Command injection

2021-10-0620:15:00

PRIOn knowledge base

www.prio-n.com

8.3 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

61.3%

JSON

A vulnerability in the REST API of Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote attacker to perform a command injection attack and elevate privileges to root. This vulnerability is due to insufficient input validation for specific API endpoints. An attacker in a man-in-the-middle position could exploit this vulnerability by intercepting and modifying specific internode communications from one ISE persona to another ISE persona. A successful exploit could allow the attacker to run arbitrary commands with root privileges on the underlying operating system. To exploit this vulnerability, the attacker would need to decrypt HTTPS traffic between two ISE personas that are located on separate nodes.

CPENameOperatorVersion
identity_services_engineeq2.40.902
identity_services_engineeq2.60.156
identity_services_engineeq2.6.0 patch1
identity_services_engineeq2.6.0 patch2
identity_services_engineeq2.6.0 patch3
identity_services_engineeq2.6.0 patch6
identity_services_engineeq2.6.0 patch5
identity_services_engineeq2.6.0
identity_services_engineeq2.6.0 patch7
identity_services_engineeq2.7.0 patch2

Name	Operator	Version
identity_services_engine	eq	2.40.902
identity_services_engine	eq	2.60.156
identity_services_engine	eq	2.6.0 patch1
identity_services_engine	eq	2.6.0 patch2
identity_services_engine	eq	2.6.0 patch3
identity_services_engine	eq	2.6.0 patch6
identity_services_engine	eq	2.6.0 patch5
identity_services_engine	eq	2.6.0
identity_services_engine	eq	2.6.0 patch7
identity_services_engine	eq	2.7.0 patch2