VAR-201408-0171
Vulnerability from variot - Updated: 2025-04-13 23:39Cisco Intelligent Automation for Cloud (aka Cisco Cloud Portal) does not properly consider whether a session is a problematic NULL session, which allows remote attackers to obtain sensitive information via crafted packets, aka Bug IDs CSCuh87398 and CSCuh87380. Vendors have confirmed this vulnerability Bug ID CSCuh87398 ,and CSCuh87380 It is released as.A third party may be able to obtain important information via a crafted packet. Attackers can exploit this issue to retrieve sensitive information. Information harvested may aid in launching further attacks. This issue is tracked by Cisco Bug IDs CSCuh87398 and CSCuh87380. The solution provides effective IT management in cloud environments and supports all cloud models as well as virtual and physical infrastructures
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201408-0171",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "cloud portal",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": null
},
{
"model": "cloud portal",
"scope": "lte",
"trust": 0.8,
"vendor": "cisco",
"version": "2008.3_sp9"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-003993"
},
{
"db": "CNNVD",
"id": "CNNVD-201408-464"
},
{
"db": "NVD",
"id": "CVE-2014-3351"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:cisco:cloud_portal",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-003993"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco",
"sources": [
{
"db": "BID",
"id": "69456"
}
],
"trust": 0.3
},
"cve": "CVE-2014-3351",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2014-3351",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-71291",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2014-3351",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2014-3351",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-201408-464",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-71291",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-71291"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-003993"
},
{
"db": "CNNVD",
"id": "CNNVD-201408-464"
},
{
"db": "NVD",
"id": "CVE-2014-3351"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco Intelligent Automation for Cloud (aka Cisco Cloud Portal) does not properly consider whether a session is a problematic NULL session, which allows remote attackers to obtain sensitive information via crafted packets, aka Bug IDs CSCuh87398 and CSCuh87380. Vendors have confirmed this vulnerability Bug ID CSCuh87398 ,and CSCuh87380 It is released as.A third party may be able to obtain important information via a crafted packet. \nAttackers can exploit this issue to retrieve sensitive information. Information harvested may aid in launching further attacks. \nThis issue is tracked by Cisco Bug IDs CSCuh87398 and CSCuh87380. The solution provides effective IT management in cloud environments and supports all cloud models as well as virtual and physical infrastructures",
"sources": [
{
"db": "NVD",
"id": "CVE-2014-3351"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-003993"
},
{
"db": "BID",
"id": "69456"
},
{
"db": "VULHUB",
"id": "VHN-71291"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2014-3351",
"trust": 2.8
},
{
"db": "BID",
"id": "69456",
"trust": 1.4
},
{
"db": "SECUNIA",
"id": "60960",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1030782",
"trust": 1.1
},
{
"db": "JVNDB",
"id": "JVNDB-2014-003993",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201408-464",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-71291",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-71291"
},
{
"db": "BID",
"id": "69456"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-003993"
},
{
"db": "CNNVD",
"id": "CNNVD-201408-464"
},
{
"db": "NVD",
"id": "CVE-2014-3351"
}
]
},
"id": "VAR-201408-0171",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-71291"
}
],
"trust": 0.01
},
"last_update_date": "2025-04-13T23:39:09.621000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Cisco Intelligent Automation for Cloud Enumeration Vulnerability",
"trust": 0.8,
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3351"
},
{
"title": "35476",
"trust": 0.8,
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=35476"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-003993"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-200",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-71291"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-003993"
},
{
"db": "NVD",
"id": "CVE-2014-3351"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://tools.cisco.com/security/center/content/ciscosecuritynotice/cve-2014-3351"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/bid/69456"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1030782"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/60960"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95585"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-3351"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-3351"
},
{
"trust": 0.3,
"url": "http://www.cisco.com"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-71291"
},
{
"db": "BID",
"id": "69456"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-003993"
},
{
"db": "CNNVD",
"id": "CNNVD-201408-464"
},
{
"db": "NVD",
"id": "CVE-2014-3351"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-71291"
},
{
"db": "BID",
"id": "69456"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-003993"
},
{
"db": "CNNVD",
"id": "CNNVD-201408-464"
},
{
"db": "NVD",
"id": "CVE-2014-3351"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-08-29T00:00:00",
"db": "VULHUB",
"id": "VHN-71291"
},
{
"date": "2014-08-28T00:00:00",
"db": "BID",
"id": "69456"
},
{
"date": "2014-09-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-003993"
},
{
"date": "2014-08-29T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201408-464"
},
{
"date": "2014-08-29T09:55:08.290000",
"db": "NVD",
"id": "CVE-2014-3351"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-08-29T00:00:00",
"db": "VULHUB",
"id": "VHN-71291"
},
{
"date": "2014-09-01T00:04:00",
"db": "BID",
"id": "69456"
},
{
"date": "2014-09-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-003993"
},
{
"date": "2014-09-02T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201408-464"
},
{
"date": "2025-04-12T10:46:40.837000",
"db": "NVD",
"id": "CVE-2014-3351"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201408-464"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco Intelligent Automation for Cloud Vulnerability in which important information is obtained",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-003993"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "information disclosure",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201408-464"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…