Identity Services Engine@2.6.0 Security Vulnerabilities and Issues — Identity Services Engine@2.6.0 CVE List

Lucene search

CiscoIdentity Services Engine2.6.0

4 matches found

CVE•added 2020/10/08 5:15 a.m.•110 views

CVE-2020-3589

A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) Software could allow an authenticated, remote attacker with administrative credentials to conduct a cross-site scripting (XSS) attack against a user of the interface. The vulnerability exists because the w...

4.8CVSS4.9AI score0.00197EPSS

CVE•added 2020/02/19 8:15 p.m.•62 views

CVE-2020-3156

A vulnerability in the logging component of Cisco Identity Services Engine could allow an unauthenticated remote attacker to conduct cross-site scripting attacks. The vulnerability is due to the improper validation of endpoint data stored in logs used by the web-based interface. An attacker could e...

6.1CVSS6.2AI score0.00208EPSS

CVE•added 2020/10/08 5:15 a.m.•60 views

CVE-2020-3467

A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to modify parts of the configuration on an affected device. The vulnerability is due to improper enforcement of role-based access control (RBAC) within the web...

7.7CVSS7.3AI score0.00131EPSS

CVE•added 2020/07/02 5:15 a.m.•45 views

CVE-2020-3340

Multiple vulnerabilities in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker with administrative credentials to conduct a cross-site scripting (XSS) attack against a user of the interface. These vulnerabilities are due to insuf...

4.8CVSS5AI score0.0017EPSS