Vulnerability Description
Cross-site scripting (XSS) vulnerability in an administration page in Cisco Identity Services Engine (ISE) allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter, aka Bug ID CSCui30275.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Cisco | Identity Services Engine Software | - |
Related Weaknesses (CWE)
References
- http://osvdb.org/97875
- http://secunia.com/advisories/54626Vendor Advisory
- http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-5505Vendor Advisory
- http://tools.cisco.com/security/center/viewAlert.x?alertId=31008Vendor Advisory
- http://www.securityfocus.com/bid/62693
- http://www.securitytracker.com/id/1029111
- https://exchange.xforce.ibmcloud.com/vulnerabilities/87530
- http://osvdb.org/97875
- http://secunia.com/advisories/54626Vendor Advisory
- http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-5505Vendor Advisory
- http://tools.cisco.com/security/center/viewAlert.x?alertId=31008Vendor Advisory
- http://www.securityfocus.com/bid/62693
- http://www.securitytracker.com/id/1029111
- https://exchange.xforce.ibmcloud.com/vulnerabilities/87530
FAQ
What is CVE-2013-5505?
CVE-2013-5505 is a vulnerability with a CVSS score of 4.3 (MEDIUM). Cross-site scripting (XSS) vulnerability in an administration page in Cisco Identity Services Engine (ISE) allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter, ...
How severe is CVE-2013-5505?
CVE-2013-5505 has been rated MEDIUM with a CVSS base score of 4.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2013-5505?
Check the references section above for vendor advisories and patch information. Affected products include: Cisco Identity Services Engine Software.