Vulnerabilities > CVE-2013-3471 - Credentials Management vulnerability in Cisco Identity Services Engine Software

CVSS 0.0 - NONE

Attack vector

UNKNOWN

Attack complexity

UNKNOWN

Privileges required

UNKNOWN

Confidentiality impact

UNKNOWN

Integrity impact

UNKNOWN

Availability impact

UNKNOWN

cisco

CWE-255

NVD

Published: 2013-08-29

Updated: 2024-11-21

Summary

The captive portal application in Cisco Identity Services Engine (ISE) allows remote attackers to discover cleartext usernames and passwords by leveraging unspecified use of hidden form fields in an HTML document, aka Bug ID CSCug02515.

Vulnerable Configurations

Part	Description	Count
Application	Cisco Cisco Identity Services Engine Software -	1

Common Weakness Enumeration (CWE)

CWE-255 - Credentials Management

References

http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-3471
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-3471
http://tools.cisco.com/security/center/viewAlert.x?alertId=30524
http://tools.cisco.com/security/center/viewAlert.x?alertId=30524
http://www.securitytracker.com/id/1028965
http://www.securitytracker.com/id/1028965