Lucene search
HistoryOct 03, 2022 - 4:14 p.m.
CVE-2013-5538
cve-2013-5538
cisco
identity services engine
ise
sponsor portal
weak permissions
remote attackers
nvd
vulnerability
6.9 Medium
AI Score
Confidence
Low
5 Medium
CVSS2
Access Vector
Access Complexity
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
0.002 Low
EPSS
Percentile
55.8%
The Sponsor Portal in Cisco Identity Services Engine (ISE) uses weak permissions for uploaded files, which allows remote attackers to read arbitrary files via a direct request, aka Bug ID CSCui67506.
Affected configurations
Node
ciscoidentity_services_engine_softwareMatch-
ciscoidentity_services_engineMatch-
Related
cvelist
cvelist
CVE-2013-5538
2022-10-03 16:14:54
cisco
cisco
Cisco Identity Services Engine Sponsor Portal File Access Vulnerability
2013-10-16 20:16:41
prion
prion
Design/Logic Flaw
2013-10-16 10:52:00
nvd
nvd
CVE-2013-5538
2013-10-16 10:52:45
6.9 Medium
AI Score
Confidence
Low
5 Medium
CVSS2
Access Vector
Access Complexity
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
0.002 Low
EPSS
Percentile
55.8%
Related for CVE-2013-5538