Lucene search
China National Vulnerability DatabaseCNVD-2023-79690HistorySep 12, 2023 - 12:00 a.m.
Cisco Identity Services Engine Authorization Issues Vulnerability (CNVD-2023-79690)
2023-09-1200:00:00
China National Vulnerability Database
www.cnvd.org.cn
3
cisco
identity services engine
authorization
vulnerability
privilege management
network
operating system
escalation
cnvd-2023-79690
Cisco Identity Services Engine (ISE) is an environment-aware platform (ISE Identity Services Engine) from Cisco. The platform collects real-time information from the network, users and devices, and develops and enforces policies to regulate the network. Cisco Identity Services Engine suffers from an authorization issue vulnerability that stems from improper privilege management, which can be exploited by an authenticated, local attacker to read, write, or delete arbitrary files on the underlying operating system and escalate their privileges to root.
| CPE | Name | Operator | Version |
|---|---|---|---|
| cisco identity services engine | le | 2.7 | |
| cisco identity services engine >=3.0, | le | 3.3 |
Related
cvelist
cvelist
CVE-2023-20193
2023-09-07 19:29:42
cve
cve
CVE-2023-20193
2023-09-07 20:15:07
nvd
nvd
CVE-2023-20193
2023-09-07 20:15:07
nessus
nessus
prion
prion
Input validation
2023-09-07 20:15:00
cisco
cisco
Cisco Identity Services Engine Privilege Escalation Vulnerabilities
2023-09-06 16:00:00