Lucene search
CiscoCVE-2014-8024HistoryDec 23, 2014 - 2:59 a.m.
CVE-2014-8024
2014-12-2302:59:04
CWE-200
cisco
web.nvd.nist.gov
17
cisco
jabber
api
guest server
security vulnerability
cve-2014-8024
nvd
http
cors
bug id cscus19789
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:N/A:N
AI Score
6.4
Confidence
Low
EPSS
0.003
Percentile
70.6%
The API in the Guest Server in Cisco Jabber, when the HTML5 CORS feature is used, allows remote attackers to obtain sensitive information by sniffing the network during an HTTP (1) GET or (2) POST request, aka Bug ID CSCus19789.
Affected configurations
Node
ciscojabber_guest
| Vendor | Product | Version | CPE |
|---|---|---|---|
| cisco | jabber_guest | * | cpe:2.3:a:cisco:jabber_guest:*:*:*:*:*:*:*:* |
Related
prion
prion
Design/Logic Flaw
2014-12-23 02:59:00
cisco
cisco
Cisco Jabber Guest Server HTML5 Information Disclosure Vulnerability
2015-01-06 21:47:41
nvd
nvd
CVE-2014-8024
2014-12-23 02:59:04
cvelist
cvelist
CVE-2014-8024
2014-12-23 02:00:00
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:N/A:N
AI Score
6.4
Confidence
Low
EPSS
0.003
Percentile
70.6%
Related for CVE-2014-8024