7 matches found
Input validation
A vulnerability in the web-based management interface of Cisco Prime Service Catalog could allow an authenticated, remote attacker to access sensitive information on an affected device. This vulnerability is due to improper enforcement of Administrator privilege levels for low-value sensitive dat...
CVE-2022-20680 Cisco Prime Service Catalog Information Disclosure Vulnerability
A vulnerability in the web-based management interface of Cisco Prime Service Catalog could allow an authenticated, remote attacker to access sensitive information on an affected device. This vulnerability is due to improper enforcement of Administrator privilege levels for low-value sensitive dat...
Cisco Identity Services Engine Sensitive Information Disclosure (cisco-sa-ise-info-disc-pNXtLhdp)
According to its self-reported version, Cisco Identity Services Engine Software is affected by a sensitive information disclosure vulnerability in the web-based management interface due improper enforcement of administrator privilege levels for low-value sensitive data. An authenticated, remote...
CVE-2021-34702
CVE-2021-34702 affects Cisco Identity Services Engine (ISE) via the web-based management interface. The issue is an improper enforcement of administrator privilege levels for low-value sensitive data, allowing an authenticated, read-only administrator to browse to pages containing sensitive data ...
Cisco Identity Services Engine Sensitive Information Disclosure (cisco-sa-ise-info-exp-8RsuEu8S)
According to its self-reported version, Cisco Identity Services Engine Software is affected by multiple information disclosure vulnerabilities in its admin portal component due to improper enforcement of administrator privilege levels for sensitive data. An authenticated, remote attacker can...
CVE-2021-1416
Multiple vulnerabilities in the Admin portal of Cisco Identity Services Engine ISE could allow an authenticated, remote attacker to obtain sensitive information. These vulnerabilities are due to improper enforcement of administrator privilege levels for sensitive data. An attacker with read-only...
CVE-2021-1416 Cisco Identity Services Engine Sensitive Information Disclosure Vulnerabilities
Multiple vulnerabilities in the Admin portal of Cisco Identity Services Engine ISE could allow an authenticated, remote attacker to obtain sensitive information. These vulnerabilities are due to improper enforcement of administrator privilege levels for sensitive data. An attacker with read-only...