Lucene search

[email protected]CVE-2014-3301

HistoryJul 26, 2014 - 11:11 a.m.

CVE-2014-3301

2014-07-2611:11:57

CWE-200

[email protected]

web.nvd.nist.gov

cisco

webex

meetings server

cve-2014-3301

bug id cscuj81700

information security

vulnerability

remote attack

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

6.4 Medium

AI Score

Confidence

Low

0.003 Low

EPSS

Percentile

70.1%

JSON

The ProfileAction controller in Cisco WebEx Meetings Server (CWMS) 1.5(.1.131) and earlier allows remote attackers to obtain sensitive information by reading stack traces in returned messages, aka Bug ID CSCuj81700.

Affected configurations

NVD

Node

ciscowebex_meetings_serverRange≤1.5\(.1.131\)

ciscowebex_meetings_serverMatch1.5

ciscowebex_meetings_serverMatch1.5\(.1.6\)

CPENameOperatorVersion
cisco:webex_meetings_servercisco webex meetings serverle1.5\(.1.131\)
cisco:webex_meetings_servercisco webex meetings servereq1.5
cisco:webex_meetings_servercisco webex meetings servereq1.5\(.1.6\)

CPE	Name	Operator	Version
cisco:webex_meetings_server	cisco webex meetings server	le	1.5\(.1.131\)
cisco:webex_meetings_server	cisco webex meetings server	eq	1.5
cisco:webex_meetings_server	cisco webex meetings server	eq	1.5\(.1.6\)

References

secunia.com/advisories/60573

tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3301

tools.cisco.com/security/center/viewAlert.x?alertId=35040

www.securityfocus.com/bid/68894

www.securitytracker.com/id/1030642

exchange.xforce.ibmcloud.com/vulnerabilities/94895

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

6.4 Medium

AI Score

Confidence

Low

0.003 Low

EPSS

Percentile

70.1%

JSON

Related for CVE-2014-3301

nvd1 cisco1 prion1 cvelist1