CVE-2014-3302CVE-2014-3302

Affected configuration(s):

cpe:/a:cisco:webex_meetings_server:1.5
cpe:/a:cisco:webex_meetings_server:1.5%28.1.6%29
cpe:/a:cisco:webex_meetings_server:1.5%28.1.131%29

Date published: 2014-08-01T01:12:51.963-04:00

Date last modified: 2017-08-28T21:34:41.263-04:00

CVSS Score: 5.8

Principal attack vector: NETWORK

Complexity:  MEDIUM

Reference URL: http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3302

Summary: user.php in Cisco WebEx Meetings Server 1.5(.1.131) and earlier does not properly implement the token timer for authenticated encryption, which allows remote attackers to obtain sensitive information via a crafted URL, aka Bug ID CSCuj81708.

CategoriesUncategorised

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.