exploitDog

CVE-2014-3286

Опубликовано: 08 июн. 2014

Источник: nvd

CVSS2: 5

EPSS Низкий

Описание

The web framework in Cisco WebEx Meeting Server does not properly restrict the content of reply messages, which allows remote attackers to obtain sensitive information via a crafted URL, aka Bug IDs CSCuj81685, CSCuj81688, CSCuj81665, CSCuj81744, and CSCuj81661.

Ссылки

http://secunia.com/advisories/58571
Permissions Required
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3286
Vendor Advisory
http://www.securityfocus.com/bid/67922
Third Party Advisory
VDB Entry
http://secunia.com/advisories/58571
Permissions Required
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3286
Vendor Advisory
http://www.securityfocus.com/bid/67922
Third Party Advisory
VDB Entry

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:cisco:webex_meetings_server:-:*:*:*:*:*:*:*

EPSS

Процентиль: 57%

0.00348

Низкий

5 Medium

CVSS2

Дефекты

CWE-264

Связанные уязвимости

GHSA-88qp-r6g8-jj9r

github

больше 3 лет назад

The web framework in Cisco WebEx Meeting Server does not properly restrict the content of reply messages, which allows remote attackers to obtain sensitive information via a crafted URL, aka Bug IDs CSCuj81685, CSCuj81688, CSCuj81665, CSCuj81744, and CSCuj81661.

EPSS

Процентиль: 57%

0.00348

Низкий

5 Medium

CVSS2

Дефекты

CWE-264