Vulnerability Details CVE-2014-3349
Cisco Intelligent Automation for Cloud (aka Cisco Cloud Portal) does not validate file types during the handling of file submission, which allows remote authenticated users to upload arbitrary files via a crafted request, aka Bug ID CSCuh87410.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 49.9%
CVSS Severity
CVSS v2 Score 4.0
References
- http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3349
- http://www.securityfocus.com/bid/69455
- http://www.securitytracker.com/id/1030783
- https://exchange.xforce.ibmcloud.com/vulnerabilities/95586
- http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3349
- http://www.securityfocus.com/bid/69455
- http://www.securitytracker.com/id/1030783
- https://exchange.xforce.ibmcloud.com/vulnerabilities/95586
Products affected by CVE-2014-3349
-
cpe:2.3:a:cisco:cloud_portal:-