CVE-2014-3301

Published: Jul 26, 2014Modified: May 6, 2026

5.0

Vector

AV:N/AC:L/Au:N/C:P/I:N/A:N

Exploitability: 10.0 / Impact: 2.9

Source: NVD

Description

The ProfileAction controller in Cisco WebEx Meetings Server (CWMS) 1.5(.1.131) and earlier allows remote attackers to obtain sensitive information by reading stack traces in returned messages, aka Bug ID CSCuj81700.

Affected (3)

Products: Cisco: Webex Meetings Server

Cisco

1 product

Webex Meetings Server

Configuration A

3 vulnerable

Vulnerable Software	Affected Versions
Cisco Webex Meetings Server	Up to 1.5\(.1.131\)
Cisco Webex Meetings Server	Version 1.5
Cisco Webex Meetings Server	Version 1.5(.1.6)

Related CWEs

CWE-200

Exposure of Sensitive Information to an Unauthorized Actor

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

References (12)

http://secunia.com/advisories/60573

Source: psirt@cisco.com

http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3301

Source: psirt@cisco.com

Vendor Advisory

http://tools.cisco.com/security/center/viewAlert.x?alertId=35040

Source: psirt@cisco.com

Vendor Advisory

http://www.securityfocus.com/bid/68894

Source: psirt@cisco.com

Third Party AdvisoryVDB Entry

http://www.securitytracker.com/id/1030642

Source: psirt@cisco.com

Third Party AdvisoryVDB Entry

https://exchange.xforce.ibmcloud.com/vulnerabilities/94895

Source: psirt@cisco.com

http://secunia.com/advisories/60573