Vulnerability Description
Cross-site scripting (XSS) vulnerability in the Mobile Device Management (MDM) portal in Cisco Identity Services Engine (ISE) allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter, aka Bug ID CSCui30266.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Cisco | Identity Services Engine Software | - |
Related Weaknesses (CWE)
References
- http://osvdb.org/97877
- http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-5504Vendor Advisory
- http://tools.cisco.com/security/center/viewAlert.x?alertId=31007Vendor Advisory
- http://www.securityfocus.com/bid/62694Third Party AdvisoryVDB Entry
- http://www.securitytracker.com/id/1029110Third Party AdvisoryVDB Entry
- https://exchange.xforce.ibmcloud.com/vulnerabilities/87531
- http://osvdb.org/97877
- http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-5504Vendor Advisory
- http://tools.cisco.com/security/center/viewAlert.x?alertId=31007Vendor Advisory
- http://www.securityfocus.com/bid/62694Third Party AdvisoryVDB Entry
- http://www.securitytracker.com/id/1029110Third Party AdvisoryVDB Entry
- https://exchange.xforce.ibmcloud.com/vulnerabilities/87531
FAQ
What is CVE-2013-5504?
CVE-2013-5504 is a vulnerability with a CVSS score of 4.3 (MEDIUM). Cross-site scripting (XSS) vulnerability in the Mobile Device Management (MDM) portal in Cisco Identity Services Engine (ISE) allows remote attackers to inject arbitrary web script or HTML via an unsp...
How severe is CVE-2013-5504?
CVE-2013-5504 has been rated MEDIUM with a CVSS base score of 4.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2013-5504?
Check the references section above for vendor advisories and patch information. Affected products include: Cisco Identity Services Engine Software.