Vulnerability Details CVE-2014-3298
Form Data Viewer in Cisco Intelligent Automation for Cloud in Cisco Cloud Portal places passwords in form data, which allows remote authenticated users to obtain sensitive information by reading HTML source code, aka Bug ID CSCui36976.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 53.3%
CVSS Severity
CVSS v2 Score 4.0
References
- http://secunia.com/advisories/58985
- http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3298
- http://tools.cisco.com/security/center/viewAlert.x?alertId=34833
- http://www.securityfocus.com/bid/68309
- http://www.securitytracker.com/id/1030511
- http://secunia.com/advisories/58985
- http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3298
- http://tools.cisco.com/security/center/viewAlert.x?alertId=34833
- http://www.securityfocus.com/bid/68309
- http://www.securitytracker.com/id/1030511
Products affected by CVE-2014-3298
-
cpe:2.3:a:cisco:cloud_portal:-