Webex Meetings Server@- Security Vulnerabilities and Issues — Webex Meetings Server@- CVE List

Lucene search

CiscoWebex Meetings Server-

10 matches found

CVE•added 2014/07/28 5:55 p.m.•50 views

CVE-2014-3303

The web framework in Cisco WebEx Meetings Server does not properly restrict the content of query strings, which allows remote attackers to obtain sensitive information by reading (1) web-server access logs, (2) web-server Referer logs, or (3) the browser history, aka Bug ID CSCuj81713.

4CVSS6.4AI score0.00384EPSS

CVE•added 2014/06/10 11:19 a.m.•44 views

CVE-2014-3294

Cisco WebEx Meeting Server does not properly restrict the content of URLs, which allows remote authenticated users to obtain sensitive information by reading (1) web-server access logs, (2) web-server Referer logs, or (3) the browser history, aka Bug ID CSCuj81691.

4CVSS6AI score0.00279EPSS

CVE•added 2014/01/29 6:34 p.m.•42 views

CVE-2014-0682

Cisco WebEx Meetings Server allows remote authenticated users to bypass authorization checks and (1) join arbitrary meetings, or (2) terminate a meeting without having a host role, via a crafted URL, aka Bug ID CSCuj42346.

4.9CVSS6.5AI score0.00814EPSS

CVE•added 2014/06/08 4:55 p.m.•39 views

CVE-2014-3286

The web framework in Cisco WebEx Meeting Server does not properly restrict the content of reply messages, which allows remote attackers to obtain sensitive information via a crafted URL, aka Bug IDs CSCuj81685, CSCuj81688, CSCuj81665, CSCuj81744, and CSCuj81661.

5CVSS6.2AI score0.00348EPSS

CVE•added 2014/04/30 10:49 a.m.•38 views

CVE-2014-2186

Cross-site request forgery (CSRF) vulnerability in the web framework in Cisco WebEx Meetings Server allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCuj81777.

6.8CVSS7.4AI score0.00122EPSS

CVE•added 2014/07/28 5:55 p.m.•38 views

CVE-2014-3304

The OutlookAction Class in Cisco WebEx Meetings Server allows remote attackers to enumerate user accounts by entering crafted URLs and examining the returned messages, aka Bug ID CSCuj81722.

5CVSS6.8AI score0.00483EPSS

CVE•added 2014/07/10 11:6 a.m.•38 views

CVE-2014-3310

The File Transfer feature in WebEx Meetings Client in Cisco WebEx Meetings Server and WebEx Meeting Center does not verify that a requested file was an offered file, which allows remote attackers to read arbitrary files via a modified request, aka Bug IDs CSCup62442 and CSCup58463.

4.3CVSS6.8AI score0.00294EPSS

CVE•added 2014/10/05 1:55 a.m.•37 views

CVE-2014-3400

Cisco WebEx Meetings Server allows remote authenticated users to obtain sensitive information by reading logs, aka Bug IDs CSCuq36417 and CSCuq40344.

4CVSS6AI score0.00162EPSS

CVE•added 2014/01/16 7:55 p.m.•35 views

CVE-2013-6687

The web portal in the Enterprise License Manager component in Cisco WebEx Meetings Server allows remote authenticated users to discover the cleartext administrative password by reading HTML source code, aka Bug ID CSCul33876.

4CVSS6.5AI score0.00162EPSS

CVE•added 2014/07/10 11:6 a.m.•35 views

CVE-2014-3311

Heap-based buffer overflow in the file-sharing feature in WebEx Meetings Client in Cisco WebEx Meetings Server and WebEx Meeting Center allows remote attackers to execute arbitrary code via crafted data, aka Bug IDs CSCup62463 and CSCup58467.

5.1CVSS8.4AI score0.03061EPSS