nvd-json-data-feeds/CVE-2014/CVE-2014-32xx/CVE-2014-3298.json

{
  "id": "CVE-2014-3298",
  "sourceIdentifier": "ykramarz@cisco.com",
  "published": "2014-07-02T10:35:25.597",
  "lastModified": "2015-12-03T18:38:09.607",
  "vulnStatus": "Analyzed",
  "descriptions": [
    {
      "lang": "en",
      "value": "Form Data Viewer in Cisco Intelligent Automation for Cloud in Cisco Cloud Portal places passwords in form data, which allows remote authenticated users to obtain sensitive information by reading HTML source code, aka Bug ID CSCui36976."
    },
    {
      "lang": "es",
      "value": "Form Data Viewer en Cisco Intelligent Automation for Cloud en Cisco Cloud Portal coloca contrase\u00f1as en datos de formularios, lo que permite a usuarios remotos autenticados obtener informaci\u00f3n sensible mediante la lectura del c\u00f3digo fuente HTML, tambi\u00e9n conocido como Bug ID CSCui36976."
    }
  ],
  "metrics": {
    "cvssMetricV2": [
      {
        "source": "nvd@nist.gov",
        "type": "Primary",
        "cvssData": {
          "version": "2.0",
          "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
          "accessVector": "NETWORK",
          "accessComplexity": "LOW",
          "authentication": "SINGLE",
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 4.0
        },
        "baseSeverity": "MEDIUM",
        "exploitabilityScore": 8.0,
        "impactScore": 2.9,
        "acInsufInfo": false,
        "obtainAllPrivilege": false,
        "obtainUserPrivilege": false,
        "obtainOtherPrivilege": false,
        "userInteractionRequired": false
      }
    ]
  },
  "weaknesses": [
    {
      "source": "nvd@nist.gov",
      "type": "Primary",
      "description": [
        {
          "lang": "en",
          "value": "CWE-255"
        }
      ]
    }
  ],
  "configurations": [
    {
      "nodes": [
        {
          "operator": "OR",
          "negate": false,
          "cpeMatch": [
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:cisco:cloud_portal:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6CD287F4-D184-48A5-B8F4-FE0D14AE0EBE"
            }
          ]
        }
      ]
    }
  ],
  "references": [
    {
      "url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3298",
      "source": "ykramarz@cisco.com",
      "tags": [
        "Vendor Advisory"
      ]
    },
    {
      "url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=34833",
      "source": "ykramarz@cisco.com",
      "tags": [
        "Vendor Advisory"
      ]
    },
    {
      "url": "http://www.securityfocus.com/bid/68309",
      "source": "ykramarz@cisco.com"
    },
    {
      "url": "http://www.securitytracker.com/id/1030511",
      "source": "ykramarz@cisco.com"
    }
  ]
}