Cisco Identity Services Engine Access Control Flaw in Guest Portal Lets Remote Users Access the Target System : 8/28/2015 5:38:05 AM
 | Communicate with co-workers in real time. Used by Netflix, Dropbox & Salesforce. $0/unlimited users. Get started >> From our sponsors  |
| Vulnerability Databse |
| This module replaces the description field of a feed to the page it links to (in addition, it wipes out the content:encoded field), so you can get its full text. |
Cisco Identity Services Engine Access Control Flaw in Guest Portal Lets Remote Users Access the Target System
8/28/2015 12:00:00 AM
| Cisco Identity Services Engine Access Control Flaw in Guest Portal Lets Remote Users Access the Target System |
| SecurityTracker Alert ID: 1033405 |
| SecurityTracker URL: http://securitytracker.com/id/1033405 |
| CVE Reference: CVE-2015-6266 (Links to External Site) |
| Date: Aug 28 2015 |
| Impact: User access via network |
| Vendor Confirmed: Yes |
| Version(s): 3300 Series, 1.2(0.899) |
| Description: A vulnerability was reported in Cisco Identity Services Engine. A remote user can gain access to the target system. A remote user can submit a specially crafted HTTP request to gain access to arbitrary customized HTML pages on the target guest portal system. The vendor has assigned bug ID CSCuo78045 to this vulnerability. |
| Impact: A remote user can gain access to the target system. |
| Solution: No solution was available at the time of this entry. The vendor's advisory is available at: http://tools.cisco.com/security/center/viewAlert.x?alertId=40691 |
| Vendor URL: tools.cisco.com/security/center/viewAlert.x?alertId=40691 (Links to External Site) |
| Cause: Access control error |
| Underlying OS: |
| |
| Message History: None. |
You are receiving this email because you subscribed to this feed at feedmyinbox.com
If you no longer wish to receive these emails, you can unsubscribe from this feed, or manage all your subscriptions
