Identity Services Engine Software@1.3(0.876) Security Vulnerabilities and Issues — Identity Services Engine Software@1.3(0.876) CVE List

Lucene search

CiscoIdentity Services Engine Software1.3(0.876)

5 matches found

CVE•added 2015/07/14 5:59 p.m.•53 views

CVE-2015-4268

Multiple cross-site scripting (XSS) vulnerabilities in the Infra Admin UI in Cisco Identity Services Engine (ISE) 1.2(1.198) and 1.3(0.876) allow remote attackers to inject arbitrary web script or HTML via unspecified parameters in a (1) GET or (2) POST request, aka Bug ID CSCus16052.

4.3CVSS5.9AI score0.00263EPSS

CVE•added 2016/01/15 3:59 a.m.•52 views

CVE-2015-6323

The Admin portal in Cisco Identity Services Engine (ISE) 1.1.x, 1.2.0 before patch 17, 1.2.1 before patch 8, 1.3 before patch 5, and 1.4 before patch 4 allows remote attackers to obtain administrative access via unspecified vectors, aka Bug ID CSCuw34253.

10CVSS9.3AI score0.01486EPSS

CVE•added 2015/07/15 6:59 p.m.•45 views

CVE-2015-4267

Cross-site request forgery (CSRF) vulnerability in the web framework in Cisco Identity Services Engine (ISE) 1.2(0.793), 1.3(0.876), 1.4(0.109), 2.0(0.147), and 2.0(0.169) allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCus09940.

6.8CVSS7.4AI score0.00117EPSS

CVE•added 2016/08/22 10:59 a.m.•42 views

CVE-2016-1485

Cross-site scripting (XSS) vulnerability in Cisco Identity Services Engine 1.3(0.876) allows remote attackers to inject arbitrary web script or HTML via crafted parameters, aka Bug ID CSCva46497.

6.1CVSS6AI score0.00453EPSS

CVE•added 2016/01/23 5:59 a.m.•41 views

CVE-2015-6317

Cisco Identity Services Engine (ISE) before 2.0 allows remote authenticated users to bypass intended web-resource access restrictions via a direct request, aka Bug ID CSCuu45926.

6.8CVSS6.1AI score0.00139EPSS