Lucene search
K
CiscoCloud Portal

9 matches found

CVE
CVE
added 2014/07/02 10:0 a.m.52 views

CVE-2014-3297

Cisco Intelligent Automation for Cloud in Cisco Cloud Portal contains a vulnerability in the MyServices action URLs where sensitive information can be exposed due to improper content restrictions. An authenticated, remote attacker could read sensitive data from web-server access logs, Referer log...

4CVSS6AI score0.01783EPSS
CVE
CVE
added 2014/03/14 10:0 a.m.49 views

CVE-2014-0694

Cisco Intelligent Automation for Cloud (IAC) in Cisco Cloud Portal 9.4.1 and earlier contains fixed cryptographic material in binary files, enabling remote attackers to obtain cleartext data from any IAC installation with knowledge of the embedded key. Impact is confidential data leakage due to c...

5CVSS6.9AI score0.01173EPSS
CVE
CVE
added 2014/07/02 10:0 a.m.49 views

CVE-2014-3298

The CVE-2014-3298 issue affects Cisco Intelligent Automation for Cloud, specifically the Cloud Portal’s Form Data Viewer Utility. The root cause is that passwords are placed in form data and can be read from the HTML source of the vulnerable page, enabling an authenticated, remote attacker to obt...

4CVSS5.8AI score0.01638EPSS
CVE
CVE
added 2014/08/29 10:0 a.m.46 views

CVE-2014-3350

Cisco Intelligent Automation for Cloud (aka Cisco Cloud Portal) is affected by CVE-2014-3350 due to improper sanitization of redirect URLs, enabling an authenticated remote attacker to obtain sensitive information via crafted URLs. The issue arises from URL redirection handling in the product. Th...

4CVSS5.8AI score0.01638EPSS
CVE
CVE
added 2014/08/30 10:0 a.m.45 views

CVE-2014-3352

CVE-2014-3352 affects Cisco Intelligent Automation for Cloud (Cisco Cloud Portal) 2008.3_SP9 and earlier. The root cause is improper handling of certain NULL sessions, leading to an information disclosure via crafted packets (the so-called iFrame vulnerability, Bug CSCuh84801). An unauthenticated...

4.3CVSS6.4AI score0.02824EPSS
CVE
CVE
added 2013/12/10 2:0 a.m.41 views

CVE-2013-6708

Cisco Cloud Portal 9.4 contains an unauthenticated file download flaw where an attacker can read files via direct browser request due to insufficient access controls. The issue is documented in CVE-2013-6708 and Cisco’s advisory (Cisco-SA-20131209-CVE-2013-6708). Affected component is the web int...

5CVSS6.8AI score0.03023EPSS
CVE
CVE
added 2014/08/29 10:0 a.m.41 views

CVE-2014-3351

Cisco Intelligent Automation for Cloud (Cisco Cloud Portal) is affected by CVE-2014-3351 due to a failure to properly validate NULL sessions. An unauthenticated, remote attacker could send crafted packets to an affected device and view sensitive information, per Cisco’s advisory (Bug IDs CSCuh873...

5CVSS6.4AI score0.02949EPSS
CVE
CVE
added 2014/08/29 10:0 a.m.40 views

CVE-2014-3349

Cisco Intelligent Automation for Cloud (Cisco Cloud Portal) suffers an arbitrary file upload vulnerability due to insufficient input validation of file types during file submission. An authenticated, remote attacker could submit a crafted file to an affected device, enabling arbitrary file upload...

4CVSS6.6AI score0.01626EPSS
CVE
CVE
added 2013/02/27 12:0 a.m.38 views

CVE-2013-1139

The CVE-2013-1139 issue affects Cisco Cloud Portal nsAPI interface in 9.1 SP1/SP2 and 9.3–9.3.2. It does not properly check privileges, enabling remote authenticated users to obtain sensitive information via a crafted URL (Bug CSCud81134). Documents show affected versions and the root cause (insu...

4CVSS5.8AI score0.00937EPSS