4

CVE-2014-3303

EPSS 0.38%
Veröffentlicht 28.07.2014 17:55:07
Zuletzt bearbeitet 12.04.2025 10:46:40
Quelle psirt@cisco.com
CVE-Watchlists
Login
Unerledigt
Login

The web framework in Cisco WebEx Meetings Server does not properly restrict the content of query strings, which allows remote attackers to obtain sensitive information by reading (1) web-server access logs, (2) web-server Referer logs, or (3) the browser history, aka Bug ID CSCuj81713.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 7

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Cisco ≫ Webex Meetings Server Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.38%	0.567

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	4	8	2.9	AV:N/AC:L/Au:S/C:P/I:N/A:N

CWE-200 Exposure of Sensitive Information to an Unauthorized Actor

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3303

Vendor Advisory

http://www.securityfocus.com/bid/68910

Third Party Advisory

VDB Entry

http://www.securitytracker.com/id/1030645

Third Party Advisory

VDB Entry

https://exchange.xforce.ibmcloud.com/vulnerabilities/94893

https://nvd.nist.gov/vuln/detail/CVE-2014-3303

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2014-3303

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2014-3303

EUVD