CVE-2014-3301Sensitive Information Exposure in Cisco Webex Meetings Server

CWE-200Sensitive Information Exposure4 documents4 sources
Severity
5.0MEDIUMNVD
EPSS
0.6%
top 30.29%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Cisco Webex Meetings Server
Timeline
PublishedJul 26
Latest updateMay 17

Description

The ProfileAction controller in Cisco WebEx Meetings Server (CWMS) 1.5(.1.131) and earlier allows remote attackers to obtain sensitive information by reading stack traces in returned messages, aka Bug ID CSCuj81700.

CVSS vector

AV:N/AC:L/C:P/I:N/A:NExploitability: 10.0 | Impact: 2.9

Affected Packages1 packages

NVDcisco/webex_meetings_server1.5\(.1.131\)+2

🔴Vulnerability Details

2
GHSA
GHSA-wr8c-v7j8-rh39: The ProfileAction controller in Cisco WebEx Meetings Server (CWMS) 12022-05-17
CVEList
CVE-2014-3301: The ProfileAction controller in Cisco WebEx Meetings Server (CWMS) 12014-07-26

📋Vendor Advisories

1
Cisco
Cisco WebEx Meetings Server Stack Trace Vulnerability2014-07-25
CVE-2014-3301 — Sensitive Information Exposure in Cisco | cvebase