Lucene search

[email protected]CVE-2014-8030

HistoryJan 09, 2015 - 2:59 a.m.

CVE-2014-8030

2015-01-0902:59:06

CWE-79

[email protected]

web.nvd.nist.gov

cve-2014-8030

cross-site scripting

xss

cisco webex meetings server

vulnerability

nvd

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

5.9 Medium

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

65.5%

JSON

Cross-site scripting (XSS) vulnerability in sendPwMail.do in Cisco WebEx Meetings Server allows remote attackers to inject arbitrary web script or HTML via the email parameter, aka Bug ID CSCuj40381.

Affected configurations

NVD

Node

ciscowebex_meetings_serverMatch-

CPENameOperatorVersion
cisco:webex_meetings_servercisco webex meetings servereq-

CPE	Name	Operator	Version
cisco:webex_meetings_server	cisco webex meetings server	eq	-

References

secunia.com/advisories/62163

tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-8030

www.securityfocus.com/bid/71945

www.securitytracker.com/id/1031517

exchange.xforce.ibmcloud.com/vulnerabilities/100574

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

5.9 Medium

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

65.5%

JSON

Related for CVE-2014-8030

prion1 cvelist1 nvd1 cisco1