Sensitive Data Exposure in Cisco Intelligent Automation for Cloud
CVE-2014-3298

Currently unrated

Key Information:

Vendor: Cisco
Status: Cloud Portal
Vendor: CVE Published:; 2 July 2014

What is CVE-2014-3298?

The Form Data Viewer in Cisco Intelligent Automation for Cloud exposes sensitive information by embedding passwords in HTML form data. This vulnerability allows remote authenticated users to access and read the source code of web pages, potentially leading to unauthorized information disclosure. Users of the affected product should apply the necessary updates to mitigate this risk.

References

http://tools.cisco.com/security/center/content/CiscoSecur...

vendor-advisoryx_refsource_CISCO

http://tools.cisco.com/security/center/viewAlert.x?alertI...

x_refsource_CONFIRM

http://secunia.com/advisories/58985

third-party-advisoryx_refsource_SECUNIA

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 2, 2014
Vulnerability Reserved
May 7, 2014