Information Disclosure in Cisco Cloud Portal
CVE-2013-1139
Currently unrated
Summary
The nsAPI interface in Cisco Cloud Portal versions 9.1 SP1, 9.1 SP2, and 9.3 through 9.3.2 contains a flaw in privilege checking, which allows remote authenticated users to exploit this vulnerability. By crafting specific URLs, attackers can gain unauthorized access to sensitive information stored within the system, representing a significant risk to data confidentiality. This highlights a critical need for diligent access controls and regular audits to safeguard against potential exploitation.
References
Timeline
Vulnerability Reserved
Vulnerability published