Lucene search
HistoryJul 14, 2015 - 5:59 p.m.
CVE-2015-4268
cve-2015-4268
cross-site scripting
xss
infra admin ui
cisco
identity services engine
ise
remote attack
bug id cscus16052
5.9 Medium
AI Score
Confidence
High
4.3 Medium
CVSS2
Access Vector
Access Complexity
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
0.001 Low
EPSS
Percentile
43.3%
Multiple cross-site scripting (XSS) vulnerabilities in the Infra Admin UI in Cisco Identity Services Engine (ISE) 1.2(1.198) and 1.3(0.876) allow remote attackers to inject arbitrary web script or HTML via unspecified parameters in a (1) GET or (2) POST request, aka Bug ID CSCus16052.
Affected configurations
Node
ciscoidentity_services_engine_softwareMatch1.2\(1.198\)
ORciscoidentity_services_engine_softwareMatch1.3\(0.876\)
Related
prion
prion
Cross site scripting
2015-07-14 17:59:00
cisco
cisco
Cisco Identity Services Engine Cross-Site Scripting Vulnerability
2015-07-13 16:11:53
nvd
nvd
CVE-2015-4268
2015-07-14 17:59:04
cvelist
cvelist
CVE-2015-4268
2015-07-14 17:00:00
5.9 Medium
AI Score
Confidence
High
4.3 Medium
CVSS2
Access Vector
Access Complexity
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
0.001 Low
EPSS
Percentile
43.3%
Related for CVE-2015-4268