2 matches found
CVE-2023-20166
Cisco Identity Services Engine (ISE) contains path traversal vulnerabilities (CVE-2023-20166) that could allow an authenticated administrator to escape restricted contexts, elevate privileges to root, or read arbitrary files on the underlying OS. The root cause is path traversal handling within I...
CVE-2023-20166 Cisco Identity Services Engine Path Traversal Vulnerabilities
Multiple vulnerabilities in Cisco Identity Services Engine ISE could allow an authenticated attacker to perform path traversal attacks on the underlying operating system to either elevate privileges to root or read arbitrary files. To exploit these vulnerabilities, an attacker must have valid...