Cloud Portal

cloud_portal

Vendor: Cisco • 9 CVEs

CVEs (9)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2014-3352 1Cisco 1Cloud Portal May 6, 2026 Aug 30, 2014 N/A· v4 N/A· v3 4.3 MEDIUM· v2 Cisco Intelligent Automation for Cloud (aka Cisco Cloud Portal) 2008.3_SP9 and earlier does not properly consider whether a session is a problematic NULL session, which allows remote attackers to obtain sensitive informa...Show more Cisco Intelligent Automation for Cloud (aka Cisco Cloud Portal) 2008.3_SP9 and earlier does not properly consider whether a session is a problematic NULL session, which allows remote attackers to obtain sensitive information via crafted packets, related to an "iFrame vulnerability," aka Bug ID CSCuh84801.Show less
CVE-2014-3351 1Cisco 1Cloud Portal May 6, 2026 Aug 29, 2014 N/A· v4 N/A· v3 5.0 MEDIUM· v2 Cisco Intelligent Automation for Cloud (aka Cisco Cloud Portal) does not properly consider whether a session is a problematic NULL session, which allows remote attackers to obtain sensitive information via crafted packet...Show more Cisco Intelligent Automation for Cloud (aka Cisco Cloud Portal) does not properly consider whether a session is a problematic NULL session, which allows remote attackers to obtain sensitive information via crafted packets, aka Bug IDs CSCuh87398 and CSCuh87380.Show less
CVE-2014-3350 1Cisco 1Cloud Portal May 6, 2026 Aug 29, 2014 N/A· v4 N/A· v3 4.0 MEDIUM· v2 Cisco Intelligent Automation for Cloud (aka Cisco Cloud Portal) does not properly implement URL redirection, which allows remote authenticated users to obtain sensitive information via a crafted URL, aka Bug ID CSCuh8487...Show more Cisco Intelligent Automation for Cloud (aka Cisco Cloud Portal) does not properly implement URL redirection, which allows remote authenticated users to obtain sensitive information via a crafted URL, aka Bug ID CSCuh84870.Show less
CVE-2014-3349 1Cisco 1Cloud Portal May 6, 2026 Aug 29, 2014 N/A· v4 N/A· v3 4.0 MEDIUM· v2 Cisco Intelligent Automation for Cloud (aka Cisco Cloud Portal) does not validate file types during the handling of file submission, which allows remote authenticated users to upload arbitrary files via a crafted request...Show more Cisco Intelligent Automation for Cloud (aka Cisco Cloud Portal) does not validate file types during the handling of file submission, which allows remote authenticated users to upload arbitrary files via a crafted request, aka Bug ID CSCuh87410.Show less
CVE-2014-3298 1Cisco 1Cloud Portal May 6, 2026 Jul 2, 2014 N/A· v4 N/A· v3 4.0 MEDIUM· v2 Form Data Viewer in Cisco Intelligent Automation for Cloud in Cisco Cloud Portal places passwords in form data, which allows remote authenticated users to obtain sensitive information by reading HTML source code, aka Bug...Show more Form Data Viewer in Cisco Intelligent Automation for Cloud in Cisco Cloud Portal places passwords in form data, which allows remote authenticated users to obtain sensitive information by reading HTML source code, aka Bug ID CSCui36976.Show less
CVE-2014-3297 1Cisco 1Cloud Portal May 6, 2026 Jul 2, 2014 N/A· v4 N/A· v3 4.0 MEDIUM· v2 Cisco Intelligent Automation for Cloud in Cisco Cloud Portal does not properly restrict the content of MyServices action URLs, which allows remote authenticated users to obtain sensitive information by reading (1) web-se...Show more Cisco Intelligent Automation for Cloud in Cisco Cloud Portal does not properly restrict the content of MyServices action URLs, which allows remote authenticated users to obtain sensitive information by reading (1) web-server access logs, (2) web-server Referer logs, or (3) the browser history, aka Bug IDs CSCui36937, CSCui37004, and CSCui36927.Show less
CVE-2014-0694 1Cisco 1Cloud Portal May 6, 2026 Mar 14, 2014 N/A· v4 N/A· v3 5.0 MEDIUM· v2 Intelligent Automation for Cloud (IAC) in Cisco Cloud Portal 9.4.1 and earlier includes a cryptographic key in binary files, which makes it easier for remote attackers to obtain cleartext data from an arbitrary IAC insta...Show more Intelligent Automation for Cloud (IAC) in Cisco Cloud Portal 9.4.1 and earlier includes a cryptographic key in binary files, which makes it easier for remote attackers to obtain cleartext data from an arbitrary IAC installation by leveraging knowledge of this key, aka Bug IDs CSCui34764, CSCui34772, CSCui34776, CSCui34798, CSCui34800, CSCui34805, CSCui34809, CSCui34810, CSCui34813, CSCui34814, and CSCui34818.Show less
CVE-2013-6708 1Cisco 1Cloud Portal Apr 29, 2026 Dec 10, 2013 N/A· v4 N/A· v3 5.0 MEDIUM· v2 Cisco Cloud Portal 9.4 allows remote attackers to read files of unspecified types via a direct request, aka Bug IDs CSCuj08426 and CSCui60889.
CVE-2013-1139 1Cisco 1Cloud Portal Apr 29, 2026 Feb 27, 2013 N/A· v4 N/A· v3 4.0 MEDIUM· v2 The nsAPI interface in Cisco Cloud Portal 9.1 SP1 and SP2, and 9.3 through 9.3.2, does not properly check privileges, which allows remote authenticated users to obtain sensitive information via a crafted URL, aka Bug ID...Show more The nsAPI interface in Cisco Cloud Portal 9.1 SP1 and SP2, and 9.3 through 9.3.2, does not properly check privileges, which allows remote authenticated users to obtain sensitive information via a crafted URL, aka Bug ID CSCud81134.Show less