CVE-2014-3352

Cisco Intelligent Automation for Cloud (aka Cisco Cloud Portal) 2008.3_SP9 and earlier does not properly consider whether a session is a problematic NULL session, which allows remote attackers to obtain sensitive information via crafted packets, related to an "iFrame vulnerability," aka Bug ID CSCuh84801.

Severity	MEDIUM
CVSS	4.3
EPSS	1.05% EPSS medium
CWE	CWE-20
KEV
Published	11 years ago
Modified	2 weeks ago

Public Affected Products

Product	Advisory	Evidence
Cisco Cloud Portal	Cisco-SA-20140829-CVE-2014-3352	Cisco CSAF · structured affected