Cisco

Cloud Portal

9 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
4.3

CVE-2014-3352

  • EPSS 1.05%
  • Veröffentlicht 30.08.2014 09:55:05
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Cisco Intelligent Automation for Cloud (aka Cisco Cloud Portal) 2008.3_SP9 and earlier does not properly consider whether a session is a problematic NULL session, which allows remote attackers to obtain sensitive information via crafted packets, rela...

4

CVE-2014-3349

  • EPSS 0.27%
  • Veröffentlicht 29.08.2014 09:55:08
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Cisco Intelligent Automation for Cloud (aka Cisco Cloud Portal) does not validate file types during the handling of file submission, which allows remote authenticated users to upload arbitrary files via a crafted request, aka Bug ID CSCuh87410.

4

CVE-2014-3350

  • EPSS 0.27%
  • Veröffentlicht 29.08.2014 09:55:08
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Cisco Intelligent Automation for Cloud (aka Cisco Cloud Portal) does not properly implement URL redirection, which allows remote authenticated users to obtain sensitive information via a crafted URL, aka Bug ID CSCuh84870.

5

CVE-2014-3351

  • EPSS 0.27%
  • Veröffentlicht 29.08.2014 09:55:08
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Cisco Intelligent Automation for Cloud (aka Cisco Cloud Portal) does not properly consider whether a session is a problematic NULL session, which allows remote attackers to obtain sensitive information via crafted packets, aka Bug IDs CSCuh87398 and ...

4

CVE-2014-3297

  • EPSS 0.44%
  • Veröffentlicht 02.07.2014 10:35:25
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Cisco Intelligent Automation for Cloud in Cisco Cloud Portal does not properly restrict the content of MyServices action URLs, which allows remote authenticated users to obtain sensitive information by reading (1) web-server access logs, (2) web-serv...

4

CVE-2014-3298

  • EPSS 0.31%
  • Veröffentlicht 02.07.2014 10:35:25
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Form Data Viewer in Cisco Intelligent Automation for Cloud in Cisco Cloud Portal places passwords in form data, which allows remote authenticated users to obtain sensitive information by reading HTML source code, aka Bug ID CSCui36976.

5

CVE-2014-0694

  • EPSS 0.25%
  • Veröffentlicht 14.03.2014 10:55:05
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Intelligent Automation for Cloud (IAC) in Cisco Cloud Portal 9.4.1 and earlier includes a cryptographic key in binary files, which makes it easier for remote attackers to obtain cleartext data from an arbitrary IAC installation by leveraging knowledg...

5

CVE-2013-6708

  • EPSS 0.97%
  • Veröffentlicht 10.12.2013 06:14:55
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Cisco Cloud Portal 9.4 allows remote attackers to read files of unspecified types via a direct request, aka Bug IDs CSCuj08426 and CSCui60889.

4

CVE-2013-1139

  • EPSS 0.15%
  • Veröffentlicht 27.02.2013 00:55:01
  • Zuletzt bearbeitet 11.04.2025 00:51:21

The nsAPI interface in Cisco Cloud Portal 9.1 SP1 and SP2, and 9.3 through 9.3.2, does not properly check privileges, which allows remote authenticated users to obtain sensitive information via a crafted URL, aka Bug ID CSCud81134.