CVE-2014-3305

Cross-site request forgery (CSRF) vulnerability in the web framework in Cisco WebEx Meetings Server 1.5(.1.131) and earlier allows remote attackers to hijack the authentication of unspecified victims via unknown vectors, aka Bug ID CSCuj81735.

Published: Jul 26, 2014
Updated: Apr 13, 2023
CVE: CVE-2014-3305
Severity: Medium
Exploit:

CVSS v2:

Severity: Medium
Score: 6.8
AV:N/AC:M/Au:N/C:P/I:P/A:P

CWEs:

CWE-352

Affected Software
References

Software	From	Fixed in
cisco / webex_meetings_server	1.5(.1.6)	1.5(.1.6).x
cisco / webex_meetings_server	1.5	1.5.x
cisco / webex_meetings_server	-	1.5\(.1.131\).x

http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3305
http://tools.cisco.com/security/center/viewAlert.x?alertId=35051
http://www.securityfocus.com/bid/68903
http://www.securitytracker.com/id/1030644
https://exchange.xforce.ibmcloud.com/vulnerabilities/94894

Vulnerability Database

289,599

CVE-2014-3305