Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
thnThe Hacker NewsTHN:E99704AFF64BD0B9F1521A005A78A52F
HistorySep 22, 2011 - 1:13 a.m.

Vulnerability in its Identity Services Engine of Cisco

2011-09-2201:13:00
The Hacker News
thehackernews.com
6

EPSS

0.011

Percentile

84.2%

JSON

Vulnerability in its Identity Services Engine ofCisco

The Hacker News

Cisco is warning users of a critical vulnerability (CVE-2011-3290) in its Identity Services Engine (ISE). In its security advisory, the company says that the underlying database used by ISE, its identity and access control policy platform, contains three sets of default credentials that could be exploited by a remote attacker without any end-user interaction.

Using these credentials, an attacker could modify the configuration and settings, or even gain complete administrative control of a device. All hardware appliance and software-only versions of Cisco ISE prior to 1.0.4.MR2 are affected.The company says that it will release a free update to the software to address the vulnerability on 30 September 2011; no temporary workaround is available. Once released, the updates will be available to download from the Cisco Software Center.
[Source]

Related

cve 1
nvd 1
prion 1
cvelist 1
cve
cve
CVE-2011-3290
2011-09-21 16:55:04
nvd
nvd
CVE-2011-3290
2011-09-21 16:55:04
prion
prion
Design/Logic Flaw
2011-09-21 16:55:00
cvelist
cvelist
CVE-2011-3290
2011-09-21 16:00:00

EPSS

0.011

Percentile

84.2%

JSON
Related for THN:E99704AFF64BD0B9F1521A005A78A52F
cve1nvd1prion1cvelist1