{"schema_version":"public-product-v1.1","generated_at":"2026-06-10T07:39:58Z","exposure_verdict":"not_assessed","verdict_reason":"Public evidence does not evaluate exact release, platform, enabled features, configuration, compensating controls, or live exposure.","cve":{"id":"CVE-2013-6698","description":"The web interface on Cisco Wireless LAN Controller (WLC) devices does not properly restrict use of IFRAME elements, which makes it easier for remote attackers to conduct clickjacking attacks and unspecified other attacks via a crafted web site, related to a \"cross-frame scripting (XFS)\" issue, aka Bug ID CSCuf77821.","severity":"MEDIUM","kev":false,"epss":{"score":0.00217,"percentile":0.44131,"score_date":"2026-05-19","updated_at":"2026-05-20T02:10:43Z"},"cvss_score":4.3,"cvss_source":"NVD","cwe":"CWE-264","published_at":"2013-11-22T19:55:09Z","modified_at":"2026-04-29T01:13:23Z"},"freshness":{"last_source_refreshed_at":"2026-05-26T00:00:03Z","latest_source_refresh_at":"2026-05-26T00:00:03Z","oldest_source_refresh_at":"2026-05-22T00:16:33Z","all_sources_fresh":false,"sources":[{"source":"cisco_advisories","label":"Cisco advisories","last_success_at":"2026-05-26T00:00:03Z","stale":true},{"source":"cisco_csaf","label":"Cisco CSAF","last_success_at":"2026-05-25T03:03:26Z","stale":true},{"source":"nvd_cves","label":"NVD CVEs","last_success_at":"2026-05-22T00:16:33Z","stale":true},{"source":"cisa_kev","label":"CISA KEV","last_success_at":"2026-05-22T00:16:34Z","stale":true},{"source":"first_epss","label":"EPSS","last_success_at":"2026-05-22T00:16:40Z","stale":true}]},"summary":{"advisory_count":1,"visible_product_count":1,"public_evidence_count":1,"kev":false,"cvss_score":4.3},"advisories":[{"id":"Cisco-SA-20131122-CVE-2013-6698","slug":"cisco-sa-20131122-cve-2013-6698","title":"Cisco Wireless LAN Controller Cross-Frame Scripting Vulnerability","source_url":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/Cisco-SA-20131122-CVE-2013-6698"}],"public_evidence":[{"product":{"name":"Cisco Wireless LAN Controller (WLC)","slug":"cisco-wireless-lan-controller-wlc","vendor":"Cisco"},"advisory":{"id":"Cisco-SA-20131122-CVE-2013-6698","slug":"cisco-sa-20131122-cve-2013-6698","title":"Cisco Wireless LAN Controller Cross-Frame Scripting Vulnerability","source_url":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/Cisco-SA-20131122-CVE-2013-6698"},"evidence_type":"structured_affected","evidence_label":{"scope":"CSAF product evidence","label":"product_status known affected"},"evidence_source":"Cisco CSAF","source":"Cisco CSAF","source_document_fetched_at":"2026-05-19T20:04:25Z","csaf_status":"known_affected","csaf_product_status":"known_affected","csaf_product_status_path":"vulnerabilities[].product_status.known_affected","raw_product_name":"3.1.105.0; 3.1.111.0; 3.1.59.24; 3.2.116.21; 3.2.150.10; 3.2.150.6; 3.2.171.5; 3.2.171.6; 3.2.185.0; 3.2.193.5; 3.2.195.10; 3.2.78.0; 4.0.108; 4.0.155.0; 4.0.155.5; 4.0.179.11; 4.0.179.8; 4.0.196; 4.0.206.0; 4.0.217.0; 4.0.219.0; 4.1.171.0; 4.1.181.0; 4.1.185.0; 4.2.112.0; 4.2.117.0; 4.2.130.0; 4.2.173.0; 4.2.174.0; 4.2.176.0; 4.2.182.0; 4.2.61.0; 4.2.99.0; 5.0.148.0; 5.0.148.2; 5.1.151.0; 5.1.152.0; 5.1.160.0; 5.2.157.0; 5.2.169.0; 6.0.182.0; 6.0.188.0; 6.0.196.0; 6.0.199.4; 6.0.202.0; 7.0.116.0; 7.0.220.0; 7.0.98.0; 7.0.98.218; 7.1.91.0; 7.2.103.0; 7.3.101.0; 7.3.112.0; 7.4.100.0; 7.4.100.60; 7.4.110.0","exposure_verdict":"not_assessed","verdict_reason":"Public evidence does not evaluate exact release, platform, enabled features, configuration, compensating controls, or live exposure.","exposure_verdict_reason":"Public evidence does not evaluate exact release, platform, enabled features, configuration, compensating controls, or live exposure.","kev":false,"epss":{"score":0.00217,"score_date":"2026-05-19","updated_at":"2026-05-20T02:10:43Z"},"cvss_score":4.3,"cvss_source":"NVD","published_at":"2013-11-22T16:02:24Z","updated_at":"2013-11-22T16:02:24Z","advisory_updated_at":"2013-11-22T16:02:24Z","source_url":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/Cisco-SA-20131122-CVE-2013-6698","row_display_order":1}]}