Lucene search
CiscoCVE-2015-6266HistoryAug 28, 2015 - 3:59 p.m.
CVE-2015-6266
2015-08-2815:59:01
CWE-287
cisco
web.nvd.nist.gov
26
cisco
identity services engine
ise 3300
cve-2015-6266
bug id cscuo78045
information security
CVSS2
5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
AI Score
6.1
Confidence
Low
EPSS
0.003
Percentile
66.1%
The guest portal in Cisco Identity Services Engine (ISE) 3300 1.2(0.899) does not restrict access to uploaded HTML documents, which allows remote attackers to obtain sensitive information from customized documents via a direct request, aka Bug ID CSCuo78045.
Affected configurations
Node
ciscoidentity_services_engine_softwareMatch1.2\(0.899\)
| Vendor | Product | Version | CPE |
|---|---|---|---|
| cisco | identity_services_engine_software | 1.2(0.899) | cpe:2.3:a:cisco:identity_services_engine_software:1.2\(0.899\):*:*:*:*:*:*:* |
Related
nvd
nvd
CVE-2015-6266
2015-08-28 15:59:01
prion
prion
Design/Logic Flaw
2015-08-28 15:59:00
cisco
cisco
cvelist
cvelist
CVE-2015-6266
2015-08-28 14:00:00
CVSS2
5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
AI Score
6.1
Confidence
Low
EPSS
0.003
Percentile
66.1%
Related for CVE-2015-6266