Lucene search

CiscoCVE-2013-5525

HistoryOct 10, 2013 - 10:55 a.m.

CVE-2013-5525

2013-10-1010:55:06

CWE-89

cisco

web.nvd.nist.gov

cve-2013-5525

sql injection

cisco

ise

remote authentication

vulnerability

bug id cscug90502

CVSS2

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:P/I:P/A:P

AI Score

8.2

Confidence

High

EPSS

0.003

Percentile

70.6%

JSON

SQL injection vulnerability in the web framework in Cisco Identity Services Engine (ISE) 1.2 and earlier allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors, aka Bug ID CSCug90502.

Affected configurations

Nvd

Node

ciscoidentity_services_engine_softwareRange≤1.2

ciscoidentity_services_engine_softwareMatch1.0

ciscoidentity_services_engine_softwareMatch1.1

VendorProductVersionCPE
ciscoidentity_services_engine_software*cpe:2.3:a:cisco:identity_services_engine_software:*:*:*:*:*:*:*:*
ciscoidentity_services_engine_software1.0cpe:2.3:a:cisco:identity_services_engine_software:1.0:*:*:*:*:*:*:*
ciscoidentity_services_engine_software1.1cpe:2.3:a:cisco:identity_services_engine_software:1.1:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
cisco	identity_services_engine_software	*	cpe:2.3:a:cisco:identity_services_engine_software::::::::
cisco	identity_services_engine_software	1.0	cpe:2.3:a:cisco:identity_services_engine_software:1.0:::::::*
cisco	identity_services_engine_software	1.1	cpe:2.3:a:cisco:identity_services_engine_software:1.1:::::::*

References

osvdb.org/98167

secunia.com/advisories/55098

tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-5525

tools.cisco.com/security/center/viewAlert.x?alertId=31160

www.securitytracker.com/id/1029156

exchange.xforce.ibmcloud.com/vulnerabilities/87723

CVSS2

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:P/I:P/A:P

AI Score

8.2

Confidence

High

EPSS

0.003

Percentile

70.6%

JSON

Related for CVE-2013-5525