CVE-2013-1139 Information

Description

The nsAPI interface in Cisco Cloud Portal 9.1 SP1 and SP2 and 9.3 through 9.3.2 does not properly check privileges which allows remote authenticated users to obtain sensitive information via a crafted URL aka Bug ID CSCud81134.

Reference

http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-1139 http://tools.cisco.com/security/center/viewAlert.x?alertId=28387