CVE-2013-1139

The nsAPI interface in Cisco Cloud Portal 9.1 SP1 and SP2, and 9.3 through 9.3.2, does not properly check privileges, which allows remote authenticated users to obtain sensitive information via a crafted URL, aka Bug ID CSCud81134.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
4 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:S/C:P/I:N/A:N
ciscoCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 37%
VendorProductVersion
ciscocloud_portal
9.1:sp1
ciscocloud_portal
9.1:sp2
ciscocloud_portal
9.3
ciscocloud_portal
9.3.1
ciscocloud_portal
9.3.2
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-1139
http://tools.cisco.com/security/center/viewAlert.x?alertId=28387
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-1139
http://tools.cisco.com/security/center/viewAlert.x?alertId=28387