Lucene search

[email protected]NVD:CVE-2014-3304

HistoryJul 28, 2014 - 5:55 p.m.

CVE-2014-3304

2014-07-2817:55:07

CWE-200

[email protected]

web.nvd.nist.gov

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

AI Score

6.6

Confidence

Low

EPSS

0.002

Percentile

53.4%

JSON

The OutlookAction Class in Cisco WebEx Meetings Server allows remote attackers to enumerate user accounts by entering crafted URLs and examining the returned messages, aka Bug ID CSCuj81722.

Affected configurations

Nvd

Node

ciscowebex_meetings_serverMatch-

VendorProductVersionCPE
ciscowebex_meetings_server-cpe:2.3:a:cisco:webex_meetings_server:-:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
cisco	webex_meetings_server	-	cpe:2.3:a:cisco:webex_meetings_server:-:::::::*

References

tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3304

www.securityfocus.com/bid/68911

www.securitytracker.com/id/1030641

exchange.xforce.ibmcloud.com/vulnerabilities/94880

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

AI Score

6.6

Confidence

Low

EPSS

0.002

Percentile

53.4%

JSON

Related for NVD:CVE-2014-3304

cvelist1 cisco1 prion1 cve1