CVE-2013-5530
Last modified
CVE-2013-5530 is a vulnerability of currently unknown severity. The web framework in Cisco Identity Services Engine (ISE) 1.0 and 1.1.0 before 1.1.0.665-5, 1.1.1 before 1.1.1.268-7, 1.1.2 before 1.1.2.145-10, 1.1.3 before 1.1.3.124-7, 1.1.4 before 1.1.4.218-7, and 1.2 before 1.2.0.899-2 allows remote authenticated users to execute arbitrary commands via a crafted session on TCP port 443, aka Bug ID CSCuh81511.. EPSS estimates a 2.29% chance of exploitation in the next 30 days.
Description
The web framework in Cisco Identity Services Engine (ISE) 1.0 and 1.1.0 before 1.1.0.665-5, 1.1.1 before 1.1.1.268-7, 1.1.2 before 1.1.2.145-10, 1.1.3 before 1.1.3.124-7, 1.1.4 before 1.1.4.218-7, and 1.2 before 1.2.0.899-2 allows remote authenticated users to execute arbitrary commands via a crafted session on TCP port 443, aka Bug ID CSCuh81511.
Metrics
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Cisco | Identity Services Engine Software | 1.0 |
| Cisco | Identity Services Engine Software | 1.1 |
| Cisco | Identity Services Engine Software | 1.1.1 |
| Cisco | Identity Services Engine Software | 1.1.2 |
| Cisco | Identity Services Engine Software | 1.1.3 |
| Cisco | Identity Services Engine Software | 1.1.4 |
| Cisco | Identity Services Engine Software | 1.2 |
References
- http://www.kb.cert.org/vuls/id/952422Third Party Advisory, US Government Resource
- http://www.kb.cert.org/vuls/id/952422Third Party Advisory, US Government Resource
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2013-5530?
How severe is CVE-2013-5530?
How do I fix CVE-2013-5530?
Are you affected by CVE-2013-5530?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST