Vulnerability Description
The web framework in Cisco WebEx Meeting Server does not properly restrict the content of reply messages, which allows remote attackers to obtain sensitive information via a crafted URL, aka Bug IDs CSCuj81685, CSCuj81688, CSCuj81665, CSCuj81744, and CSCuj81661.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Cisco | Webex Meetings Server | - |
Related Weaknesses (CWE)
References
- http://secunia.com/advisories/58571Permissions Required
- http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3286Vendor Advisory
- http://www.securityfocus.com/bid/67922Third Party AdvisoryVDB Entry
- http://secunia.com/advisories/58571Permissions Required
- http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3286Vendor Advisory
- http://www.securityfocus.com/bid/67922Third Party AdvisoryVDB Entry
FAQ
What is CVE-2014-3286?
CVE-2014-3286 is a vulnerability with a CVSS score of 5.0 (MEDIUM). The web framework in Cisco WebEx Meeting Server does not properly restrict the content of reply messages, which allows remote attackers to obtain sensitive information via a crafted URL, aka Bug IDs C...
How severe is CVE-2014-3286?
CVE-2014-3286 has been rated MEDIUM with a CVSS base score of 5.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2014-3286?
Check the references section above for vendor advisories and patch information. Affected products include: Cisco Webex Meetings Server.