CVE-2014-3349
Cisco Cloud Portal - Authenticated Arbitrary File Upload via File Submission
Title source: llmDescription
Cisco Intelligent Automation for Cloud (aka Cisco Cloud Portal) does not validate file types during the handling of file submission, which allows remote authenticated users to upload arbitrary files via a crafted request, aka Bug ID CSCuh87410.
References (4)
Core 4
Core References
Vendor Advisory vendor-advisory
x_refsource_cisco
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3349
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id/1030783
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/95586
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/69455
Scores
EPSS
0.0163
EPSS Percentile
73.3%
Details
CWE
CWE-20
Status
published
Products (1)
cisco/cloud_portal
Published
Aug 29, 2014
Tracked Since
Feb 18, 2026