CVE-2013-3471

The captive portal application in Cisco Identity Services Engine (ISE) allows remote attackers to discover cleartext usernames and passwords by leveraging unspecified use of hidden form fields in an HTML document, aka Bug ID CSCug02515.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
4.3 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:P/I:N/A:N
ciscoCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 59%
VendorProductVersion
ciscoidentity_services_engine_software
-
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-3471
http://tools.cisco.com/security/center/viewAlert.x?alertId=30524
http://www.securitytracker.com/id/1028965
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-3471
http://tools.cisco.com/security/center/viewAlert.x?alertId=30524
http://www.securitytracker.com/id/1028965