Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2014-2199

meetinginfo.do in Cisco WebEx Event Center, WebEx Meeting Center, WebEx Sales Center, WebEx Training Center, WebEx Meetings Server 1.5(.1.131) and earlier, and WebEx Business Suite (WBS) 27 before 27.32.31.16, 28 before 28.12.13.18, and 29 before 29.5.1.12 allows remote attackers to obtain sensitive meeting information by leveraging knowledge of a meeting identifier, aka Bug IDs CSCuo68624 and CSCue46738.

Published

2014-05-20T11:13:37.657

Last Modified

2025-04-12T10:46:40.837

Status

Deferred

Source

[email protected]

Severity

CVSSv2: 5.0 (MEDIUM)

CVSSv2 Vector

AV:N/AC:L/Au:N/C:P/I:N/A:N

  • Access Vector: NETWORK
  • Access Complexity: LOW
  • Authentication: NONE
  • Confidentiality Impact: PARTIAL
  • Integrity Impact: NONE
  • Availability Impact: NONE
Exploitability Score

10.0

Impact Score

2.9

Weaknesses
  • Type: Primary
    CWE-200
Affected Vendors & Products
Type Vendor Product Version/Range Vulnerable?
Application cisco webex_business_suite 27.0 Yes
Application cisco webex_business_suite 28.0 Yes
Application cisco webex_business_suite 29.0 Yes
Application cisco webex_event_center - Yes
Application cisco webex_meeting_center - Yes
Application cisco webex_meetings_server ≤ 1.5\(.1.131\) Yes
Application cisco webex_sales_center - Yes
Application cisco webex_training_center - Yes
References