Vulnerability CVE-2014-2199

Vulnerability CVE-2014-2199

Published: 2014-05-20

Description:

meetinginfo.do in Cisco WebEx Event Center, WebEx Meeting Center, WebEx Sales Center, WebEx Training Center, WebEx Meetings Server 1.5(.1.131) and earlier, and WebEx Business Suite (WBS) 27 before 27.32.31.16, 28 before 28.12.13.18, and 29 before 29.5.1.12 allows remote attackers to obtain sensitive meeting information by leveraging knowledge of a meeting identifier, aka Bug IDs CSCuo68624 and CSCue46738.

CVSS2 => (AV:N/AC:L/Au:N/C:P/I:N/A:N)

CVSS Base Score	Impact Subscore	Exploitability Subscore
5/10	2.9/10	10/10

Exploit range	Attack complexity	Authentication
Remote	Low	No required
Confidentiality impact	Integrity impact	Availability impact
Partial	None	None

Affected software
Cisco -> Webex business suite
Cisco -> Webex event center
Cisco -> Webex meeting center
Cisco -> Webex meetings server
Cisco -> Webex sales center
Cisco -> Webex training center

References:

http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-2199

http://tools.cisco.com/security/center/viewAlert.x?alertId=34252

http://www.securitytracker.com/id/1030251

Copyright 2024, cxsecurity.com