CVSS: 5.3EPSS: 0%CPEs: 3EXPL: 0CVE-2014-3301
https://notcve.org/view.php?id=CVE-2014-3301
26 Jul 2014 — The ProfileAction controller in Cisco WebEx Meetings Server (CWMS) 1.5(.1.131) and earlier allows remote attackers to obtain sensitive information by reading stack traces in returned messages, aka Bug ID CSCuj81700. El controlador ProfileAction en Cisco WebEx Meetings Server (CWMS) 1.5(.1.131) y anteriores permite a atacantes remotos obtener información sensible mediante la lectura de trazas de la pila en mensajes devueltos, también conocido como Bug ID CSCuj81700. • http://secunia.com/advisories/60573 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 0CVE-2014-3305
https://notcve.org/view.php?id=CVE-2014-3305
26 Jul 2014 — Cross-site request forgery (CSRF) vulnerability in the web framework in Cisco WebEx Meetings Server 1.5(.1.131) and earlier allows remote attackers to hijack the authentication of unspecified victims via unknown vectors, aka Bug ID CSCuj81735. Vulnerabilidad de CSRF en el Framework web en Cisco WebEx Meetings Server 1.5(.1.131) y anteriores permite a atacantes remotos secuestrar la autenticación de victimas no especificadas a través de vectores desconocidos, también conocido como Bug ID CSCuj81735. • http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3305 • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 4.3EPSS: 0%CPEs: 2EXPL: 0CVE-2014-3296
https://notcve.org/view.php?id=CVE-2014-3296
21 Jun 2014 — The XML programmatic interface (XML PI) in Cisco WebEx Meeting Server 1.5(.1.131) and earlier allows remote authenticated users to obtain sensitive meeting information via a crafted URL, aka Bug ID CSCum03527. La interfaz programática XML (XML PI) en Cisco WebEx Meeting Server 1.5(.1.131) y anteriores permite a usuarios remotos autenticados obtener información sensible de reuniones a través de una URL manipulada, también conocido como Bug ID CSCum03527. • http://secunia.com/advisories/59263 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.3EPSS: 0%CPEs: 8EXPL: 0CVE-2014-2199
https://notcve.org/view.php?id=CVE-2014-2199
20 May 2014 — meetinginfo.do in Cisco WebEx Event Center, WebEx Meeting Center, WebEx Sales Center, WebEx Training Center, WebEx Meetings Server 1.5(.1.131) and earlier, and WebEx Business Suite (WBS) 27 before 27.32.31.16, 28 before 28.12.13.18, and 29 before 29.5.1.12 allows remote attackers to obtain sensitive meeting information by leveraging knowledge of a meeting identifier, aka Bug IDs CSCuo68624 and CSCue46738. meetinginfo.do en Cisco WebEx Event Center, WebEx Meeting Center, WebEx Sales Center, WebEx Training Ce... • http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-2199 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •