CVE-2014-2199

Published May 20, 2014

Last updated 3 months ago

CVSS info 5.0

Overview

Description: meetinginfo.do in Cisco WebEx Event Center, WebEx Meeting Center, WebEx Sales Center, WebEx Training Center, WebEx Meetings Server 1.5(.1.131) and earlier, and WebEx Business Suite (WBS) 27 before 27.32.31.16, 28 before 28.12.13.18, and 29 before 29.5.1.12 allows remote attackers to obtain sensitive meeting information by leveraging knowledge of a meeting identifier, aka Bug IDs CSCuo68624 and CSCue46738.
Source: ykramarz@cisco.com
NVD status: Modified

Risk scores

CVSS 2.0

Type: Primary
Base score: 5
Impact score: 2.9
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:P/I:N/A:N

Weaknesses

nvd@nist.gov: CWE-200

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:cisco:webex_business_suite:27.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2CAD4B10-275C-4C1B-95C6-3805104CBE8B"
          },
          {
            "criteria": "cpe:2.3:a:cisco:webex_business_suite:28.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B7544AE0-77D7-45CB-B49C-B060F9B51DDC"
          },
          {
            "criteria": "cpe:2.3:a:cisco:webex_business_suite:29.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "320608BF-D0C5-4245-A200-613CB5BB185B"
          },
          {
            "criteria": "cpe:2.3:a:cisco:webex_event_center:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "83E6A0CF-0BB4-447B-B061-E4DADDD88209"
          },
          {
            "criteria": "cpe:2.3:a:cisco:webex_meeting_center:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4C046194-A216-4728-BAD9-4B675820F9F9"
          },
          {
            "criteria": "cpe:2.3:a:cisco:webex_meetings_server:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DFBF4BC9-68A8-4AF2-88C3-EDADB721B6C8",
            "versionEndIncluding": "1.5\\(.1.131\\)"
          },
          {
            "criteria": "cpe:2.3:a:cisco:webex_sales_center:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EFA5880C-52BA-47D2-9CAB-45C3FA6FCB52"
          },
          {
            "criteria": "cpe:2.3:a:cisco:webex_training_center:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1D11FA31-28A2-47C6-9030-97A250951899"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References