Identity Services Engine Software Security Vulnerabilities and Issues — Identity Services Engine Software CVE List

Lucene search

CiscoIdentity Services Engine Software

5 matches found

CVE•added 2016/01/15 3:59 a.m.•52 views

CVE-2015-6323

The Admin portal in Cisco Identity Services Engine (ISE) 1.1.x, 1.2.0 before patch 17, 1.2.1 before patch 8, 1.3 before patch 5, and 1.4 before patch 4 allows remote attackers to obtain administrative access via unspecified vectors, aka Bug ID CSCuw34253.

10CVSS9.3AI score0.01486EPSS

CVE•added 2016/08/22 10:59 a.m.•42 views

CVE-2016-1485

Cross-site scripting (XSS) vulnerability in Cisco Identity Services Engine 1.3(0.876) allows remote attackers to inject arbitrary web script or HTML via crafted parameters, aka Bug ID CSCva46497.

6.1CVSS6AI score0.00453EPSS

CVE•added 2016/01/23 5:59 a.m.•41 views

CVE-2015-6317

Cisco Identity Services Engine (ISE) before 2.0 allows remote authenticated users to bypass intended web-resource access restrictions via a direct request, aka Bug ID CSCuu45926.

6.8CVSS6.1AI score0.00139EPSS

CVE•added 2016/05/21 1:59 a.m.•41 views

CVE-2016-1402

The Active Directory (AD) integration component in Cisco Identity Service Engine (ISE) before 1.2.0.899 patch 7, when AD group-membership authorization is enabled, allows remote attackers to cause a denial of service (authentication outage) via a crafted Password Authentication Protocol (PAP) authe...

7.5CVSS7.4AI score0.01746EPSS

CVE•added 2016/12/14 12:59 a.m.•34 views

CVE-2016-9214

Cisco Identity Services Engine (ISE) contains a vulnerability that could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against the user of the web interface of the affected system. More Information: CSCvb86332 CSCvb86760. Known Affected Releases: 2.0(101.1...

6.1CVSS6AI score0.00349EPSS