CVSS: 6.8EPSS: 0%CPEs: 3EXPL: 0CVE-2014-3305
https://notcve.org/view.php?id=CVE-2014-3305
Cross-site request forgery (CSRF) vulnerability in the web framework in Cisco WebEx Meetings Server 1.5(.1.131) and earlier allows remote attackers to hijack the authentication of unspecified victims via unknown vectors, aka Bug ID CSCuj81735. Vulnerabilidad de CSRF en el Framework web en Cisco WebEx Meetings Server 1.5(.1.131) y anteriores permite a atacantes remotos secuestrar la autenticación de victimas no especificadas a través de vectores desconocidos, también conocido como Bug ID CSCuj81735. • http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3305 http://tools.cisco.com/security/center/viewAlert.x?alertId=35051 http://www.securityfocus.com/bid/68903 http://www.securitytracker.com/id/1030644 https://exchange.xforce.ibmcloud.com/vulnerabilities/94894 • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 5.0EPSS: 0%CPEs: 3EXPL: 0CVE-2014-3301
https://notcve.org/view.php?id=CVE-2014-3301
The ProfileAction controller in Cisco WebEx Meetings Server (CWMS) 1.5(.1.131) and earlier allows remote attackers to obtain sensitive information by reading stack traces in returned messages, aka Bug ID CSCuj81700. El controlador ProfileAction en Cisco WebEx Meetings Server (CWMS) 1.5(.1.131) y anteriores permite a atacantes remotos obtener información sensible mediante la lectura de trazas de la pila en mensajes devueltos, también conocido como Bug ID CSCuj81700. • http://secunia.com/advisories/60573 http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3301 http://tools.cisco.com/security/center/viewAlert.x?alertId=35040 http://www.securityfocus.com/bid/68894 http://www.securitytracker.com/id/1030642 https://exchange.xforce.ibmcloud.com/vulnerabilities/94895 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 4.0EPSS: 0%CPEs: 2EXPL: 0CVE-2014-3296
https://notcve.org/view.php?id=CVE-2014-3296
The XML programmatic interface (XML PI) in Cisco WebEx Meeting Server 1.5(.1.131) and earlier allows remote authenticated users to obtain sensitive meeting information via a crafted URL, aka Bug ID CSCum03527. La interfaz programática XML (XML PI) en Cisco WebEx Meeting Server 1.5(.1.131) y anteriores permite a usuarios remotos autenticados obtener información sensible de reuniones a través de una URL manipulada, también conocido como Bug ID CSCum03527. • http://secunia.com/advisories/59263 http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3296 http://tools.cisco.com/security/center/viewAlert.x?alertId=34663 http://www.securityfocus.com/bid/68118 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.0EPSS: 0%CPEs: 8EXPL: 0CVE-2014-2199
https://notcve.org/view.php?id=CVE-2014-2199
meetinginfo.do in Cisco WebEx Event Center, WebEx Meeting Center, WebEx Sales Center, WebEx Training Center, WebEx Meetings Server 1.5(.1.131) and earlier, and WebEx Business Suite (WBS) 27 before 27.32.31.16, 28 before 28.12.13.18, and 29 before 29.5.1.12 allows remote attackers to obtain sensitive meeting information by leveraging knowledge of a meeting identifier, aka Bug IDs CSCuo68624 and CSCue46738. meetinginfo.do en Cisco WebEx Event Center, WebEx Meeting Center, WebEx Sales Center, WebEx Training Center, WebEx Meetings Server 1.5(.1.131) y anteriores y WebEx Business Suite (WBS) 27 anterior a 27.32.31.16, 28 anterior a 28.12.13.18 y 29 anterior a 29.5.1.12 permite a atacantes remotos obtener información sensible de reuniones mediante el aprovechamiento de conocimiento de un identificador de reunión, también conocido como Bug IDs CSCuo68624 y CSCue46738. • http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-2199 http://tools.cisco.com/security/center/viewAlert.x?alertId=34252 http://www.securitytracker.com/id/1030251 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •