Latest cisco identity services engine Vulnerabilities

CVE-2024-20251
A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to perform a stored cross-site scripting (XSS) attack agains...
Cisco Identity Services Engine=1.0
Cisco Identity Services Engine=1.0.4
Cisco Identity Services Engine=1.1
Cisco Identity Services Engine=1.1.1
Cisco Identity Services Engine=1.1.2
Cisco Identity Services Engine=1.1.3
and 202 more
CVE-2023-20272
A vulnerability in the web-based management interface of Cisco Identity Services Engine could allow an authenticated, remote attacker to upload malicious files to the web root of the application. This...
Cisco Identity Services Engine=3.0.0
Cisco Identity Services Engine=3.0.0-patch1
Cisco Identity Services Engine=3.0.0-patch2
Cisco Identity Services Engine=3.0.0-patch3
Cisco Identity Services Engine=3.0.0-patch4
Cisco Identity Services Engine=3.0.0-patch5
and 7 more
CVE-2023-20208
A vulnerability in the web-based management interface of Cisco ISE could allow an authenticated, remote attacker to conduct an XSS attack against a user of the web-based management interface of an aff...
Cisco Identity Services Engine=3.0.0
Cisco Identity Services Engine=3.0.0-patch1
Cisco Identity Services Engine=3.0.0-patch2
Cisco Identity Services Engine=3.0.0-patch3
Cisco Identity Services Engine=3.0.0-patch4
Cisco Identity Services Engine=3.0.0-patch5
and 9 more
CVE-2023-20175
A vulnerability in a specific Cisco ISE CLI command could allow an authenticated, local attacker to perform command injection attacks on the underlying operating system and elevate privileges to root....
Cisco Identity Services Engine=2.6.0-patch1
Cisco Identity Services Engine=2.6.0-patch10
Cisco Identity Services Engine=2.6.0-patch11
Cisco Identity Services Engine=2.6.0-patch2
Cisco Identity Services Engine=2.6.0-patch3
Cisco Identity Services Engine=2.6.0-patch4
and 29 more
CVE-2023-20170
A vulnerability in a specific Cisco ISE CLI command could allow an authenticated, local attacker to perform command injection attacks on the underlying operating system and elevate privileges to root....
Cisco Identity Services Engine=3.2
Cisco Identity Services Engine=3.2-patch1
Cisco Identity Services Engine=3.2-patch2
CVE-2023-20196
Two vulnerabilities in Cisco ISE could allow an authenticated, remote attacker to upload arbitrary files to an affected device. To exploit these vulnerabilities, an attacker must have valid Administra...
Cisco Identity Services Engine=2.7.0
Cisco Identity Services Engine=2.7.0-patch1
Cisco Identity Services Engine=2.7.0-patch2
Cisco Identity Services Engine=2.7.0-patch3
Cisco Identity Services Engine=2.7.0-patch4
Cisco Identity Services Engine=2.7.0-patch5
and 23 more
CVE-2023-20195
Two vulnerabilities in Cisco ISE could allow an authenticated, remote attacker to upload arbitrary files to an affected device. To exploit these vulnerabilities, an attacker must have valid Administra...
Cisco Identity Services Engine=2.7.0
Cisco Identity Services Engine=2.7.0-patch1
Cisco Identity Services Engine=2.7.0-patch2
Cisco Identity Services Engine=2.7.0-patch3
Cisco Identity Services Engine=2.7.0-patch4
Cisco Identity Services Engine=2.7.0-patch5
and 23 more
CVE-2023-20213
A vulnerability in the CDP processing feature of Cisco ISE could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition of the CDP process on an affected device. This...
Cisco Identity Services Engine=2.7.0
Cisco Identity Services Engine=2.7.0-patch1
Cisco Identity Services Engine=2.7.0-patch2
Cisco Identity Services Engine=2.7.0-patch3
Cisco Identity Services Engine=2.7.0-patch4
Cisco Identity Services Engine=2.7.0-patch5
and 19 more
CVE-2023-20194
A vulnerability in the ERS API of Cisco ISE could allow an authenticated, remote attacker to read arbitrary files on the underlying operating system of an affected device. To exploit this vulnerabilit...
