Vulnerabilities > CVE-2013-3471 - Credentials Management vulnerability in Cisco Identity Services Engine Software
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
NONE Availability impact
NONE Summary
The captive portal application in Cisco Identity Services Engine (ISE) allows remote attackers to discover cleartext usernames and passwords by leveraging unspecified use of hidden form fields in an HTML document, aka Bug ID CSCug02515.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |