CVE-2013-5504

Sažetak

Cross-site scripting (XSS) vulnerability in the Mobile Device Management (MDM) portal in Cisco Identity Services Engine (ISE) allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter, aka Bug ID CSCui30266.

Reference

http://osvdb.org/97877
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-5504
http://tools.cisco.com/security/center/viewAlert.x?alertId=31007
http://www.securityfocus.com/bid/62694
http://www.securitytracker.com/id/1029110
https://exchange.xforce.ibmcloud.com/vulnerabilities/87531

CVSS

Base:	4.3
Impact:	2.9
Exploitability:	8.6

Pristup

Vektor	Složenost	Autentikacija
NETWORK	MEDIUM	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
NONE	PARTIAL	NONE

CVSS vektor

AV:N/AC:M/Au:N/C:N/I:P/A:N

Zadnje važnije ažuriranje

29-08-2017 - 01:33

Objavljeno

30-09-2013 - 17:09