CVE-2013-5538
CVE-2013-5538 affects Cisco Identity Services Engine (ISE) Sponsor Portal. The root cause is weak permissions on uploaded Sponsor Portal files, enabling an unauthenticated remote attacker to read arbitrary files via a direct URL. The Cisco advisory notes that updates are not available to fix this...