Vulnerability Name:

CVE-2014-0691 (CCN-134097)

Assigned:2014-01-02
Published:2014-01-02
Updated:2017-11-14
Summary:Cisco WebEx Meetings Server before 1.1 uses meeting IDs with insufficient entropy, which makes it easier for remote attackers to bypass authentication and join arbitrary meetings without a password, aka Bug ID CSCuc79643.
CVSS v3 Severity:7.3 High (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)
6.4 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:U/RL:O/RC:C)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): Low
Integrity (I): Low
Availibility (A): Low
5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)
4.6 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:U/RL:O/RC:C)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): Low
Availibility (A): None
CVSS v2 Severity:5.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): None
Availibility (A): None
5.0 Medium (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): Partial
Availibility (A): None
Vulnerability Type:CWE-331
Vulnerability Consequences:Bypass Security
References:Source: MITRE
Type: CNA
CVE-2014-0691

Source: XF
Type: UNKNOWN
cisco-cve20140691-sec-bypass(134097)

Source: CCN
Type: Cisco Web site
Release Notes for Cisco WebEx Meetings Server Release 1.1

Source: CONFIRM
Type: Release Notes, Vendor Advisory
https://www.cisco.com/c/en/us/td/docs/collaboration/CWMS/1_1/b_Release_Notes.html

Vulnerable Configuration:Configuration 1:
  • cpe:/a:cisco:webex_meetings_server:*:*:*:*:*:*:*:* (Version <= 1.0)

