CVE-2014-3275
SQL injection vulnerability in the web framework in Cisco Identity Services Engine (ISE) 1.2(.1 patch 2) and earlier allows remote authenticated users to execute arbitrary SQL commands via a crafted URL, aka Bug ID CSCul21337.
View on NVDSeverity
N/A
EPSS
Probability of exploitation (next 30 days): 0.0028 (0.3%)
Percentile: 51.2%
EPSS: 2026-05-06
Affects
cisco:identity_services_engine_softwareTechnical description
SQL injection vulnerability in the web framework in Cisco Identity Services Engine (ISE) 1.2(.1 patch 2) and earlier allows remote authenticated users to execute arbitrary SQL commands via a crafted URL, aka Bug ID CSCul21337.
Published: 5/26/2014, 12:25:31 AM
Last modified: 5/6/2026, 10:30:45 PM
References
- http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3275
- http://tools.cisco.com/security/center/viewAlert.x?alertId=34328
- http://www.securityfocus.com/bid/67555
- http://www.securitytracker.com/id/1030273
- http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3275
- http://tools.cisco.com/security/center/viewAlert.x?alertId=34328
- http://www.securityfocus.com/bid/67555
- http://www.securitytracker.com/id/1030273