CVE-2014-3303

Cisco WebEx Meetings Server - Exposure of Sensitive Information via Query String

Title source: llm
STIX 2.1

Description

The web framework in Cisco WebEx Meetings Server does not properly restrict the content of query strings, which allows remote attackers to obtain sensitive information by reading (1) web-server access logs, (2) web-server Referer logs, or (3) the browser history, aka Bug ID CSCuj81713.

References (4)

Core 4
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/94893
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://www.securitytracker.com/id/1030645
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/68910

Scores

EPSS 0.0203
EPSS Percentile 78.7%

Details

CWE
CWE-200
Status published
Products (1)
cisco/webex_meetings_server
Published Jul 28, 2014
Tracked Since Feb 18, 2026