URL Composition Flaw in WebEx Meeting Center by Cisco
CVE-2014-0708

Currently unrated

Key Information:

Vendor: Cisco
Status: Webex Meeting Center
Vendor: CVE Published:; 21 March 2014

Summary

The WebEx Meeting Center within the Cisco WebEx Business Suite has a vulnerability related to its handling of HTTP GET requests. This flaw allows remote attackers to exploit improperly composed URLs, which can lead to unauthorized disclosure of sensitive information. Attackers could potentially access web-server access logs, Referer logs, or browser history, posing significant privacy risks to users. For more details, refer to the advisory from Cisco.

References

http://tools.cisco.com/security/center/content/CiscoSecur...

vendor-advisoryx_refsource_CISCO

Timeline

Vulnerability published
Mar 21, 2014
Vulnerability Reserved
Jan 2, 2014