CVE-2013-5538 Information

Description

The Sponsor Portal in Cisco Identity Services Engine (ISE) uses weak permissions for uploaded files which allows remote attackers to read arbitrary files via a direct request aka Bug ID CSCui67506.

Reference

http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-5538