Vulnerability Description
meetinginfo.do in Cisco WebEx Event Center, WebEx Meeting Center, WebEx Sales Center, WebEx Training Center, WebEx Meetings Server 1.5(.1.131) and earlier, and WebEx Business Suite (WBS) 27 before 27.32.31.16, 28 before 28.12.13.18, and 29 before 29.5.1.12 allows remote attackers to obtain sensitive meeting information by leveraging knowledge of a meeting identifier, aka Bug IDs CSCuo68624 and CSCue46738.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Cisco | Webex Business Suite | 27.0 |
| Cisco | Webex Event Center | - |
| Cisco | Webex Meeting Center | - |
| Cisco | Webex Meetings Server | <= 1.5\(.1.131\) |
| Cisco | Webex Sales Center | - |
| Cisco | Webex Training Center | - |
Related Weaknesses (CWE)
References
- http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-2199Vendor Advisory
- http://tools.cisco.com/security/center/viewAlert.x?alertId=34252Vendor Advisory
- http://www.securitytracker.com/id/1030251Third Party AdvisoryVDB Entry
- http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-2199Vendor Advisory
- http://tools.cisco.com/security/center/viewAlert.x?alertId=34252Vendor Advisory
- http://www.securitytracker.com/id/1030251Third Party AdvisoryVDB Entry
FAQ
What is CVE-2014-2199?
CVE-2014-2199 is a vulnerability with a CVSS score of 5.0 (MEDIUM). meetinginfo.do in Cisco WebEx Event Center, WebEx Meeting Center, WebEx Sales Center, WebEx Training Center, WebEx Meetings Server 1.5(.1.131) and earlier, and WebEx Business Suite (WBS) 27 before 27....
How severe is CVE-2014-2199?
CVE-2014-2199 has been rated MEDIUM with a CVSS base score of 5.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2014-2199?
Check the references section above for vendor advisories and patch information. Affected products include: Cisco Webex Business Suite, Cisco Webex Event Center, Cisco Webex Meeting Center, Cisco Webex Meetings Server, Cisco Webex Sales Center.