Improper input validation in Cisco Identity_services_engine
CVE-2013-5539
The upload-dialog implementation in Cisco Identity Services Engine (ISE) allows remote authenticated users to upload files with an arbitrary file type, and consequently conduct attacks against unspecified other systems, via a crafted file…
Vulnerability class: Drupalgeddon 2 (CVE-2018-7600)
EPSS: 0.004 (58.9th percentile) — read the EPSS interpretation.
Affected products
- Cisco Identity_services_engine
- Cisco Identity_services_engine_software
- N/a — versions n/a
Weakness classification (CWE)
References
- 20131015 Cisco Identity Services Engine Untrusted File Upload Vulnerability (x_refsource_CISCO, vendor-advisory, Vendor Advisory)