Path traversal

2023-05-1803:15:00

PRIOn knowledge base

www.prio-n.com

cisco

identity services engine

path traversal

vulnerability

privilege escalation

operating system

credentials

5.1 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

20.7%

JSON

Multiple vulnerabilities in Cisco Identity Services Engine (ISE) could allow an authenticated attacker to perform path traversal attacks on the underlying operating system to either elevate privileges to root or read arbitrary files. To exploit these vulnerabilities, an attacker must have valid Administrator credentials on the affected device. For more information about these vulnerabilities, see the Details section of this advisory.

CPENameOperatorVersion
identity_services_engineeq3.1
identity_services_engineeq3.1 patch1
identity_services_engineeq3.1 patch3
identity_services_engineeq3.2
identity_services_engineeq3.1 patch4
identity_services_engineeq3.1 patch5
identity_services_engineeq3.2 patch1
identity_services_engineeq3.1 patch6
identity_services_enginelt3.1

Name	Operator	Version
identity_services_engine	eq	3.1
identity_services_engine	eq	3.1 patch1
identity_services_engine	eq	3.1 patch3
identity_services_engine	eq	3.2
identity_services_engine	eq	3.1 patch4
identity_services_engine	eq	3.1 patch5
identity_services_engine	eq	3.2 patch1
identity_services_engine	eq	3.1 patch6
identity_services_engine	lt	3.1