Lucene search
K

5 matches found

CVE
CVE
added 2014/07/02 10:0 a.m.52 views

CVE-2014-3297

Cisco Intelligent Automation for Cloud in Cisco Cloud Portal contains a vulnerability in the MyServices action URLs where sensitive information can be exposed due to improper content restrictions. An authenticated, remote attacker could read sensitive data from web-server access logs, Referer log...

4CVSS6AI score0.01783EPSS
CVE
CVE
added 2014/07/02 10:0 a.m.49 views

CVE-2014-3298

The CVE-2014-3298 issue affects Cisco Intelligent Automation for Cloud, specifically the Cloud Portal’s Form Data Viewer Utility. The root cause is that passwords are placed in form data and can be read from the HTML source of the vulnerable page, enabling an authenticated, remote attacker to obt...

4CVSS5.8AI score0.01638EPSS
CVE
CVE
added 2014/08/29 10:0 a.m.46 views

CVE-2014-3350

Cisco Intelligent Automation for Cloud (aka Cisco Cloud Portal) is affected by CVE-2014-3350 due to improper sanitization of redirect URLs, enabling an authenticated remote attacker to obtain sensitive information via crafted URLs. The issue arises from URL redirection handling in the product. Th...

4CVSS5.8AI score0.01638EPSS
CVE
CVE
added 2014/08/29 10:0 a.m.41 views

CVE-2014-3351

Cisco Intelligent Automation for Cloud (Cisco Cloud Portal) is affected by CVE-2014-3351 due to a failure to properly validate NULL sessions. An unauthenticated, remote attacker could send crafted packets to an affected device and view sensitive information, per Cisco’s advisory (Bug IDs CSCuh873...

5CVSS6.4AI score0.02949EPSS
CVE
CVE
added 2014/08/29 10:0 a.m.40 views

CVE-2014-3349

Cisco Intelligent Automation for Cloud (Cisco Cloud Portal) suffers an arbitrary file upload vulnerability due to insufficient input validation of file types during file submission. An authenticated, remote attacker could submit a crafted file to an affected device, enabling arbitrary file upload...

4CVSS6.6AI score0.01626EPSS