2 matches found
CVE-2022-20822
Cisco Identity Services Engine (ISE) is affected via its web-based management interface. The root cause is insufficient validation of user-supplied input, enabling authenticated, remote attackers to read and delete files by sending crafted HTTP requests with path-sequence characters. Reported imp...
Cisco warns of ISE vulnerability with no fixed release or workaround
Cisco has published a security advisory for a vulnerability in the web-based management interface of Cisco Identity Services Engine ISE that could allow an authenticated, remote attacker to read and delete files on an affected device. The bug, with a CVSS score of 7.1 has no patch and no...