Lucene search

CVE-2022-20967

🗓️ 20 Jan 2023 07:11:15Reported by ciscoType

cve🔗 web.nvd.nist.gov📰️ 2 Media mentions👁 479 Views

A vulnerability in the web-based management interface of Cisco Identity Services Engine could allow an authenticated, remote attacker to conduct cross-site scripting attacks against other users of the application web-based management interface. This vulnerability is due to improper validation of input to an application feature before storage within the web-based management interface

5 of 5AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 5
NVD	CVE-2022-20967	20 Jan 202307:15	–	nvd
Prion	Cross site scripting	20 Jan 202307:15	–	prion
Cvelist	CVE-2022-20967	18 Jan 202317:48	–	cvelist
Tenable Nessus	Cisco Identity Services Engine Vulnerabilities (cisco-sa-ise-7Q4TNYUx)	30 Dec 202200:00	–	nessus
Cisco	Cisco Identity Services Engine Vulnerabilities	16 Nov 202216:00	–	cisco

Nvd

Vulners

Node

cisco identity_services_engineRange<2.6.0

cisco identity_services_engineMatch2.6.0-

cisco identity_services_engineMatch2.6.0patch1

cisco identity_services_engineMatch2.6.0patch10

cisco identity_services_engineMatch2.6.0patch11

cisco identity_services_engineMatch2.6.0patch12

cisco identity_services_engineMatch2.6.0patch2

cisco identity_services_engineMatch2.6.0patch3

cisco identity_services_engineMatch2.6.0patch5

cisco identity_services_engineMatch2.6.0patch6

cisco identity_services_engineMatch2.6.0patch7

cisco identity_services_engineMatch2.6.0patch8

cisco identity_services_engineMatch2.6.0patch9

cisco identity_services_engineMatch2.7.0-

cisco identity_services_engineMatch2.7.0patch1

cisco identity_services_engineMatch2.7.0patch2

cisco identity_services_engineMatch2.7.0patch3

cisco identity_services_engineMatch2.7.0patch4

cisco identity_services_engineMatch2.7.0patch5

cisco identity_services_engineMatch2.7.0patch6

cisco identity_services_engineMatch2.7.0patch7

cisco identity_services_engineMatch3.0.0-

cisco identity_services_engineMatch3.0.0patch1

cisco identity_services_engineMatch3.0.0patch2

cisco identity_services_engineMatch3.0.0patch3

cisco identity_services_engineMatch3.0.0patch4

cisco identity_services_engineMatch3.0.0patch5

cisco identity_services_engineMatch3.0.0patch6

cisco identity_services_engineMatch3.1-

cisco identity_services_engineMatch3.1patch1

cisco identity_services_engineMatch3.1patch3

cisco identity_services_engineMatch3.1patch4

cisco identity_services_engineMatch3.2-

[
  {
    "vendor": "Cisco",
    "product": "Cisco Identity Services Engine Software",
    "versions": [
      {
        "version": "2.6.0",
        "status": "affected"
      },
      {
        "version": "2.6.0 p1",
        "status": "affected"
      },
      {
        "version": "2.6.0 p2",
        "status": "affected"
      },
      {
        "version": "2.6.0 p3",
        "status": "affected"
      },
      {
        "version": "2.6.0 p5",
        "status": "affected"
      },
      {
        "version": "2.6.0 p6",
        "status": "affected"
      },
      {
        "version": "2.6.0 p7",
        "status": "affected"
      },
      {
        "version": "2.6.0 p8",
        "status": "affected"
      },
      {
        "version": "2.6.0 p9",
        "status": "affected"
      },
      {
        "version": "2.6.0 p10",
        "status": "affected"
      },
      {
        "version": "2.6.0 p11",
        "status": "affected"
      },
      {
        "version": "2.6.0 p12",
        "status": "affected"
      },
      {
        "version": "2.7.0",
        "status": "affected"
      },
      {
        "version": "2.7.0 p1",
        "status": "affected"
      },
      {
        "version": "2.7.0 p2",
        "status": "affected"
      },
      {
        "version": "2.7.0 p3",
        "status": "affected"
      },
      {
        "version": "2.7.0 p4",
        "status": "affected"
      },
      {
        "version": "2.7.0 p5",
        "status": "affected"
      },
      {
        "version": "2.7.0 p6",
        "status": "affected"
      },
      {
        "version": "2.7.0 p7",
        "status": "affected"
      },
      {
        "version": "3.0.0",
        "status": "affected"
      },
      {
        "version": "3.0.0 p1",
        "status": "affected"
      },
      {
        "version": "3.0.0 p2",
        "status": "affected"
      },
      {
        "version": "3.0.0 p3",
        "status": "affected"
      },
      {
        "version": "3.0.0 p4",
        "status": "affected"
      },
      {
        "version": "3.0.0 p5",
        "status": "affected"
      },
      {
        "version": "3.0.0 p6",
        "status": "affected"
      },
      {
        "version": "3.1.0",
        "status": "affected"
      },
      {
        "version": "3.1.0 p1",
        "status": "affected"
      },
      {
        "version": "3.1.0 p3",
        "status": "affected"
      },
      {
        "version": "3.1.0 p4",
        "status": "affected"
      },
      {
        "version": "3.1.0 p5",
        "status": "affected"
      },
      {
        "version": "3.2.0",
        "status": "affected"
      }
    ]
  }
]

Source	Link
sec	www.sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-7Q4TNYUx

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

20 Jan 2023 07:15Current

5.3Medium risk

Vulners AI Score5.3

CVSS34.8 - 5.4

EPSS0.0007

CWE-79