CVE-2014-3275
published 2014-05-26CVE-2014-3275: SQL injection vulnerability in the web framework in Cisco Identity Services Engine (ISE) 1.2(.1 patch 2) and earlier allows remote authenticated users to…
medium6.5CVSS 3.1
AVNACLAuSCPIPAP
SQL injection vulnerability in the web framework in Cisco Identity Services Engine (ISE) 1.2(.1 patch 2) and earlier allows remote authenticated users to execute arbitrary SQL commands via a crafted URL, aka Bug ID CSCul21337.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| cisco | identity_services_engine_software | <= 1.2 | — |
| cisco | identity_services_engine_software | — | — |
| cisco | identity_services_engine_software | — | — |