Cisco Identity Services Engine XXE Injection (cisco-sa-ise-xxe-inj-GecEHY58)

Version 1.3

Apr 12, 2023, 4:09 PM

CVSS metrics ("CVSSv2 score" changed from 5.5 to 7.3. "CVSSv2 score" changed from 5.5 to 7.3. "CVSSv3 score" changed from 5.5 to 6.0. "CVSSv3 vector" changed from "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:L" to "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:L/A:L". "CVSSv2 vector" changed from "CVSS2#AV:N/AC:L/Au:S/C:P/I:N/A:P" to "CVSS2#AV:N/AC:L/Au:M/C:C/I:P/A:P". "CVSSv3 score" changed from 5.5 to 6.0. "CVSSv3 vector" changed from "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:L" to "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:L/A:L". "CVSSv2 vector" changed from "CVSS2#AV:N/AC:L/Au:S/C:P/I:N/A:P" to "CVSS2#AV:N/AC:L/Au:M/C:C/I:P/A:P". "CVSSv3 score" changed from 5.5 to 6.0)
CVSSv2 severity (based on CVE-2023-20030, severity increased from "Medium" to "High")
CVSSv3 score source (set to "CVE-2023-20030")