Published: 30/08/2014 Updated: 29/08/2017

CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6

VMScore: 383

Vector: AV:N/AC:M/Au:N/C:P/I:N/A:N

Cisco Intelligent Automation for Cloud (aka Cisco Cloud Portal) 2008.3_SP9 and previous versions does not properly consider whether a session is a problematic NULL session, which allows remote malicious users to obtain sensitive information via crafted packets, related to an "iFrame vulnerability," aka Bug ID CSCuh84801.

Vulnerable Product	Search on Vulmon	Subscribe to Product
cisco cloud portal 2008.3
cisco cloud portal 9.1
cisco cloud portal 9.4
cisco cloud portal 9.3.2
cisco cloud portal
cisco cloud portal 9.3.1
cisco cloud portal 9.3

A vulnerability in Cisco Intelligent Automation for Cloud could allow an unauthenticated, remote attacker to view sensitive information The vulnerability is due to a failure to properly check for certain NULL sessions An attacker could exploit this vulnerability by submitting crafted packets to an affected device Cisco has confirmed the vulner ...

CWE-20 http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3352 http://tools.cisco.com/security/center/viewAlert.x?alertId=35479 http://www.securitytracker.com/id/1030785 http://www.securityfocus.com/bid/69458 http://secunia.com/advisories/60956 https://exchange.xforce.ibmcloud.com/vulnerabilities/95605 https://nvd.nist.gov http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/Cisco-SA-20140829-CVE-2014-3352

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2014-3352

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect