CVE-2014-3275
Cisco Identity Services Engine (ISE) is affected by CVE-2014-3275, a SQL injection in the web framework that allows an authenticated, remote attacker to execute arbitrary SQL via a crafted URL. The root cause is a failure to validate user-supplied input in SQL queries, potentially impacting integ...