CVE-2014-3349

Cisco Intelligent Automation for Cloud (aka Cisco Cloud Portal) does not validate file types during the handling of file submission, which allows remote authenticated users to upload arbitrary files via a crafted request, aka Bug ID CSCuh87410.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
4 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:S/C:N/I:P/A:N
ciscoCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 49%
VendorProductVersion
ciscocloud_portal
-
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3349
http://www.securityfocus.com/bid/69455
http://www.securitytracker.com/id/1030783
https://exchange.xforce.ibmcloud.com/vulnerabilities/95586
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3349
http://www.securityfocus.com/bid/69455
http://www.securitytracker.com/id/1030783
https://exchange.xforce.ibmcloud.com/vulnerabilities/95586