CVE-2014-3349

Cisco Cloud Portal - Authenticated Arbitrary File Upload via File Submission

Title source: llm
STIX 2.1

Description

Cisco Intelligent Automation for Cloud (aka Cisco Cloud Portal) does not validate file types during the handling of file submission, which allows remote authenticated users to upload arbitrary files via a crafted request, aka Bug ID CSCuh87410.

References (4)

Core 4
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://www.securitytracker.com/id/1030783
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/95586
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/69455

Scores

EPSS 0.0163
EPSS Percentile 73.3%

Details

CWE
CWE-20
Status published
Products (1)
cisco/cloud_portal
Published Aug 29, 2014
Tracked Since Feb 18, 2026