CVE-2014-3303

Опубликовано: 28 июл. 2014

Источник: nvd

CVSS2: 4

EPSS Низкий

Описание

The web framework in Cisco WebEx Meetings Server does not properly restrict the content of query strings, which allows remote attackers to obtain sensitive information by reading (1) web-server access logs, (2) web-server Referer logs, or (3) the browser history, aka Bug ID CSCuj81713.

Ссылки

http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3303
Vendor Advisory
http://www.securityfocus.com/bid/68910
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1030645
Third Party Advisory
VDB Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/94893
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3303
Vendor Advisory
http://www.securityfocus.com/bid/68910
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1030645
Third Party Advisory
VDB Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/94893

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:cisco:webex_meetings_server:-:*:*:*:*:*:*:*

EPSS

Процентиль: 59%

0.00384

Низкий

4 Medium

CVSS2

Дефекты

CWE-200

Связанные уязвимости

GHSA-w347-3fwm-wxf3

github

больше 3 лет назад