CVE-2014-3303 Information

Description

The web framework in Cisco WebEx Meetings Server does not properly restrict the content of query strings which allows remote attackers to obtain sensitive information by reading (1) web-server access logs (2) web-server Referer logs or (3) the browser history aka Bug ID CSCuj81713.

Reference

http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3303 http://www.securityfocus.com/bid/68910 http://www.securitytracker.com/id/1030645 https://exchange.xforce.ibmcloud.com/vulnerabilities/94893