Lucene search

[email protected]CVE-2013-5504

HistorySep 30, 2013 - 5:09 p.m.

CVE-2013-5504

2013-09-3017:09:25

CWE-79

[email protected]

web.nvd.nist.gov

cisco

ise

xss

vulnerability

security

nvd

cve-2013-5504

5.9 Medium

AI Score

Confidence

High

4.3 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.002 Low

EPSS

Percentile

58.6%

JSON

Cross-site scripting (XSS) vulnerability in the Mobile Device Management (MDM) portal in Cisco Identity Services Engine (ISE) allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter, aka Bug ID CSCui30266.

Affected configurations

NVD

Node

ciscoidentity_services_engine_softwareMatch-

CPENameOperatorVersion
cisco:identity_services_engine_softwarecisco identity services engine softwareeq-

CPE	Name	Operator	Version
cisco:identity_services_engine_software	cisco identity services engine software	eq	-

References

osvdb.org/97877

tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-5504

tools.cisco.com/security/center/viewAlert.x?alertId=31007

www.securityfocus.com/bid/62694

www.securitytracker.com/id/1029110

exchange.xforce.ibmcloud.com/vulnerabilities/87531

5.9 Medium

AI Score

Confidence

High

4.3 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.002 Low

EPSS

Percentile

58.6%

JSON

Related for CVE-2013-5504

prion1 cisco1 cvelist1 nvd1