Lucene search
HistoryMay 26, 2014 - 12:25 a.m.
CVE-2014-3275
cve-2014-3275
sql injection
cisco
ise
security vulnerability
nvd
cve
8.1 High
AI Score
Confidence
High
6.5 Medium
CVSS2
Access Vector
Access Complexity
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:P/A:P
0.002 Low
EPSS
Percentile
55.2%
SQL injection vulnerability in the web framework in Cisco Identity Services Engine (ISE) 1.2(.1 patch 2) and earlier allows remote authenticated users to execute arbitrary SQL commands via a crafted URL, aka Bug ID CSCul21337.
Affected configurations
Node
ciscoidentity_services_engine_softwareRange≤1.2
ORciscoidentity_services_engine_softwareMatch1.0
ORciscoidentity_services_engine_softwareMatch1.1
Related
prion
prion
Sql injection
2014-05-26 00:25:00
cvelist
cvelist
CVE-2014-3275
2014-05-23 22:00:00
cisco
cisco
Cisco Identity Services Engine Blind SQL Injection Vulnerability
2014-05-22 15:54:18
nvd
nvd
CVE-2014-3275
2014-05-26 00:25:31
8.1 High
AI Score
Confidence
High
6.5 Medium
CVSS2
Access Vector
Access Complexity
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:P/A:P
0.002 Low
EPSS
Percentile
55.2%
Related for CVE-2014-3275