CVE-2014-3297

Currently unrated

Key Information:

Vendor: Cisco
Status: Cloud Portal
Vendor: CVE Published:; 2 July 2014

Summary

Cisco Intelligent Automation for Cloud in Cisco Cloud Portal does not properly restrict the content of MyServices action URLs, which allows remote authenticated users to obtain sensitive information by reading (1) web-server access logs, (2) web-server Referer logs, or (3) the browser history, aka Bug IDs CSCui36937, CSCui37004, and CSCui36927.

References

http://secunia.com/advisories/59401

third-party-advisoryx_refsource_SECUNIA

http://tools.cisco.com/security/center/viewAlert.x?alertI...

x_refsource_CONFIRM

http://www.securityfocus.com/bid/68308

vdb-entryx_refsource_BID

Timeline

Vulnerability published
Jul 2, 2014
Vulnerability Reserved
May 7, 2014