  • Configuration CCN 1:
  • cpe:/a:cisco:webex_meetings_server:*:*:*:*:*:*:*:*

  • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:org.opensuse.security:def:20140691
    V
    CVE-2014-0691
    2022-09-02
    oval:org.opensuse.security:def:124107
    P
    kernel-default-4.12.14-94.41.1 on GA media (Moderate)
    2022-06-28
    oval:org.opensuse.security:def:123709
    P
    kernel-default-4.12.14-94.41.1 on GA media (Moderate)
    2022-06-28
    oval:org.opensuse.security:def:1
    P
    Mesa-20.2.4-57.13 on GA media (Moderate)
    2022-06-13
    oval:org.opensuse.security:def:103
    P
    libXdmcp-devel-1.1.2-1.23 on GA media (Moderate)
    2022-06-13
    oval:org.opensuse.security:def:112505
    P
    kernel-debug-4.8.13-1.1 on GA media (Moderate)
    2022-01-17
    oval:org.opensuse.security:def:105998
    P
    kernel-debug-4.8.13-1.1 on GA media (Moderate)
    2021-10-01
    oval:org.opensuse.security:def:47300
    P
    kernel-default-4.4.73-5.1 on GA media (Moderate)
    2021-08-16
    oval:org.opensuse.security:def:87697
    P
    kernel-default-4.12.14-94.41.1 on GA media (Moderate)
    2021-08-16
    oval:org.opensuse.security:def:13859
    P
    kernel-default-4.4.21-69.1 on GA media (Moderate)
    2021-08-16
    oval:org.opensuse.security:def:47656
    P
    kernel-default-4.12.14-94.41.1 on GA media (Moderate)
    2021-08-16
    oval:org.opensuse.security:def:14180
    P
    kernel-default-4.4.73-5.1 on GA media (Moderate)
    2021-08-16
    oval:org.opensuse.security:def:80389
    P
    kernel-default-4.4.21-69.1 on GA media (Moderate)
    2021-08-16
    oval:org.opensuse.security:def:46979
    P
    kernel-default-4.4.21-69.1 on GA media (Moderate)
    2021-08-16
    oval:org.opensuse.security:def:14536
    P
    kernel-default-4.12.14-94.41.1 on GA media (Moderate)
    2021-08-16
    oval:org.opensuse.security:def:83606
    P
    kernel-default-4.4.73-5.1 on GA media (Moderate)
    2021-08-16
    oval:org.opensuse.security:def:1768
    P
    Security update for bluez (Moderate)
    2021-07-12
    oval:org.opensuse.security:def:15970
    P
    kernel-docs-4.4.21-69.1 on GA media (Moderate)
    2021-06-08
    oval:org.opensuse.security:def:48915
    P
    kernel-default-extra-4.12.14-94.41.1 on GA media (Moderate)
    2021-06-08
    oval:org.opensuse.security:def:13569
    P
    kernel-default-3.12.49-11.1 on GA media (Moderate)
    2021-06-08
    oval:org.opensuse.security:def:11843
    P
    kernel-default-4.4.21-69.1 on GA media (Moderate)
    2021-06-08
    oval:org.opensuse.security:def:77790
    P
    kernel-default-4.12.14-94.41.1 on GA media (Moderate)
    2021-06-08
    oval:org.opensuse.security:def:1979
    P
    reiserfs-kmp-default-4.12.14-23.1 on GA media (Moderate)
    2021-06-08
    oval:org.opensuse.security:def:17059
    P
    kernel-default-extra-3.12.49-11.1 on GA media (Moderate)
    2021-06-08
    oval:org.opensuse.security:def:63103
    P
    kernel-default-livepatch-4.12.14-23.1 on GA media (Moderate)
    2021-06-08
    oval:org.opensuse.security:def:15333
    P
    kernel-default-4.4.21-69.1 on GA media (Moderate)
    2021-06-08
    oval:org.opensuse.security:def:48728
    P
    kernel-default-extra-3.12.49-11.1 on GA media (Moderate)
    2021-06-08
    oval:org.opensuse.security:def:12778
    P
    cluster-md-kmp-default-4.4.73-5.1 on GA media (Moderate)
    2021-06-08
    oval:org.opensuse.security:def:46447
    P
    kernel-default-3.12.28-4.3 on GA media (Moderate)
    2021-06-08
    oval:org.opensuse.security:def:36428
    P
    kernel-docs-3.0.101-63.1 on GA media (Moderate)
    2021-06-08
    oval:org.opensuse.security:def:76862
    P
    kernel-default-3.12.49-11.1 on GA media (Moderate)
    2021-06-08
    oval:org.opensuse.security:def:16203
    P
    kernel-docs-4.4.73-5.1 on GA media (Moderate)
    2021-06-08
    oval:org.opensuse.security:def:61192
    P
    kernel-default-4.12.14-23.1 on GA media (Moderate)
    2021-06-08
    oval:org.opensuse.security:def:12155
    P
    kernel-default-4.4.73-5.1 on GA media (Moderate)
    2021-06-08
    oval:org.opensuse.security:def:70933
    P
    kernel-default-4.12.14-23.1 on GA media (Moderate)
    2021-06-08
    oval:org.opensuse.security:def:2014
    P
    kernel-default-livepatch-4.12.14-23.1 on GA media (Moderate)
    2021-06-08
    oval:org.opensuse.security:def:124467
    P
    kernel-docs-4.12.14-94.41.1 on GA media (Moderate)
    2021-06-08
    oval:org.opensuse.security:def:17112
    P
    kernel-default-extra-4.4.21-69.1 on GA media (Moderate)
    2021-06-08
    oval:org.opensuse.security:def:63543
    P
    kernel-default-extra-4.12.14-23.1 on GA media (Moderate)
    2021-06-08
    oval:org.opensuse.security:def:15587
    P
    kernel-docs-3.12.28-4.6 on GA media (Moderate)
    2021-06-08
    oval:org.opensuse.security:def:48781
    P
    kernel-default-extra-4.4.21-69.1 on GA media (Moderate)
    2021-06-08
    oval:org.opensuse.security:def:12788
    P
    cluster-md-kmp-default-4.12.14-94.41.1 on GA media (Moderate)
    2021-06-08
    oval:org.opensuse.security:def:46689
    P
    kernel-default-3.12.49-11.1 on GA media (Moderate)
    2021-06-08
    oval:org.opensuse.security:def:11328
    P
    kernel-default-3.12.28-4.6 on GA media (Moderate)
    2021-06-08
    oval:org.opensuse.security:def:77139
    P
    kernel-default-4.4.21-69.1 on GA media (Moderate)
    2021-06-08
    oval:org.opensuse.security:def:16461
    P
    kernel-docs-4.12.14-94.41.1 on GA media (Moderate)
    2021-06-08
    oval:org.opensuse.security:def:62857
    P
    kernel-docs-4.12.14-23.1 on GA media (Moderate)
    2021-06-08
    oval:org.opensuse.security:def:48453
    P
    kernel-default-4.4.21-69.1 on GA media (Moderate)
    2021-06-08
    oval:org.opensuse.security:def:12494
    P
    kernel-default-4.12.14-94.41.1 on GA media (Moderate)
    2021-06-08
    oval:org.opensuse.security:def:72576
    P
    kernel-docs-4.12.14-23.1 on GA media (Moderate)
    2021-06-08
    oval:org.opensuse.security:def:2454
    P
    kernel-default-extra-4.12.14-23.1 on GA media (Moderate)
    2021-06-08
    oval:org.opensuse.security:def:124707
    P
    kernel-default-extra-4.12.14-94.41.1 on GA media (Moderate)
    2021-06-08
    oval:org.opensuse.security:def:17176
    P
    kernel-default-extra-4.4.73-5.1 on GA media (Moderate)
    2021-06-08
    oval:org.opensuse.security:def:15766
    P
    kernel-docs-3.12.49-11.1 on GA media (Moderate)
    2021-06-08
    oval:org.opensuse.security:def:48845
    P
    kernel-default-extra-4.4.73-5.1 on GA media (Moderate)
    2021-06-08
    oval:org.opensuse.security:def:13327
    P
    kernel-default-3.12.28-4.3 on GA media (Moderate)
    2021-06-08
    oval:org.opensuse.security:def:11566
    P
    kernel-default-3.12.49-11.1 on GA media (Moderate)
    2021-06-08
    oval:org.opensuse.security:def:77451
    P
    kernel-default-4.4.73-5.1 on GA media (Moderate)
    2021-06-08
    oval:org.opensuse.security:def:123983
    P
    cluster-md-kmp-default-4.12.14-94.41.1 on GA media (Moderate)
    2021-06-08
    oval:org.opensuse.security:def:17009
    P
    kernel-default-extra-3.12.28-4.6 on GA media (Moderate)
    2021-06-08
    oval:org.opensuse.security:def:63068
    P
    reiserfs-kmp-default-4.12.14-23.1 on GA media (Moderate)
    2021-06-08
    oval:org.opensuse.security:def:48678
    P
    kernel-default-extra-3.12.28-4.6 on GA media (Moderate)
    2021-06-08
    oval:org.opensuse.security:def:12768
    P
    cluster-md-kmp-default-4.4.21-69.1 on GA media (Moderate)
    2021-06-08
    oval:org.opensuse.security:def:42571
    P
    kernel-default-3.0.101-63.1 on GA media (Moderate)
    2021-06-08
    oval:org.opensuse.security:def:36164
    P
    kernel-default-3.0.101-63.1 on GA media (Moderate)
    2021-06-08
    oval:org.opensuse.security:def:76624
    P
    kernel-default-3.12.28-4.6 on GA media (Moderate)
    2021-06-08
    oval:org.opensuse.security:def:17246
    P
    kernel-default-extra-4.12.14-94.41.1 on GA media (Moderate)
    2021-06-08
    BACK
    cisco webex meetings server *
    cisco webex meetings server *