CVE-2014-2347

Amtelco miSecureMessages <6.2 - Info Disclosure

Title source: llm

Description

Amtelco miSecureMessages (aka MSM) 6.2 does not properly manage sessions, which allows remote authenticated users to obtain sensitive information via a modified message request.

Exploits (1)

exploitdb WORKING POC

by Jared Bird · textwebappsmultiple

https://www.exploit-db.com/exploits/33019

View Code ZIP pw:eip

References (3)

Core 3

Core References

Various Sources x_refsource_misc

https://service.amtelco.com/INFINITY/MSM/MSM6.2SecurityBriefing.pdf

US Government Resource

http://ics-cert.us-cert.gov/advisories/ICSA-14-121-01

Third Party Advisory, US Government Resource

https://www.cisa.gov/news-events/ics-advisories/icsa-14-121-01

Scores

EPSS 0.0795

EPSS Percentile 92.1%

Details

CWE

CWE-200 CWE-264

Status published

Products (2)

amtelco/misecuremessages 6.2

AMTELCO/miSecureMessages 6.2

Published May 06, 2014

Tracked Since Feb 18, 2026