Lucene search

CiscoCVE-2013-5504

HistorySep 30, 2013 - 5:09 p.m.

CVE-2013-5504

2013-09-3017:09:25

CWE-79

cisco

web.nvd.nist.gov

cisco

ise

xss

vulnerability

security

nvd

cve-2013-5504

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

5.9

Confidence

High

EPSS

0.002

Percentile

58.7%

JSON

Cross-site scripting (XSS) vulnerability in the Mobile Device Management (MDM) portal in Cisco Identity Services Engine (ISE) allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter, aka Bug ID CSCui30266.

Affected configurations

Nvd

Node

ciscoidentity_services_engine_softwareMatch-

VendorProductVersionCPE
ciscoidentity_services_engine_software-cpe:2.3:a:cisco:identity_services_engine_software:-:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
cisco	identity_services_engine_software	-	cpe:2.3:a:cisco:identity_services_engine_software:-:::::::*

References

osvdb.org/97877

tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-5504

tools.cisco.com/security/center/viewAlert.x?alertId=31007

www.securityfocus.com/bid/62694

www.securitytracker.com/id/1029110

exchange.xforce.ibmcloud.com/vulnerabilities/87531

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

5.9

Confidence

High

EPSS

0.002

Percentile

58.7%

JSON

Related for CVE-2013-5504