Описание
A vulnerability in the web-based management interface of Cisco ISE could allow an authenticated, remote attacker to conduct an XSS attack against a user of the web-based management interface of an affected device.
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:cisco:identity_services_engine:3.0.0:-:*:*:*:*:*:*
cpe:2.3:a:cisco:identity_services_engine:3.0.0:patch1:*:*:*:*:*:*
cpe:2.3:a:cisco:identity_services_engine:3.0.0:patch2:*:*:*:*:*:*
cpe:2.3:a:cisco:identity_services_engine:3.0.0:patch3:*:*:*:*:*:*
cpe:2.3:a:cisco:identity_services_engine:3.0.0:patch4:*:*:*:*:*:*
cpe:2.3:a:cisco:identity_services_engine:3.0.0:patch5:*:*:*:*:*:*
cpe:2.3:a:cisco:identity_services_engine:3.0.0:patch6:*:*:*:*:*:*
cpe:2.3:a:cisco:identity_services_engine:3.0.0:patch7:*:*:*:*:*:*
cpe:2.3:a:cisco:identity_services_engine:3.1:-:*:*:*:*:*:*
cpe:2.3:a:cisco:identity_services_engine:3.1:patch1:*:*:*:*:*:*
cpe:2.3:a:cisco:identity_services_engine:3.1:patch2:*:*:*:*:*:*
cpe:2.3:a:cisco:identity_services_engine:3.1:patch3:*:*:*:*:*:*
cpe:2.3:a:cisco:identity_services_engine:3.1:patch4:*:*:*:*:*:*
cpe:2.3:a:cisco:identity_services_engine:3.1:patch5:*:*:*:*:*:*
cpe:2.3:a:cisco:identity_services_engine:3.2:-:*:*:*:*:*:*
EPSS
Процентиль: 14%
0.00047
Низкий
4.8 Medium
CVSS3
Дефекты
CWE-87
CWE-79
Связанные уязвимости
CVSS3: 4.8
github
около 2 лет назад
A vulnerability in the web-based management interface of Cisco ISE could allow an authenticated, remote attacker to conduct an XSS attack against a user of the web-based management interface of an affected device.
CVSS3: 4.8
fstec
около 2 лет назад
Уязвимость веб-интерфейса управления платформы управления политиками соединений Cisco Identity Services Engine (ISE), позволяющая нарушителю провести атаку межсайтового скриптинга
EPSS
Процентиль: 14%
0.00047
Низкий
4.8 Medium
CVSS3
Дефекты
CWE-87
CWE-79