CVE-2014-3302

user.php in Cisco WebEx Meetings Server 1.5(.1.131) and earlier does not properly implement the token timer for authenticated encryption, which allows remote attackers to obtain sensitive information via a crafted URL, aka Bug ID CSCuj81708.

Severity	MEDIUM
CVSS	5.8
CWE	CWE-310
KEV
Published	11 years ago
Modified	1 week ago

Related Products

Product	Advisory	Evidence
Cisco Webex Meetings	Cisco-SA-20140725-CVE-2014-3302	Cisco OpenVuln
Cisco WebEx Meetings Server	Cisco-SA-20140725-CVE-2014-3302	Cisco OpenVuln