Identity Services Engine@2.2(0.470) Security Vulnerabilities and Issues — Identity Services Engine@2.2(0.470) CVE List

Lucene search

CiscoIdentity Services Engine2.2(0.470)

9 matches found

CVE•added 2020/01/26 5:15 a.m.•110 views

CVE-2019-15255

A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to bypass authorization and access sensitive information related to the device. The vulnerability exists because the software fails to sanitize URLs before it ...

6.5CVSS6.5AI score0.002EPSS

CVE•added 2024/01/17 5:15 p.m.•90 views

CVE-2024-20251

A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to perform a stored cross-site scripting (XSS) attack against a user of the interface on an affected device. This vulnerability exists because the web-based ma...

5.4CVSS5AI score0.00072EPSS

CVE•added 2019/05/16 2:29 a.m.•53 views

CVE-2019-1851

A vulnerability in the External RESTful Services (ERS) API of the Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to generate arbitrary certificates signed by the Internal Certificate Authority (CA) Services on ISE. This vulnerability is due to an incorrect implem...

6.8CVSS6.6AI score0.00122EPSS

CVE•added 2018/03/08 7:29 a.m.•48 views

CVE-2018-0221

A vulnerability in specific CLI commands for the Cisco Identity Services Engine (ISE) could allow an authenticated, local attacker to perform command injection to the underlying operating system or cause a hang or disconnect of the user session. The attacker needs valid administrator credentials fo...

7.2CVSS6.8AI score0.00356EPSS

CVE•added 2018/05/17 3:29 a.m.•47 views

CVE-2018-0277

A vulnerability in the Extensible Authentication Protocol-Transport Layer Security (EAP-TLS) certificate validation during EAP authentication for the Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote attacker to cause the ISE application server to restart unexpectedly, cau...

8.6CVSS8.6AI score0.00387EPSS

CVE•added 2019/01/10 6:29 p.m.•43 views

CVE-2018-15456

A vulnerability in the Admin Portal of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to view saved passwords in plain text. The vulnerability is due to the incorrect inclusion of saved passwords when loading configuration pages in the Admin Portal. An attacker w...

4.9CVSS4.6AI score0.00141EPSS

CVE•added 2018/10/05 2:29 p.m.•41 views

CVE-2018-15425

A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to execute arbitrary commands on the underlying operating system of an affected device with the privileges of the web server.

6.5CVSS5.4AI score0.00408EPSS

CVE•added 2018/03/08 7:29 a.m.•35 views

CVE-2018-0212

A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. The vulnerability is due to insuff...

6.1CVSS5.9AI score0.00332EPSS

CVE•added 2018/10/05 2:29 p.m.•35 views

CVE-2018-15424

6.5CVSS5.4AI score0.00231EPSS