Design/Logic Flaw

2023-05-1803:15:00

PRIOn knowledge base

www.prio-n.com

cisco identity services engine

vulnerabilities

authenticated attacker

file deletion

os read

valid credentials

4.4 Medium

AI Score

Confidence

High

0.0005 Low

EPSS

Percentile

17.5%

JSON

Multiple vulnerabilities in Cisco Identity Services Engine (ISE) could allow an authenticated attacker to delete or read arbitrary files on the underlying operating system. To exploit these vulnerabilities, an attacker must have valid credentials on an affected device. For more information about these vulnerabilities, see the Details section of this advisory.

CPENameOperatorVersion
identity_services_engineeq3.1
identity_services_engineeq3.1 patch1
identity_services_engineeq3.1 patch3
identity_services_engineeq3.2
identity_services_engineeq3.1 patch4
identity_services_engineeq3.1 patch5
identity_services_engineeq3.2 patch1

Name	Operator	Version
identity_services_engine	eq	3.1
identity_services_engine	eq	3.1 patch1
identity_services_engine	eq	3.1 patch3
identity_services_engine	eq	3.2
identity_services_engine	eq	3.1 patch4
identity_services_engine	eq	3.1 patch5
identity_services_engine	eq	3.2 patch1