1. Home
  2. CVE Database
  3. CVE-2014-3367
MEDIUM · 4.3

CVE-2014-3367

Cross-site scripting (XSS) vulnerability in the vCloud Director component in Cisco Nexus 1000V InterCloud for VMware allows remote attackers to inject arbitrary web script or HTML via an unspecified v...

Vulnerability Description

Cross-site scripting (XSS) vulnerability in the vCloud Director component in Cisco Nexus 1000V InterCloud for VMware allows remote attackers to inject arbitrary web script or HTML via an unspecified value, aka Bug ID CSCuq90524.

CVSS Score

4.3

MEDIUM

AV:N/AC:M/Au:N/C:N/I:P/A:N
Confidentiality
NONE
Integrity
PARTIAL
Availability
NONE

Affected Products

VendorProductVersions
CiscoCisco Nexus 1000V Intercloud-

Related Weaknesses (CWE)

CWE-79

References

FAQ

What is CVE-2014-3367?

CVE-2014-3367 is a vulnerability with a CVSS score of 4.3 (MEDIUM). Cross-site scripting (XSS) vulnerability in the vCloud Director component in Cisco Nexus 1000V InterCloud for VMware allows remote attackers to inject arbitrary web script or HTML via an unspecified v...

How severe is CVE-2014-3367?

CVE-2014-3367 has been rated MEDIUM with a CVSS base score of 4.3/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2014-3367?

Check the references section above for vendor advisories and patch information. Affected products include: Cisco Cisco Nexus 1000V Intercloud.