CVE-2014-3296

Published: Jun 21, 2014Modified: May 6, 2026

4.0

Vector

AV:N/AC:L/Au:S/C:P/I:N/A:N

Exploitability: 8.0 / Impact: 2.9

Source: NVD

Description

The XML programmatic interface (XML PI) in Cisco WebEx Meeting Server 1.5(.1.131) and earlier allows remote authenticated users to obtain sensitive meeting information via a crafted URL, aka Bug ID CSCum03527.

Affected (2)

Products: Cisco: Webex Meetings Server

Cisco

1 product

Webex Meetings Server

Configuration A

2 vulnerable

Vulnerable Software	Affected Versions
Cisco Webex Meetings Server	Up to 1.5\(.1.131\)
Cisco Webex Meetings Server	Version 1.5(.1.6)

Related CWEs

CWE-200

Exposure of Sensitive Information to an Unauthorized Actor

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

References (8)

http://secunia.com/advisories/59263

Source: psirt@cisco.com

http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3296

Source: psirt@cisco.com

Vendor Advisory

http://tools.cisco.com/security/center/viewAlert.x?alertId=34663

Source: psirt@cisco.com

Vendor Advisory

http://www.securityfocus.com/bid/68118

Source: psirt@cisco.com

Third Party AdvisoryVDB Entry

http://secunia.com/advisories/59263

Source: af854a3a-2127-422b-91ae-364da2661108

http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3296

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://tools.cisco.com/security/center/viewAlert.x?alertId=34663

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://www.securityfocus.com/bid/68118

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party AdvisoryVDB Entry

Timeline

No history available yet.