Cisco Intelligent Automation for Cloud (aka Cisco Cloud Portal) 2008.3_SP9 and earlier does not properly consider whether a session is a problematic NULL session, which allows remote attackers to obtain sensitive information via crafted packets, related to an "iFrame vulnerability," aka Bug ID CSCuh84801.
https://exchange.xforce.ibmcloud.com/vulnerabilities/95605
http://www.securitytracker.com/id/1030785
http://www.securityfocus.com/bid/69458
http://tools.cisco.com/security/center/viewAlert.x?alertId=35479
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3352