Lucene search

CiscoCVE-2014-3301

HistoryJul 26, 2014 - 11:11 a.m.

CVE-2014-3301

2014-07-2611:11:57

CWE-200

cisco

web.nvd.nist.gov

cisco

webex

meetings server

cve-2014-3301

bug id cscuj81700

information security

vulnerability

remote attack

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

AI Score

6.4

Confidence

Low

EPSS

0.003

Percentile

70.1%

JSON

The ProfileAction controller in Cisco WebEx Meetings Server (CWMS) 1.5(.1.131) and earlier allows remote attackers to obtain sensitive information by reading stack traces in returned messages, aka Bug ID CSCuj81700.

Affected configurations

Nvd

Node

ciscowebex_meetings_serverRange≤1.5\(.1.131\)

ciscowebex_meetings_serverMatch1.5

ciscowebex_meetings_serverMatch1.5\(.1.6\)

VendorProductVersionCPE
ciscowebex_meetings_server*cpe:2.3:a:cisco:webex_meetings_server:*:*:*:*:*:*:*:*
ciscowebex_meetings_server1.5cpe:2.3:a:cisco:webex_meetings_server:1.5:*:*:*:*:*:*:*
ciscowebex_meetings_server1.5(.1.6)cpe:2.3:a:cisco:webex_meetings_server:1.5\(.1.6\):*:*:*:*:*:*:*

Vendor	Product	Version	CPE
cisco	webex_meetings_server	*	cpe:2.3:a:cisco:webex_meetings_server::::::::
cisco	webex_meetings_server	1.5	cpe:2.3:a:cisco:webex_meetings_server:1.5:::::::*
cisco	webex_meetings_server	1.5(.1.6)	cpe:2.3:a:cisco:webex_meetings_server:1.5\(.1.6\):::::::*

References

secunia.com/advisories/60573

tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3301

tools.cisco.com/security/center/viewAlert.x?alertId=35040

www.securityfocus.com/bid/68894

www.securitytracker.com/id/1030642

exchange.xforce.ibmcloud.com/vulnerabilities/94895

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

AI Score

6.4

Confidence

Low

EPSS

0.003

Percentile

70.1%

JSON

Related for CVE-2014-3301