Detections
Analytics

CVE-2014-3367

medium

Description

Cross-site scripting (XSS) vulnerability in the vCloud Director component in Cisco Nexus 1000V InterCloud for VMware allows remote attackers to inject arbitrary web script or HTML via an unspecified value, aka Bug ID CSCuq90524.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/96126

http://www.securitytracker.com/id/1030881

http://www.securityfocus.com/bid/70010

http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3367

http://secunia.com/advisories/61426

Details

Source: Mitre, NVD

Published: 2014-09-20

Updated: 2026-06-17

Risk Information

CVSS v2

Base Score: 4.3

Vector: CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N

Severity: Medium

CVSS v3

Base Score: 6.1

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Severity: Medium

EPSS

EPSS: 0.0034