Unrated severityNVD Advisory· Published Jan 29, 2014· Updated Apr 29, 2026

CVE-2014-0680

Description

Cross-site scripting (XSS) vulnerability in the HTTP control interface in the NAC Web Agent component in Cisco Identity Services Engine (ISE) allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug ID CSCui15038.

Affected products

Cisco Systems, Inc./Identity Services Engine
cpe:2.3:h:cisco:identity_services_engine:-:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-0680nvdVendor Advisory
osvdb.org/102588nvd
secunia.com/advisories/56672nvd
tools.cisco.com/security/center/viewAlert.xnvd
www.securityfocus.com/bid/65227nvd
www.securitytracker.com/id/1029701nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000