| Vulnerability Name: | CVE-2014-2199 (CCN-93172) | ||||||||
| Assigned: | 2014-05-15 | ||||||||
| Published: | 2014-05-15 | ||||||||
| Updated: | 2016-09-07 | ||||||||
| Summary: | meetinginfo.do in Cisco WebEx Event Center, WebEx Meeting Center, WebEx Sales Center, WebEx Training Center, WebEx Meetings Server 1.5(.1.131) and earlier, and WebEx Business Suite (WBS) 27 before 27.32.31.16, 28 before 28.12.13.18, and 29 before 29.5.1.12 allows remote attackers to obtain sensitive meeting information by leveraging knowledge of a meeting identifier, aka Bug IDs CSCuo68624 and CSCue46738. | ||||||||
| CVSS v3 Severity: | 5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)
| ||||||||
| CVSS v2 Severity: | 5.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N) 3.7 Low (Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N/E:U/RL:OF/RC:C)
3.7 Low (CCN Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N/E:U/RL:OF/RC:C)
| ||||||||
| Vulnerability Type: | CWE-200 | ||||||||
| Vulnerability Consequences: | Obtain Information | ||||||||
| References: | Source: MITRE Type: CNA CVE-2014-2199 Source: CCN Type: Cisco Security Notice WebEx Meeting Information Disclosure Vulnerability in meetinginfo.do Source: CISCO Type: Vendor Advisory 20140515 WebEx Meeting Information Disclosure Vulnerability in meetinginfo.do Source: CONFIRM Type: Vendor Advisory http://tools.cisco.com/security/center/viewAlert.x?alertId=34252 Source: CCN Type: BID-67424 Cisco WebEx Business Suite 'meetinginfo.do' Information Disclosure Vulnerability Source: SECTRACK Type: Third Party Advisory, VDB Entry 1030251 Source: XF Type: UNKNOWN cisco-webex-cve20142199-info-disc(93172) | ||||||||
| Vulnerable Configuration: | Configuration 1: Denotes that component is vulnerable | ||||||||
| BACK | |||||||||