CVE-2014-3305

Cross-site request forgery (CSRF) vulnerability in the web framework in Cisco WebEx Meetings Server 1.5(.1.131) and earlier allows remote attackers to hijack the authentication of unspecified victims via unknown vectors, aka Bug ID CSCuj81735.
CSRF
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
6.8 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:P/I:P/A:P
ciscoCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 41%
VendorProductVersion
ciscowebex_meetings_server
𝑥
≤ 1.5\(.1.131\)
ciscowebex_meetings_server
1.5
ciscowebex_meetings_server
1.5\(.1.6\)
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3305
http://tools.cisco.com/security/center/viewAlert.x?alertId=35051
http://www.securityfocus.com/bid/68903
http://www.securitytracker.com/id/1030644
https://exchange.xforce.ibmcloud.com/vulnerabilities/94894
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3305
http://tools.cisco.com/security/center/viewAlert.x?alertId=35051
http://www.securityfocus.com/bid/68903
http://www.securitytracker.com/id/1030644
https://exchange.xforce.ibmcloud.com/vulnerabilities/94894