NVD

Id
31554  
Name
CVE-2014-3352  
Description
Cisco Intelligent Automation for Cloud (aka Cisco Cloud Portal) 2008.3_SP9 and earlier does not properly consider whether a session is a problematic NULL session, which allows remote attackers to obtain sensitive information via crafted packets, related to an "iFrame vulnerability," aka Bug ID CSCuh84801.  
Reject
 
CVSS Version
2  
CVSS Score
4.3  
Severity
Medium  
CVSS Base Score
4.3  
CVSS Impact Subscore
2.9  
CVSS Exploit Subscore
8.6  
CVSS Vector
(AV:N/AC:M/Au:N/C:P/I:N/A:N)  
Pub Date
2017-01-19  
Published
2014-08-30  
Modified Date
2017-01-06  
Seq
2014-3352  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
165393 31554 CVE-2014-3352 60956  View
165394 31554 CVE-2014-3352 20140828 Cisco Intelligent Automation for Cloud iFrame Vulnerability  View
165395 31554 CVE-2014-3352 http://tools.cisco.com/security/center/viewAlert.x?alertId=35479  View
165396 31554 CVE-2014-3352 69458  View
165397 31554 CVE-2014-3352 1030785  View
165398 31554 CVE-2014-3352 cisco-iac-cve20143352-info-disc(95605)  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
15133 JVNDB-2014-004008 Cisco Intelligent Automation for Cloud における重要な情報を取得される脆弱性 Cisco Intelligent Automation for Cloud (別名 Cisco Cloud Portal) は、セッションが問題のある NULL セッションかどうかを適切に考慮しないため、重要な情報を取得される脆弱性が存在します。 CVE-2014-3352 70640 CVE-2014-3352 31554 4.3 http://jvndb.jvn.jp/ja/contents/2014/JVNDB-2014-004008.html 2014-08-29 2014-09-03 View