CVE-2024-20476

🗓️ 06 Nov 2024 16:28:57Reported by ciscoType

A vulnerability in the web-based management interface of Cisco ISE allows remote file upload bypass

Reporter	Title	Published	Views	Family All 11
Circl	CVE-2024-20476	6 Nov 202416:30	–	circl
Cisco	Cisco Identity Services Engine Vulnerabilities	6 Nov 202416:00	–	cisco
Tenable Nessus	Cisco Identity Services Engine Vulnerabilities (cisco-sa-ise-multi-vulns-AF544ED5)	8 Nov 202400:00	–	nessus
CNNVD	Cisco Identity Services Engine 安全漏洞	6 Nov 202400:00	–	cnnvd
Cvelist	CVE-2024-20476 Cisco Identity Services Engine Authorization Bypass Vulnerability	6 Nov 202416:28	–	cvelist
EUVD	EUVD-2024-18191	3 Oct 202520:07	–	euvd
NVD	CVE-2024-20476	6 Nov 202417:15	–	nvd
OSV	CVE-2024-20476	6 Nov 202417:15	–	osv
Positive Technologies	PT-2024-7958 · Cisco · Cisco Ise	6 Nov 202400:00	–	ptsecurity
RedhatCVE	CVE-2024-20476	23 May 202506:23	–	redhatcve

NVD

Vulners

Node

cisco identity_services_engineRange<3.1

cisco identity_services_engineMatch3.1.0-

cisco identity_services_engineMatch3.1.0patch1

cisco identity_services_engineMatch3.1.0patch2

cisco identity_services_engineMatch3.1.0patch3

cisco identity_services_engineMatch3.1.0patch4

cisco identity_services_engineMatch3.1.0patch5

cisco identity_services_engineMatch3.1.0patch6

cisco identity_services_engineMatch3.1.0patch7

cisco identity_services_engineMatch3.1.0patch8

cisco identity_services_engineMatch3.1.0patch9

cisco identity_services_engineMatch3.2.0-

cisco identity_services_engineMatch3.2.0patch1

cisco identity_services_engineMatch3.2.0patch2

cisco identity_services_engineMatch3.2.0patch3

cisco identity_services_engineMatch3.2.0patch4

cisco identity_services_engineMatch3.2.0patch5

cisco identity_services_engineMatch3.2.0patch6

cisco identity_services_engineMatch3.3.0-

cisco identity_services_engineMatch3.3.0patch1

cisco identity_services_engineMatch3.3.0patch2

cisco identity_services_engineMatch3.3.0patch3

[
  {
    "vendor": "Cisco",
    "product": "Cisco Identity Services Engine Software",
    "versions": [
      {
        "version": "3.0.0",
        "status": "affected"
      },
      {
        "version": "3.0.0 p1",
        "status": "affected"
      },
      {
        "version": "3.0.0 p2",
        "status": "affected"
      },
      {
        "version": "3.0.0 p3",
        "status": "affected"
      },
      {
        "version": "3.1.0",
        "status": "affected"
      },
      {
        "version": "3.0.0 p4",
        "status": "affected"
      },
      {
        "version": "3.1.0 p1",
        "status": "affected"
      },
      {
        "version": "3.0.0 p5",
        "status": "affected"
      },
      {
        "version": "3.1.0 p3",
        "status": "affected"
      },
      {
        "version": "3.1.0 p2",
        "status": "affected"
      },
      {
        "version": "3.0.0 p6",
        "status": "affected"
      },
      {
        "version": "3.2.0",
        "status": "affected"
      },
      {
        "version": "3.1.0 p4",
        "status": "affected"
      },
      {
        "version": "2.7.0 p8",
        "status": "affected"
      },
      {
        "version": "3.1.0 p5",
        "status": "affected"
      },
      {
        "version": "3.2.0 p1",
        "status": "affected"
      },
      {
        "version": "3.0.0 p7",
        "status": "affected"
      },
      {
        "version": "3.1.0 p6",
        "status": "affected"
      },
      {
        "version": "3.2.0 p2",
        "status": "affected"
      },
      {
        "version": "3.1.0 p7",
        "status": "affected"
      },
      {
        "version": "3.3.0",
        "status": "affected"
      },
      {
        "version": "3.2.0 p3",
        "status": "affected"
      },
      {
        "version": "3.0.0 p8",
        "status": "affected"
      },
      {
        "version": "3.2.0 p4",
        "status": "affected"
      },
      {
        "version": "3.1.0 p8",
        "status": "affected"
      },
      {
        "version": "3.2.0 p5",
        "status": "affected"
      },
      {
        "version": "3.2.0 p6",
        "status": "affected"
      },
      {
        "version": "3.1.0 p9",
        "status": "affected"
      },
      {
        "version": "3.3 Patch 2",
        "status": "affected"
      },
      {
        "version": "3.3 Patch 1",
        "status": "affected"
      },
      {
        "version": "3.3 Patch 3",
        "status": "affected"
      }
    ],
    "defaultStatus": "unknown"
  }
]

Source	Link
sec	www.sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-multi-vulns-AF544ED5

04 Apr 2025 17:19Current

4.6Medium risk

Vulners AI Score4.6

CVSS 3.14.3 - 4.9

EPSS0.00033

SSVC

CWE-602