Lucene search
CiscoCVE-2015-4268HistoryJul 14, 2015 - 5:59 p.m.
CVE-2015-4268
2015-07-1417:59:04
CWE-79
cisco
web.nvd.nist.gov
33
cve-2015-4268
cross-site scripting
xss
infra admin ui
cisco
identity services engine
ise
remote attack
bug id cscus16052
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
AI Score
5.9
Confidence
High
EPSS
0.001
Percentile
43.4%
Multiple cross-site scripting (XSS) vulnerabilities in the Infra Admin UI in Cisco Identity Services Engine (ISE) 1.2(1.198) and 1.3(0.876) allow remote attackers to inject arbitrary web script or HTML via unspecified parameters in a (1) GET or (2) POST request, aka Bug ID CSCus16052.
Affected configurations
Node
ciscoidentity_services_engine_softwareMatch1.2\(1.198\)
ORciscoidentity_services_engine_softwareMatch1.3\(0.876\)
| Vendor | Product | Version | CPE |
|---|---|---|---|
| cisco | identity_services_engine_software | 1.2(1.198) | cpe:2.3:a:cisco:identity_services_engine_software:1.2\(1.198\):*:*:*:*:*:*:* |
| cisco | identity_services_engine_software | 1.3(0.876) | cpe:2.3:a:cisco:identity_services_engine_software:1.3\(0.876\):*:*:*:*:*:*:* |
Related
prion
prion
Cross site scripting
2015-07-14 17:59:00
cisco
cisco
Cisco Identity Services Engine Cross-Site Scripting Vulnerability
2015-07-13 16:11:53
nvd
nvd
CVE-2015-4268
2015-07-14 17:59:04
cvelist
cvelist
CVE-2015-4268
2015-07-14 17:00:00
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
AI Score
5.9
Confidence
High
EPSS
0.001
Percentile
43.4%
Related for CVE-2015-4268