Lucene search
CiscoCVE-2013-5541HistoryOct 16, 2013 - 10:52 a.m.
CVE-2013-5541
2013-10-1610:52:45
CWE-79
cisco
web.nvd.nist.gov
23
cisco
ise
xss
cve-2013-5541
vulnerability
file upload
remote authenticated
web script
html
bug id cscui67495
nvd
CVSS2
3.5
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:S/C:N/I:P/A:N
AI Score
5.3
Confidence
High
EPSS
0.001
Percentile
30.3%
Cross-site scripting (XSS) vulnerability in the file-upload interface in Cisco Identity Services Engine (ISE) allows remote authenticated users to inject arbitrary web script or HTML via a crafted filename, aka Bug ID CSCui67495.
Affected configurations
Node
ciscoidentity_services_engine_softwareMatch-
ciscoidentity_services_engineMatch-
| Vendor | Product | Version | CPE |
|---|---|---|---|
| cisco | identity_services_engine_software | - | cpe:2.3:a:cisco:identity_services_engine_software:-:*:*:*:*:*:*:* |
| cisco | identity_services_engine | - | cpe:2.3:h:cisco:identity_services_engine:-:*:*:*:*:*:*:* |
Related
prion
prion
Cross site scripting
2013-10-16 10:52:00
cisco
cisco
Cisco Identity Services Engine Upload Filename Validation Vulnerability
2013-10-16 16:20:09
cvelist
cvelist
CVE-2013-5541
2013-10-16 10:00:00
nvd
nvd
CVE-2013-5541
2013-10-16 10:52:45
CVSS2
3.5
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:S/C:N/I:P/A:N
AI Score
5.3
Confidence
High
EPSS
0.001
Percentile
30.3%
Related for CVE-2013-5541