The OutlookAction Class in Cisco WebEx Meetings Server allows remote attackers to enumerate user accounts by entering crafted URLs and examining the returned messages, aka Bug ID CSCuj81722.
References
Link | Resource |
---|---|
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3304 | Vendor Advisory |
http://www.securitytracker.com/id/1030641 | Third Party Advisory VDB Entry |
http://www.securityfocus.com/bid/68911 | Third Party Advisory VDB Entry |
https://exchange.xforce.ibmcloud.com/vulnerabilities/94880 |
Configurations
Information
Published : 2014-07-28 10:55
Updated : 2017-08-28 18:34
NVD link : CVE-2014-3304
Mitre link : CVE-2014-3304
JSON object : View
CWE
CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
Products Affected
cisco
- webex_meetings_server