EUVD-2014-3317

Malware in sbrugna...

Cisco WebEx Meetings Server Password Encryption Vulnerability

A vulnerability in the OutlookAction LI of Cisco WebEx Meetings Server could allow an authenticated, remote attacker to generate sensitive encrypted values. The vulnerability is due to the return of a user's encrypted password. An attacker could exploit this vulnerability by generating these...

Design/Logic Flaw

The OutlookAction LI in Cisco WebEx Meetings Server allows remote authenticated users to obtain sensitive encrypted-password information via unspecified vectors, aka Bug IDs CSCuj40453 and CSCuj40449...

CVE-2014-8032

CVE-2014-8032 concerns Cisco WebEx Meetings Server where the OutlookAction LI may disclose a user’s encrypted password to an authenticated remote attacker. The Cisco advisory states the issue arises from the server returning encrypted password values and that authenticated access (potentially on ...

CVE-2014-8032

The OutlookAction LI in Cisco WebEx Meetings Server allows remote authenticated users to obtain sensitive encrypted-password information via unspecified vectors, aka Bug IDs CSCuj40453 and CSCuj40449...

Cisco WebEx Meetings Server OutlookAction Class Vulnerability

A vulnerability in the OutlookAction Class of Cisco WebEx Meetings Server could allow an unauthenticated, remote attacker to enumerate valid user accounts. The vulnerability is due to improper sanitization of a returned message. An attacker could exploit this vulnerability by sending crafted URL...

CVE-2014-3304

Cisco WebEx Meetings Server’s OutlookAction Class is vulnerable to unauthenticated remote enumeration of valid user accounts through crafted URL requests due to improper sanitization of returned messages (Bug ID CSCuj81722). The Cisco advisory notes that software updates are not available to fix ...

CVE-2014-3304

The OutlookAction Class in Cisco WebEx Meetings Server allows remote attackers to enumerate user accounts by entering crafted URLs and examining the returned messages, aka Bug ID CSCuj81722...