Lucene search
K

7 matches found

RedhatCVE
RedhatCVE
added 2025/06/27 4:21 p.m.7 views

CVE-2025-20264

A vulnerability in the web-based management interface of Cisco Identity Services Engine ISE could allow an authenticated, remote attacker to bypass the authorization mechanisms for specific administrative functions. This vulnerability is due to insufficient authorization enforcement mechanisms fo...

6.4CVSS7.3AI score0.00277EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/06/25 4:11 p.m.3 views

CVE-2025-20264 Cisco Identity Services Engine Authorization Bypass Vulnerability

A vulnerability in the web-based management interface of Cisco Identity Services Engine ISE could allow an authenticated, remote attacker to bypass the authorization mechanisms for specific administrative functions. This vulnerability is due to insufficient authorization enforcement mechanisms fo...

6.4CVSS7.2AI score0.00277EPSS
Exploits0References1
CVE
CVE
added 2025/06/25 4:11 p.m.31 views

CVE-2025-20264

Cisco ISE (Identity Services Engine) is affected by CVE-2025-20264, a vulnerability in the web-based management interface that allows an authenticated remote attacker to bypass authorization for specific administrative functions. The root cause is insufficient authorization enforcement for users ...

6.4CVSS7.2AI score0.00277EPSS
Exploits0References1Affected Software1
Cisco
Cisco
added 2025/06/25 4:0 p.m.9 views

Cisco Identity Services Engine Authorization Bypass Vulnerability

A vulnerability in the web-based management interface of Cisco Identity Services Engine ISE could allow an authenticated, remote attacker to bypass the authorization mechanisms for specific administrative functions. This vulnerability is due to insufficient authorization enforcement mechanisms fo...

6.4CVSS7.2AI score0.00277EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/06/25 12:0 a.m.7 views

Cisco Identity Services Engine (cisco-sa-ise-auth-bypass-mVfKVQAU)

According to its self-reported version, Cisco ISE is affected by a vulnerability. - A vulnerability in the web-based management interface of Cisco Identity Services Engine ISE could allow an authenticated, remote attacker to bypass the authorization mechanisms for specific administrative function...

6.4CVSS5.7AI score0.00277EPSS
Exploits0References3
NVD
NVD
added 2021/03/10 6:15 p.m.18 views

CVE-2021-3034

An information exposure through log file vulnerability exists in Cortex XSOAR software where the secrets configured for the SAML single sign-on SSO integration can be logged to the '/var/log/demisto/' server logs when testing the integration during setup. This logged information includes the...

5.1CVSS0.00168EPSS
Exploits0References1
CVE
CVE
added 2021/03/10 6:10 p.m.65 views

CVE-2021-3034

CVE-2021-3034 affects Cortex XSOAR, where secrets for the SAML SSO integration can be logged into /var/log/demisto during setup testing. The vulnerability exposes private keys and the identity provider certificate due to log file leakage. Affected versions include Cortex XSOAR 5.5.0 builds earlie...

5.1CVSS5AI score0.00168EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder