Vulnerability in its Identity Services Engine of Cisco

Vulnerability in its Identity Services Engine of Cisco Cisco is warning users of a critical vulnerability CVE-2011-3290 in its Identity Services Engine ISE. In its security advisory, the company says that the underlying database used by ISE, its identity and access control policy platform, contai...

CVE-2011-3290

Cisco Identity Services Engine (ISE) prior to 1.0.4.MR2 is affected by CVE-2011-3290 due to default Oracle database credentials. The underlying cause is hard-coded/default credentials in the ISE database, enabling a remote attacker to modify configuration and perform administrative actions withou...