CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2014-8015

The Sponsor Portal in Cisco Identity Services Engine (ISE) allows remote authenticated users to obtain access to an arbitrary sponsor's guest account via a modified HTTP request, aka Bug ID CSCur64400.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 39.2%

CVSS Severity

CVSS v2 Score 4.0

References

http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-8015
http://www.securitytracker.com/id/1031423
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-8015
http://www.securitytracker.com/id/1031423

Products affected by CVE-2014-8015

Cisco » Identity Services Engine Software » Version: N/A

cpe:2.3:a:cisco:identity_services_engine_software:-

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2014-8015

Products

Pricing

Contact Us