The nsAPI interface in Cisco Cloud Portal 9.1 SP1 and SP2, and 9.3 up to and including 9.3.2, does not properly check privileges, which allows remote authenticated users to obtain sensitive information via a crafted URL, aka Bug ID CSCud81134.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
cisco cloud portal 9.1 |
||
cisco cloud portal 9.3 |
||
cisco cloud portal 9.3.2 |
||
cisco cloud portal 9.3.1 |