2 matches found
Cisco Identity Services Engine Privilege Escalation (cisco-sa-ise-priv-esc-KJLp2Aw)
According to its self-reported version, Cisco Identity Services Engine is affected by a privilege escalation vulnerability that allows an authenticated, Administrator-level attacker to read arbitrary files due to a flaw in the ERS API. This can be exploited by sending a crafted request. Please se...
CVE-2023-20194
Cisco ISE ERS API vulnerability (CVE-2023-20194) allows an authenticated Administrator to read arbitrary OS files due to improper privilege management in the ERS API. Exploitation requires valid admin privileges and a crafted ERS API request; impact is information disclosure and potential privile...