{"api_version":"1","generated_at":"2026-05-05T22:54:57+00:00","cve":"CVE-2014-3298","urls":{"html":"https://cve.report/CVE-2014-3298","api":"https://cve.report/api/cve/CVE-2014-3298.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2014-3298","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2014-3298"},"summary":{"title":"CVE-2014-3298","description":"Form Data Viewer in Cisco Intelligent Automation for Cloud in Cisco Cloud Portal places passwords in form data, which allows remote authenticated users to obtain sensitive information by reading HTML source code, aka Bug ID CSCui36976.","state":"PUBLIC","assigner":"psirt@cisco.com","published_at":"2014-07-02 10:35:00","updated_at":"2015-12-03 18:38:00"},"problem_types":["CWE-255"],"metrics":[],"references":[{"url":"http://www.securityfocus.com/bid/68309","name":"68309","refsource":"BID","tags":[],"title":"Cisco Cloud Portal Form Data Viewer Multiple Information Disclosure Vulnerabilities","mime":"text/html","httpstatus":"200","archivestatus":"0"},{"url":"http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3298","name":"20140701 Cisco Intelligent Automation for Cloud Form Data Viewer Utility Vulnerability","refsource":"CISCO","tags":["Vendor Advisory"],"title":"","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"http://secunia.com/advisories/58985","name":"58985","refsource":"SECUNIA","tags":[],"title":"Security Advisory SA58985 - Cisco Intelligent Automation for Cloud Multiple Information Disclosure Security Issues - Secunia","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://tools.cisco.com/security/center/viewAlert.x?alertId=34833","name":"http://tools.cisco.com/security/center/viewAlert.x?alertId=34833","refsource":"CONFIRM","tags":["Vendor Advisory"],"title":"","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"http://www.securitytracker.com/id/1030511","name":"1030511","refsource":"SECTRACK","tags":[],"title":"Cisco Cloud Portal Discloses Passwords to Remote Authenticated Users - SecurityTracker","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.cve.org/CVERecord?id=CVE-2014-3298","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2014-3298","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2014","cve_id":"3298","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"cisco","cpe5":"cloud_portal","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2014","cve_id":"3298","vulnerable":"1","versionEndIncluding":"1","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"cisco","cpe5":"cloud_portal","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[]},"source_records":{"cve_program":{"CVE_data_meta":{"ASSIGNER":"psirt@cisco.com","ID":"CVE-2014-3298","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"n/a","version":{"version_data":[{"version_value":"n/a"}]}}]},"vendor_name":"n/a"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"Form Data Viewer in Cisco Intelligent Automation for Cloud in Cisco Cloud Portal places passwords in form data, which allows remote authenticated users to obtain sensitive information by reading HTML source code, aka Bug ID CSCui36976."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"n/a"}]}]},"references":{"reference_data":[{"name":"20140701 Cisco Intelligent Automation for Cloud Form Data Viewer Utility Vulnerability","refsource":"CISCO","url":"http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3298"},{"name":"http://tools.cisco.com/security/center/viewAlert.x?alertId=34833","refsource":"CONFIRM","url":"http://tools.cisco.com/security/center/viewAlert.x?alertId=34833"},{"name":"58985","refsource":"SECUNIA","url":"http://secunia.com/advisories/58985"},{"name":"68309","refsource":"BID","url":"http://www.securityfocus.com/bid/68309"},{"name":"1030511","refsource":"SECTRACK","url":"http://www.securitytracker.com/id/1030511"}]}},"nvd":{"publishedDate":"2014-07-02 10:35:00","lastModifiedDate":"2015-12-03 18:38:00","problem_types":["CWE-255"],"metrics":{"baseMetricV2":{"cvssV2":{"version":"2.0","vectorString":"AV:N/AC:L/Au:S/C:P/I:N/A:N","accessVector":"NETWORK","accessComplexity":"LOW","authentication":"SINGLE","confidentialityImpact":"PARTIAL","integrityImpact":"NONE","availabilityImpact":"NONE","baseScore":4},"severity":"MEDIUM","exploitabilityScore":8,"impactScore":2.9,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}},"configurations":{"CVE_data_version":"4.0","nodes":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:cisco:cloud_portal:-:*:*:*:*:*:*:*","cpe_name":[]}]}]}},"legacy_mitre":{"record":{"CveYear":"2014","CveId":"3298","Ordinal":"70249","Title":"CVE-2014-3298","CVE":"CVE-2014-3298","Year":"2014"},"notes":[{"CveYear":"2014","CveId":"3298","Ordinal":"1","NoteData":"Form Data Viewer in Cisco Intelligent Automation for Cloud in Cisco Cloud Portal places passwords in form data, which allows remote authenticated users to obtain sensitive information by reading HTML source code, aka Bug ID CSCui36976.","Type":"Description","Title":null},{"CveYear":"2014","CveId":"3298","Ordinal":"2","NoteData":"2014-07-02","Type":"Other","Title":"Published"},{"CveYear":"2014","CveId":"3298","Ordinal":"3","NoteData":"2014-07-22","Type":"Other","Title":"Modified"}]}}}