SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Application (Generic)  >   Cisco Cloud Portal Vendors:   Cisco
Cisco Cloud Portal Input Validation Flaw Permits URL Redirection Attacks
SecurityTracker Alert ID:  1030784
SecurityTracker URL:  http://securitytracker.com/id/1030784
CVE Reference:   CVE-2014-3350   (Links to External Site)
Date:  Aug 29 2014
Impact:   Disclosure of user information, Modification of user information
Vendor Confirmed:  Yes  

Description:   A vulnerability was reported in Cisco Cloud Portal. A remote user can conduct URL redirection attacks.

A remote user can create a specially crafted URL that, when loaded by a target user, will redirect the target user's browser to an arbitrary site. This can be exploited to obtain potentially sensitive information.

The vendor has assigned bug ID CSCuh84870 to this vulnerability.

Impact:   A remote user can redirect the target user's browser to an arbitrary site to obtain potentially sensitive information.
Solution:   No solution was available at the time of this entry.

The vendor's advisory is available at:

http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3350

Vendor URL:  tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3350 (Links to External Site)
Cause:   Input validation error

Message History:   None.


 Source Message Contents



[Original Message Not Available for Viewing]


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2021, SecurityGlobal.net LLC