CVE-2014-3304

Опубликовано: 28 июл. 2014

Источник: nvd

CVSS2: 5

EPSS Низкий

Описание

The OutlookAction Class in Cisco WebEx Meetings Server allows remote attackers to enumerate user accounts by entering crafted URLs and examining the returned messages, aka Bug ID CSCuj81722.

Ссылки

http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3304
Vendor Advisory
http://www.securityfocus.com/bid/68911
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1030641
Third Party Advisory
VDB Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/94880
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3304
Vendor Advisory
http://www.securityfocus.com/bid/68911
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1030641
Third Party Advisory
VDB Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/94880

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:cisco:webex_meetings_server:-:*:*:*:*:*:*:*

EPSS

Процентиль: 65%

0.00483

Низкий

5 Medium

CVSS2

Дефекты

CWE-200

Связанные уязвимости

GHSA-r4wj-9rr4-6rpr

github

больше 3 лет назад