Lucene search
CiscoCVE-2013-3420HistoryOct 03, 2022 - 4:14 p.m.
CVE-2013-3420
2022-10-0316:14:46
CWE-352
cisco
web.nvd.nist.gov
22
cisco
ise
csrf
vulnerability
nvd
remote attack
CVSS2
6.8
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
AI Score
7.4
Confidence
Low
EPSS
0.001
Percentile
35.9%
Cross-site request forgery (CSRF) vulnerability in the web framework on the Cisco Identity Services Engine (ISE) allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCuh25506.
Affected configurations
Node
ciscoidentity_services_engine_softwareMatch-
ciscoidentity_services_engineMatch-
| Vendor | Product | Version | CPE |
|---|---|---|---|
| cisco | identity_services_engine | - | cpe:/h:cisco:identity_services_engine:-::: |
| cisco | identity_services_engine_software | - | cpe:/a:cisco:identity_services_engine_software:-::: |
Related
cisco
cisco
Cisco Identity Services Engine Cross-Site Request Forgery Vulnerability
2013-07-17 13:46:56
nvd
nvd
CVE-2013-3420
2013-07-18 12:51:14
prion
prion
Cross site request forgery (csrf)
2013-07-18 12:51:00
cvelist
cvelist
CVE-2013-3420
2022-10-03 16:14:46
CVSS2
6.8
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
AI Score
7.4
Confidence
Low
EPSS
0.001
Percentile
35.9%
Related for CVE-2013-3420