Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cvelistCiscoCVELIST:CVE-2018-0275
HistoryApr 19, 2018 - 8:00 p.m.

CVE-2018-0275

2018-04-1920:00:00
CWE-16
cisco
www.cve.org
4

EPSS

0

Percentile

5.1%

JSON

A vulnerability in the support tunnel feature of Cisco Identity Services Engine (ISE) could allow an authenticated, local attacker to access the device’s shell. The vulnerability is due to improper configuration of the support tunnel feature. An attacker could exploit this vulnerability by tricking the device into unlocking the support user account and accessing the tunnel password and device serial number. A successful exploit could allow the attacker to run any system command with root access. This affects Cisco Identity Services Engine (ISE) software versions prior to 2.2.0.470. Cisco Bug IDs: CSCvf54409.

CNA Affected

[
  {
    "product": "Cisco Identity Services Engine",
    "vendor": "n/a",
    "versions": [
      {
        "status": "affected",
        "version": "Cisco Identity Services Engine"
      }
    ]
  }
]

Related

prion 1
cve 1
cisco 1
nvd 1
prion
prion
Input validation
2018-04-19 20:29:00
cve
cve
CVE-2018-0275
2018-04-19 20:29:01
cisco
cisco
Cisco Identity Services Engine Shell Access Vulnerability
2018-04-18 16:00:00
nvd
nvd
CVE-2018-0275
2018-04-19 20:29:01

EPSS

0

Percentile

5.1%

JSON
Related for CVELIST:CVE-2018-0275
prion1cve1cisco1nvd1