Published: 29/08/2014 Updated: 29/08/2017

CVSS v2 Base Score: 4 | Impact Score: 2.9 | Exploitability Score: 8

VMScore: 356

Vector: AV:N/AC:L/Au:S/C:P/I:N/A:N

A vulnerability in the URL redirection of Cisco Intelligent Automation for Cloud could allow an authenticated, remote malicious user to obtain sensitive information. The vulnerability is due to improper sanitization of redirect URLs. An attacker could exploit this vulnerability by submitting crafted URLs. Cisco has confirmed the vulnerability in a security notice; however, software updates are not available. After a successful exploit, the attacker could redirect a targeted user to a malicious site in an attempt to obtain sensitive information.

Vulnerable Product	Search on Vulmon	Subscribe to Product
cisco cloud portal -

A vulnerability in the URL redirection of Cisco Intelligent Automation for Cloud could allow an authenticated, remote attacker to obtain sensitive information The vulnerability is due to improper sanitization of redirect URLs An attacker could exploit this vulnerability by submitting crafted URLs Cisco has confirmed the vulnerability in a secu ...

CWE-264 http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3350 http://www.securitytracker.com/id/1030784 http://www.securityfocus.com/bid/69457 https://exchange.xforce.ibmcloud.com/vulnerabilities/95587 https://nvd.nist.gov http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/Cisco-SA-20140829-CVE-2014-3350

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2014-3350

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect