registry using a key that can be easily derived.


Configure the software to not remember passwords.

See Also

Plugin Details

Severity: Medium

ID: 69275

File Name: webex_oneclick_password_disclosure.nasl

Version: $Revision: 1.1 $

Type: local

Agent: windows

Family: Windows

Published: 2013/08/08

Modified: 2013/08/09

Dependencies: 69274

Risk Information

Risk Factor: Medium


Base Score: 4.9

Temporal Score: 4.7

Vector: CVSS2#AV:L/AC:L/Au:N/C:C/I:N/A:N

Temporal Vector: CVSS2#E:F/RL:U/RC:ND

Vulnerability Information

CPE: x-cpe:/a:webex:oneclick

Required KB Items: SMB/WebEx_OneClick/Installed

Exploit Available: true

Exploit Ease: Exploits are available

Vulnerability Publication Date: 2013/07/09

Reference Information

BID: 61304

OSVDB: 95379