7 matches found
CVE-2025-20264
A vulnerability in the web-based management interface of Cisco Identity Services Engine ISE could allow an authenticated, remote attacker to bypass the authorization mechanisms for specific administrative functions. This vulnerability is due to insufficient authorization enforcement mechanisms fo...
CVE-2025-20264 Cisco Identity Services Engine Authorization Bypass Vulnerability
A vulnerability in the web-based management interface of Cisco Identity Services Engine ISE could allow an authenticated, remote attacker to bypass the authorization mechanisms for specific administrative functions. This vulnerability is due to insufficient authorization enforcement mechanisms fo...
CVE-2025-20264
Cisco ISE (Identity Services Engine) is affected by CVE-2025-20264, a vulnerability in the web-based management interface that allows an authenticated remote attacker to bypass authorization for specific administrative functions. The root cause is insufficient authorization enforcement for users ...
Cisco Identity Services Engine Authorization Bypass Vulnerability
A vulnerability in the web-based management interface of Cisco Identity Services Engine ISE could allow an authenticated, remote attacker to bypass the authorization mechanisms for specific administrative functions. This vulnerability is due to insufficient authorization enforcement mechanisms fo...
Cisco Identity Services Engine (cisco-sa-ise-auth-bypass-mVfKVQAU)
According to its self-reported version, Cisco ISE is affected by a vulnerability. - A vulnerability in the web-based management interface of Cisco Identity Services Engine ISE could allow an authenticated, remote attacker to bypass the authorization mechanisms for specific administrative function...
CVE-2021-3034
An information exposure through log file vulnerability exists in Cortex XSOAR software where the secrets configured for the SAML single sign-on SSO integration can be logged to the '/var/log/demisto/' server logs when testing the integration during setup. This logged information includes the...
CVE-2021-3034
CVE-2021-3034 affects Cortex XSOAR, where secrets for the SAML SSO integration can be logged into /var/log/demisto during setup testing. The vulnerability exposes private keys and the identity provider certificate due to log file leakage. Affected versions include Cortex XSOAR 5.5.0 builds earlie...