Lucene search
CiscoCISCO-SA-ISE-7Q4TNYUXHistoryNov 16, 2022 - 4:00 p.m.
Cisco Identity Services Engine Vulnerabilities
2022-11-1616:00:00
tools.cisco.com
21
cisco
identity services engine
vulnerabilities
remote attacker
operating system commands
security protections
cross-site scripting
software updates
advisory link
0.001 Low
EPSS
Percentile
40.9%
Multiple vulnerabilities in Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to inject arbitrary operating system commands, bypass security protections, and conduct cross-site scripting attacks.
For more information about these vulnerabilities, see the Details [“#details”] section of this advisory.
Cisco has released software updates that address these vulnerabilities. There are no workarounds that address these vulnerabilities.
This advisory is available at the following link:
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-7Q4TNYUx [“https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-7Q4TNYUx”]
Affected configurations
Node
ciscoidentity_services_engine_softwareMatchany
ORciscoidentity_services_engine_softwareMatchany
| CPE | Name | Operator | Version |
|---|---|---|---|
| cisco identity services engine software | eq | any | |
| cisco identity services engine software | eq | any |
Related
nessus
nessus
Cisco Identity Services Engine Vulnerabilities (cisco-sa-ise-7Q4TNYUx)
2022-12-30 00:00:00
cve
cve
prion
prion
Cross site scripting
2023-01-20 07:15:00
Input validation
2023-01-20 07:15:00
Cross site scripting
2023-01-20 07:15:00
cvelist
cvelist
nvd
nvd