CVE-2014-3303

Sažetak

The web framework in Cisco WebEx Meetings Server does not properly restrict the content of query strings, which allows remote attackers to obtain sensitive information by reading (1) web-server access logs, (2) web-server Referer logs, or (3) the browser history, aka Bug ID CSCuj81713.

Reference

http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3303
http://www.securityfocus.com/bid/68910
http://www.securitytracker.com/id/1030645
https://exchange.xforce.ibmcloud.com/vulnerabilities/94893

CVSS

Base:	4.0
Impact:	2.9
Exploitability:	8.0

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	SINGLE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	NONE	NONE

CVSS vektor

AV:N/AC:L/Au:S/C:P/I:N/A:N

Zadnje važnije ažuriranje

29-08-2017 - 01:34

Objavljeno

28-07-2014 - 17:55