CVE-2014-3352

Currently unrated

Key Information:

Vendor: Cisco
Status: Cloud Portal
Vendor: CVE Published:; 30 August 2014

Summary

Cisco Intelligent Automation for Cloud (aka Cisco Cloud Portal) 2008.3_SP9 and earlier does not properly consider whether a session is a problematic NULL session, which allows remote attackers to obtain sensitive information via crafted packets, related to an "iFrame vulnerability," aka Bug ID CSCuh84801.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/95605

vdb-entryx_refsource_XF

http://tools.cisco.com/security/center/viewAlert.x?alertI...

x_refsource_CONFIRM

http://www.securityfocus.com/bid/69458

vdb-entryx_refsource_BID

Timeline

Vulnerability published
Aug 30, 2014
Vulnerability Reserved
May 7, 2014