Information Disclosure in Cisco Cloud Portal
CVE-2014-3351

Currently unrated

Key Information:

Vendor: Cisco
Status: Cloud Portal
Vendor: CVE Published:; 29 August 2014

What is CVE-2014-3351?

The Cisco Intelligent Automation for Cloud allows remote attackers to exploit a flaw where the system fails to properly assess the validity of incoming sessions. This oversight can permit unauthorized users to send crafted packets, thereby gaining access to sensitive data. This vulnerability significantly raises the risk of information exposure within the affected environment.

References

http://secunia.com/advisories/60960

third-party-advisoryx_refsource_SECUNIA

http://tools.cisco.com/security/center/content/CiscoSecur...

vendor-advisoryx_refsource_CISCO

http://www.securityfocus.com/bid/69456

vdb-entryx_refsource_BID

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Aug 29, 2014
Vulnerability Reserved
May 7, 2014