exploitDog

CVE-2013-5539

Опубликовано: 16 окт. 2013

Источник: nvd

CVSS2: 6

EPSS Низкий

Описание

The upload-dialog implementation in Cisco Identity Services Engine (ISE) allows remote authenticated users to upload files with an arbitrary file type, and consequently conduct attacks against unspecified other systems, via a crafted file, aka Bug ID CSCui67511.

Ссылки

http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-5539
Vendor Advisory
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-5539
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:a:cisco:identity_services_engine_software:-:*:*:*:*:*:*:*

cpe:2.3:h:cisco:identity_services_engine:-:*:*:*:*:*:*:*

EPSS

Процентиль: 58%

0.00366

Низкий

6 Medium

CVSS2

Дефекты

CWE-20

Связанные уязвимости

GHSA-xp2h-72mj-pf4g

github

больше 3 лет назад

The upload-dialog implementation in Cisco Identity Services Engine (ISE) allows remote authenticated users to upload files with an arbitrary file type, and consequently conduct attacks against unspecified other systems, via a crafted file, aka Bug ID CSCui67511.

EPSS

Процентиль: 58%

0.00366

Низкий

6 Medium

CVSS2

Дефекты

CWE-20