Cross-Site Scripting Vulnerability in Cisco Nexus 1000V InterCloud for VMware
CVE-2014-3367

Currently unrated

Key Information:

Vendor: Cisco
Status: Cisco Nexus 1000v Intercloud
Vendor: CVE Published:; 20 September 2014

Summary

The vulnerability present in the vCloud Director component of Cisco Nexus 1000V InterCloud for VMware allows remote attackers to exploit the system through injection of arbitrary web scripts or HTML. This vulnerability arises due to an insufficient validation of user input, which enables attackers to execute malicious scripts within a web application context, potentially compromising user data and security integrity.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/96126

vdb-entryx_refsource_XF

http://www.securityfocus.com/bid/70010

vdb-entryx_refsource_BID

http://www.securitytracker.com/id/1030881

vdb-entryx_refsource_SECTRACK

Timeline

Vulnerability published
Sep 20, 2014
Vulnerability Reserved
May 7, 2014