Lucene search
HistoryMay 26, 2014 - 12:25 a.m.
CVE-2014-3275
CVSS2
6.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:P/A:P
AI Score
7.8
Confidence
Low
EPSS
0.002
Percentile
55.3%
SQL injection vulnerability in the web framework in Cisco Identity Services Engine (ISE) 1.2(.1 patch 2) and earlier allows remote authenticated users to execute arbitrary SQL commands via a crafted URL, aka Bug ID CSCul21337.
Affected configurations
Node
ciscoidentity_services_engine_softwareRange≤1.2
ORciscoidentity_services_engine_softwareMatch1.0
ORciscoidentity_services_engine_softwareMatch1.1
| Vendor | Product | Version | CPE |
|---|---|---|---|
| cisco | identity_services_engine_software | * | cpe:2.3:a:cisco:identity_services_engine_software:*:*:*:*:*:*:*:* |
| cisco | identity_services_engine_software | 1.0 | cpe:2.3:a:cisco:identity_services_engine_software:1.0:*:*:*:*:*:*:* |
| cisco | identity_services_engine_software | 1.1 | cpe:2.3:a:cisco:identity_services_engine_software:1.1:*:*:*:*:*:*:* |
Related
cvelist
cvelist
CVE-2014-3275
2014-05-23 22:00:00
prion
prion
Sql injection
2014-05-26 00:25:00
cisco
cisco
Cisco Identity Services Engine Blind SQL Injection Vulnerability
2014-05-22 15:54:18
cve
cve
CVE-2014-3275
2014-05-26 00:25:31
CVSS2
6.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:P/A:P
AI Score
7.8
Confidence
Low
EPSS
0.002
Percentile
55.3%
Related for NVD:CVE-2014-3275