2 matches found
CVE-2023-20173 Cisco Identity Services Engine XML External Entity Injection Vulnerabilities
Multiple vulnerabilities in the web-based management interface of Cisco Identity Services Engine ISE could allow an authenticated, remote attacker to read arbitrary files or conduct a server-side request forgery SSRF attack through an affected device. To exploit these vulnerabilities, an attacker...
CVE-2023-20173
Cisco Identity Services Engine (ISE) is affected by CVE-2023-20173, an XML External Entity Injection vulnerability in the web-based management interface that can allow an authenticated, remote attacker with valid Administrator credentials to read arbitrary files or perform SSRF. The exploitation ...