Identity Services Engine@2.7 Security Vulnerabilities and Issues — Identity Services Engine@2.7 CVE List

Lucene search

CiscoIdentity Services Engine2.7

7 matches found

CVE•added 2024/01/17 5:15 p.m.•90 views

CVE-2024-20251

A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to perform a stored cross-site scripting (XSS) attack against a user of the interface on an affected device. This vulnerability exists because the web-based ma...

5.4CVSS5AI score0.00072EPSS

CVE•added 2020/02/19 8:15 p.m.•62 views

CVE-2020-3156

A vulnerability in the logging component of Cisco Identity Services Engine could allow an unauthenticated remote attacker to conduct cross-site scripting attacks. The vulnerability is due to the improper validation of endpoint data stored in logs used by the web-based interface. An attacker could e...

6.1CVSS6.2AI score0.00208EPSS

CVE•added 2020/10/08 5:15 a.m.•60 views

CVE-2020-3467

A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to modify parts of the configuration on an affected device. The vulnerability is due to improper enforcement of role-based access control (RBAC) within the web...

7.7CVSS7.3AI score0.00131EPSS

CVE•added 2020/11/06 7:15 p.m.•60 views

CVE-2020-3551

A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface of an affected device. The vulnerability exists because the web-based manageme...

6.1CVSS5.9AI score0.00346EPSS

CVE•added 2021/10/21 3:15 a.m.•43 views

CVE-2021-34738

Multiple vulnerabilities in the web-based management interface of Cisco Identity Services Engine (ISE) Software could allow an attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. For more information about these vulnerabilities, see the Details section of this a...

6.1CVSS6AI score0.00526EPSS

CVE•added 2021/10/21 3:15 a.m.•42 views

CVE-2021-40121

6.1CVSS5.3AI score0.00455EPSS

CVE•added 2021/10/21 3:15 a.m.•38 views

CVE-2021-40123

A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker with administrative read-only privileges to download files that should be restricted. This vulnerability is due to incorrect permissions settings on an affecte...

6.5CVSS5AI score0.00048EPSS