Lucene search

[email protected]NVD:CVE-2013-5505

HistorySep 30, 2013 - 5:09 p.m.

CVE-2013-5505

2013-09-3017:09:25

CWE-79

[email protected]

web.nvd.nist.gov

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

5.7

Confidence

High

EPSS

0.003

Percentile

68.2%

JSON

Cross-site scripting (XSS) vulnerability in an administration page in Cisco Identity Services Engine (ISE) allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter, aka Bug ID CSCui30275.

Affected configurations

Nvd

Node

ciscoidentity_services_engine_softwareMatch-

VendorProductVersionCPE
ciscoidentity_services_engine_software-cpe:2.3:a:cisco:identity_services_engine_software:-:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
cisco	identity_services_engine_software	-	cpe:2.3:a:cisco:identity_services_engine_software:-:::::::*

References

osvdb.org/97875

secunia.com/advisories/54626

tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-5505

tools.cisco.com/security/center/viewAlert.x?alertId=31008

www.securityfocus.com/bid/62693

www.securitytracker.com/id/1029111

exchange.xforce.ibmcloud.com/vulnerabilities/87530

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

5.7

Confidence

High

EPSS

0.003

Percentile

68.2%

JSON

Related for NVD:CVE-2013-5505

cvelist1 cve1 prion1 cisco1