Lucene search
China National Vulnerability DatabaseCNVD-2022-55666HistoryJun 17, 2022 - 12:00 a.m.
Cisco Identity Services Engine授权问题漏洞
2022-06-1700:00:00
China National Vulnerability Database
www.cnvd.org.cn
17
0.004 Low
EPSS
Percentile
73.7%
Cisco Identity Services Engine (ISE) is an environment-aware platform (ISE Identity Services Engine) from Cisco. The platform oversees networks by collecting real-time information from networks, users, and devices to develop and implement appropriate policies.The Cisco Identity Services Engine is vulnerable to an authorization issue that stems from publicly available Sensitive Security Assertion Markup Language (SAML) metadata. An unauthenticated, remote attacker could exploit the vulnerability to log in without credentials and gain unrestricted access to all roles.
| CPE | Name | Operator | Version |
|---|---|---|---|
| cisco identity services engine | eq | 3.1 |
Related
cvelist
cvelist
cisco
cisco
Cisco Identity Services Engine Authentication Bypass Vulnerability
2022-06-15 16:00:00
cve
cve
CVE-2022-20733
2022-06-15 18:15:08
nessus
nessus
prion
prion
Authentication flaw
2022-06-15 18:15:00
nvd
nvd
CVE-2022-20733
2022-06-15 18:15:08