CVE-2014-3351

Published: Aug 29, 2014Modified: May 6, 2026

5.0

Vector

AV:N/AC:L/Au:N/C:P/I:N/A:N

Exploitability: 10.0 / Impact: 2.9

Source: NVD

Description

Cisco Intelligent Automation for Cloud (aka Cisco Cloud Portal) does not properly consider whether a session is a problematic NULL session, which allows remote attackers to obtain sensitive information via crafted packets, aka Bug IDs CSCuh87398 and CSCuh87380.

Affected (1)

Products: Cisco: Cloud Portal

1 product

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Cisco Cloud Portal	All versions

Related CWEs

Exposure of Sensitive Information to an Unauthorized Actor

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

References (10)

http://secunia.com/advisories/60960

Source: psirt@cisco.com

http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3351

Source: psirt@cisco.com

Vendor Advisory

http://www.securityfocus.com/bid/69456

Source: psirt@cisco.com

http://www.securitytracker.com/id/1030782

Source: psirt@cisco.com

https://exchange.xforce.ibmcloud.com/vulnerabilities/95585

Source: psirt@cisco.com

http://secunia.com/advisories/60960

Source: af854a3a-2127-422b-91ae-364da2661108

http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3351

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://www.securityfocus.com/bid/69456

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securitytracker.com/id/1030782

Source: af854a3a-2127-422b-91ae-364da2661108

https://exchange.xforce.ibmcloud.com/vulnerabilities/95585

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.