CVE-2013-3471

high

Description

The captive portal application in Cisco Identity Services Engine (ISE) allows remote attackers to discover cleartext usernames and passwords by leveraging unspecified use of hidden form fields in an HTML document, aka Bug ID CSCug02515.

References

http://www.securitytracker.com/id/1028965

http://tools.cisco.com/security/center/viewAlert.x?alertId=30524

http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-3471

Details

Source: Mitre, NVD

Published: 2013-08-29

Updated: 2026-06-16

Risk Information

CVSS v2

Base Score: 4.3

Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N

Severity: Medium

CVSS v3

Base Score: 7.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Severity: High

EPSS

EPSS: 0.00394