Описание
SQL injection vulnerability in the web framework in Cisco Identity Services Engine (ISE) 1.2 and earlier allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors, aka Bug ID CSCug90502.
Ссылки
- Vendor Advisory
- Vendor Advisory
- Third Party AdvisoryVDB Entry
- Vendor Advisory
- Vendor Advisory
- Third Party AdvisoryVDB Entry
Уязвимые конфигурации
Конфигурация 1Версия до 1.2 (включая)
Одно из
cpe:2.3:a:cisco:identity_services_engine_software:*:*:*:*:*:*:*:*
cpe:2.3:a:cisco:identity_services_engine_software:1.0:*:*:*:*:*:*:*
cpe:2.3:a:cisco:identity_services_engine_software:1.1:*:*:*:*:*:*:*
EPSS
Процентиль: 73%
0.0076
Низкий
6.5 Medium
CVSS2
Дефекты
CWE-89
Связанные уязвимости
github
больше 3 лет назад
SQL injection vulnerability in the web framework in Cisco Identity Services Engine (ISE) 1.2 and earlier allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors, aka Bug ID CSCug90502.
EPSS
Процентиль: 73%
0.0076
Низкий
6.5 Medium
CVSS2
Дефекты
CWE-89