4 matches found
CVE-2022-20959
A vulnerability in the External RESTful Services ERS API of Cisco Identity Services Engine ISE Software could allow an authenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the interface of an affected device. This vulnerability is due to insufficient input...
CVE-2022-20959
CVE-2022-20959 affects Cisco Identity Services Engine (ISE) via the External RESTful Services (ERS) API. The issue arises from insufficient input validation, allowing an authenticated, remote attacker to trick an administrator into clicking a malicious link, leading to cross-site scripting (XSS) ...
Cisco warns of ISE vulnerability with no fixed release or workaround
Cisco has published a security advisory for a vulnerability in the web-based management interface of Cisco Identity Services Engine ISE that could allow an authenticated, remote attacker to read and delete files on an affected device. The bug, with a CVSS score of 7.1 has no patch and no...
CVE-2022-20959
A vulnerability in the External RESTful Services ERS API of Cisco Identity Services Engine ISE Software could allow an authenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the interface of an affected device. This vulnerability is due to insufficient input...