CVE-2015-6266

CVE Database · CVE-2015-6266

CVE-2015-6266

· N/AModified

CVSS v3.1

N/A

EPSS

1.59%

Published

Aug 28, 2015

Modified

May 6, 2026

Public PoC / Exploit

All weaponized →

No public PoC or exploit code indexed for this CVE.

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

The guest portal in Cisco Identity Services Engine (ISE) 3300 1.2(0.899) does not restrict access to uploaded HTML documents, which allows remote attackers to obtain sensitive information from customized documents via a direct request, aka Bug ID CSCuo78045.

Weaknesses (CWE)

CWE-287

Affected Products (1)

cisco · identity_services_engine_softwarevulnerable

References (4)

http://tools.cisco.com/security/center/viewAlert.x?alertId=40691

Vendor Advisory

http://www.securitytracker.com/id/1033405

http://tools.cisco.com/security/center/viewAlert.x?alertId=40691

Vendor Advisory

http://www.securitytracker.com/id/1033405

KEV Catalog EPSS Scores Vendors All CVEs