CVE-2014-1664
GoToMeeting for Android - Multiple Local Information Disclosure Vulnerabilities
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
2Exploited in Wild
-Decision
Descriptions
The Citrix GoToMeeting application 5.0.799.1238 for Android logs HTTP requests containing sensitive information, which allows attackers to obtain user IDs, meeting details, and authentication tokens via an application that reads the system log file.
La aplicación Citrix GoToMeeting v5.0.799.1238 para Android registra las peticiones HTTP que contienen información sensible, lo que permite a atacantes remotos obtener IDs de usuario, detalles de las reuniones, y tokens de autenticación a través de una aplicación que lea el fichero de registro del sistema.
GoToMeeting Android application (com.citrixonline.android.gotomeeting-1.apk) version 5.0.799.1238 is vulnerable to information disclosure via logging output, resulting in the leak of userID, meeting details, and authentication tokens. Android applications with permissions to read system log files may obtain the leaked information.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2014-01-23 CVE Reserved
- 2014-01-23 First Exploit
- 2014-01-26 CVE Published
- 2024-08-06 CVE Updated
- 2024-08-13 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-200: Exposure of Sensitive Information to an Unauthorized Actor
CAPEC
References (5)
| URL | Tag | Source |
|---|---|---|
| http://osvdb.org/102559 | Vdb Entry | |
| http://www.securityfocus.com/archive/1/530879/100/0/threaded | Mailing List | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/90695 | Vdb Entry |
| URL | Date | SRC |
|---|---|---|
| https://www.exploit-db.com/exploits/39061 | 2014-01-23 | |
| http://www.securityfocus.com/bid/65123 | 2024-08-06 |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Citrix Search vendor "Citrix" | Gotomeeting Search vendor "Citrix" for product "Gotomeeting" | 5.0.799.1238 Search vendor "Citrix" for product "Gotomeeting" and version "5.0.799.1238" | android |
Affected
| ||||||