Identity Services Engine Software@- Security Vulnerabilities and Issues — Identity Services Engine Software@- CVE List

Lucene search

CiscoIdentity Services Engine Software-

3 matches found

CVE•added 2014/12/22 7:59 p.m.•46 views

CVE-2014-8017

The periodic-backup feature in Cisco Identity Services Engine (ISE) allows remote attackers to discover backup-encryption passwords via a crafted request that triggers inclusion of a password in a reply, aka Bug ID CSCur41673.

5CVSS6.9AI score0.00152EPSS

CVE•added 2014/12/22 7:59 p.m.•36 views

CVE-2014-8015

The Sponsor Portal in Cisco Identity Services Engine (ISE) allows remote authenticated users to obtain access to an arbitrary sponsor's guest account via a modified HTTP request, aka Bug ID CSCur64400.

4CVSS6.4AI score0.00171EPSS

CVE•added 2014/01/15 4:11 p.m.•35 views

CVE-2014-0665

The RBAC implementation in Cisco Identity Services Engine (ISE) Software does not properly verify privileges for support-bundle downloads, which allows remote authenticated users to obtain sensitive information via a download action, as demonstrated by obtaining read access to the user database, ak...

4CVSS5.8AI score0.00381EPSS