Vulnerabilites related to citrix - gotomeeting
Vulnerability from fkie_nvd
Published
2014-01-26 20:55
Modified
2024-11-21 02:04
Severity ?
Summary
The Citrix GoToMeeting application 5.0.799.1238 for Android logs HTTP requests containing sensitive information, which allows attackers to obtain user IDs, meeting details, and authentication tokens via an application that reads the system log file.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| citrix | gotomeeting | 5.0.799.1238 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:citrix:gotomeeting:5.0.799.1238:-:-:*:-:android:*:*",
"matchCriteriaId": "28D5BDBC-FF51-4C80-9916-17AC9B80984B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Citrix GoToMeeting application 5.0.799.1238 for Android logs HTTP requests containing sensitive information, which allows attackers to obtain user IDs, meeting details, and authentication tokens via an application that reads the system log file."
},
{
"lang": "es",
"value": "La aplicaci\u00f3n Citrix GoToMeeting v5.0.799.1238 para Android registra las peticiones HTTP que contienen informaci\u00f3n sensible, lo que permite a atacantes remotos obtener IDs de usuario, detalles de las reuniones, y tokens de autenticaci\u00f3n a trav\u00e9s de una aplicaci\u00f3n que lea el fichero de registro del sistema."
}
],
"id": "CVE-2014-1664",
"lastModified": "2024-11-21T02:04:47.450",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2014-01-26T20:55:06.720",
"references": [
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/102559"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/530879/100/0/threaded"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/65123"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90695"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/102559"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/530879/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/65123"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90695"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
cve-2014-1664
Vulnerability from cvelistv5
Published
2014-01-26 20:00
Modified
2024-08-06 09:50
Severity ?
EPSS score ?
Summary
The Citrix GoToMeeting application 5.0.799.1238 for Android logs HTTP requests containing sensitive information, which allows attackers to obtain user IDs, meeting details, and authentication tokens via an application that reads the system log file.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/65123 | vdb-entry, x_refsource_BID | |
| http://www.securityfocus.com/archive/1/530879/100/0/threaded | mailing-list, x_refsource_BUGTRAQ | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/90695 | vdb-entry, x_refsource_XF | |
| http://osvdb.org/102559 | vdb-entry, x_refsource_OSVDB |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T09:50:11.078Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "65123",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/65123"
},
{
"name": "20140124 [CVE-2014-1664] GoToMeeting Information Disclosure via Logging Output (Android)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/530879/100/0/threaded"
},
{
"name": "gotomeeting-cve20141664-info-disc(90695)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90695"
},
{
"name": "102559",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/102559"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-01-24T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The Citrix GoToMeeting application 5.0.799.1238 for Android logs HTTP requests containing sensitive information, which allows attackers to obtain user IDs, meeting details, and authentication tokens via an application that reads the system log file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-09T18:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "65123",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/65123"
},
{
"name": "20140124 [CVE-2014-1664] GoToMeeting Information Disclosure via Logging Output (Android)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/530879/100/0/threaded"
},
{
"name": "gotomeeting-cve20141664-info-disc(90695)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90695"
},
{
"name": "102559",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/102559"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-1664",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Citrix GoToMeeting application 5.0.799.1238 for Android logs HTTP requests containing sensitive information, which allows attackers to obtain user IDs, meeting details, and authentication tokens via an application that reads the system log file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "65123",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/65123"
},
{
"name": "20140124 [CVE-2014-1664] GoToMeeting Information Disclosure via Logging Output (Android)",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/530879/100/0/threaded"
},
{
"name": "gotomeeting-cve20141664-info-disc(90695)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90695"
},
{
"name": "102559",
"refsource": "OSVDB",
"url": "http://osvdb.org/102559"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2014-1664",
"datePublished": "2014-01-26T20:00:00",
"dateReserved": "2014-01-23T00:00:00",
"dateUpdated": "2024-08-06T09:50:11.078Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}