CVE-2013-5539
Cisco Identity Services Engine - Authenticated Arbitrary File Upload via Upload Dialog
Title source: llmDescription
The upload-dialog implementation in Cisco Identity Services Engine (ISE) allows remote authenticated users to upload files with an arbitrary file type, and consequently conduct attacks against unspecified other systems, via a crafted file, aka Bug ID CSCui67511.
References (1)
Core 1
Core References
Vendor Advisory vendor-advisory
x_refsource_cisco
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-5539
Scores
EPSS
0.0096
EPSS Percentile
57.2%
Details
CWE
CWE-20
Status
published
Products (2)
cisco/identity_services_engine
cisco/identity_services_engine_software
Published
Oct 16, 2013
Tracked Since
Feb 18, 2026