4

CVE-2014-0665

The RBAC implementation in Cisco Identity Services Engine (ISE) Software does not properly verify privileges for support-bundle downloads, which allows remote authenticated users to obtain sensitive information via a download action, as demonstrated by obtaining read access to the user database, aka Bug ID CSCul83904.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 1.44% 0.697
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 4 8 2.9
AV:N/AC:L/Au:S/C:P/I:N/A:N
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://osvdb.org/102118
http://secunia.com/advisories/56439
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-0665
Vendor Advisory
http://tools.cisco.com/security/center/viewAlert.x?alertId=32448
Vendor Advisory
http://www.securityfocus.com/bid/64939
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1029624
Third Party Advisory
VDB Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/90463