Lucene search

CiscoCVE-2013-5540

HistoryOct 16, 2013 - 10:52 a.m.

CVE-2013-5540

2013-10-1610:52:45

CWE-399

cisco

web.nvd.nist.gov

cisco

ise

file upload

denial of service

disk consumption

administration interface

bug fix

cscui67519

nvd

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:S/C:N/I:N/A:C

AI Score

6.4

Confidence

High

EPSS

0.001

Percentile

44.4%

JSON

The file-upload feature in Cisco Identity Services Engine (ISE) allows remote authenticated users to cause a denial of service (disk consumption and administration-interface outage) by uploading many files, aka Bug ID CSCui67519.

Affected configurations

Nvd

Node

ciscoidentity_services_engine_softwareMatch-

AND

ciscoidentity_services_engineMatch-

VendorProductVersionCPE
ciscoidentity_services_engine_software-cpe:2.3:a:cisco:identity_services_engine_software:-:*:*:*:*:*:*:*
ciscoidentity_services_engine-cpe:2.3:h:cisco:identity_services_engine:-:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
cisco	identity_services_engine_software	-	cpe:2.3:a:cisco:identity_services_engine_software:-:::::::*
cisco	identity_services_engine	-	cpe:2.3:h:cisco:identity_services_engine:-:::::::*

References

tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-5540

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:S/C:N/I:N/A:C

AI Score

6.4

Confidence

High

EPSS

0.001

Percentile

44.4%

JSON

Related for CVE-2013-5540