Cisco Identity Services Engine<=2.7
Cisco Identity Services Engine=3.0.0
Cisco Identity Services Engine=3.0.0-patch1
Cisco Identity Services Engine=3.0.0-patch2
Cisco Identity Services Engine=3.0.0-patch3
Cisco Identity Services Engine=3.0.0-patch4
and 13 more
CVE-2023-20193
A vulnerability in the Embedded Service Router (ESR) of Cisco ISE could allow an authenticated, local attacker to read, write, or delete arbitrary files on the underlying operating system and escalate...
Cisco Identity Services Engine<=2.7
Cisco Identity Services Engine>=3.0<=3.3
CVE-2023-20243
A vulnerability in the RADIUS message processing feature of Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote attacker to cause the affected system to stop processing RADIUS ...
Cisco Identity Services Engine=3.1
Cisco Identity Services Engine=3.1-patch1
Cisco Identity Services Engine=3.1-patch2
Cisco Identity Services Engine=3.1-patch3
Cisco Identity Services Engine=3.1-patch4
Cisco Identity Services Engine=3.1-patch5
and 4 more
CVE-2023-20111
A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to access sensitive information. This vulnerability is du...
Cisco Identity Services Engine<=2.6.0
Cisco Identity Services Engine=2.7.0
Cisco Identity Services Engine=2.7.0-patch1
Cisco Identity Services Engine=2.7.0-patch2
Cisco Identity Services Engine=2.7.0-patch3
Cisco Identity Services Engine=2.7.0-patch4
and 19 more
CVE-2023-20167
Multiple vulnerabilities in Cisco Identity Services Engine (ISE) could allow an authenticated attacker to perform path traversal attacks on the underlying operating system to either elevate privileges...
Cisco Identity Services Engine<3.1
Cisco Identity Services Engine=3.1
Cisco Identity Services Engine=3.1-patch1
Cisco Identity Services Engine=3.1-patch3
Cisco Identity Services Engine=3.1-patch4
Cisco Identity Services Engine=3.1-patch5
and 3 more
CVE-2023-20163
Multiple vulnerabilities in Cisco Identity Services Engine (ISE) could allow an authenticated attacker to perform command injection attacks on the underlying operating system and elevate privileges to...
Cisco Identity Services Engine<=2.7
Cisco Identity Services Engine=3.0.0
Cisco Identity Services Engine=3.0.0-patch1
Cisco Identity Services Engine=3.0.0-patch2
Cisco Identity Services Engine=3.0.0-patch3
Cisco Identity Services Engine=3.0.0-patch4
and 11 more
CVE-2023-20172
Multiple vulnerabilities in Cisco Identity Services Engine (ISE) could allow an authenticated attacker to delete or read arbitrary files on the underlying operating system. To exploit these vulnerabil...
Cisco Identity Services Engine=3.1
Cisco Identity Services Engine=3.1-patch1
Cisco Identity Services Engine=3.1-patch3
Cisco Identity Services Engine=3.1-patch4
Cisco Identity Services Engine=3.1-patch5
Cisco Identity Services Engine=3.2
and 1 more
CVE-2023-20173
Multiple vulnerabilities in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to read arbitrary files or conduct a server-side re...
Cisco Identity Services Engine<3.0.0
Cisco Identity Services Engine=3.0.0
Cisco Identity Services Engine=3.0.0-patch1
Cisco Identity Services Engine=3.0.0-patch2
Cisco Identity Services Engine=3.0.0-patch3
Cisco Identity Services Engine=3.0.0-patch4
and 11 more
CVE-2023-20164
Multiple vulnerabilities in Cisco Identity Services Engine (ISE) could allow an authenticated attacker to perform command injection attacks on the underlying operating system and elevate privileges to...
Cisco Identity Services Engine<=2.7
Cisco Identity Services Engine=3.0.0
Cisco Identity Services Engine=3.0.0-patch1
Cisco Identity Services Engine=3.0.0-patch2
Cisco Identity Services Engine=3.0.0-patch3
Cisco Identity Services Engine=3.0.0-patch4
and 11 more
CVE-2023-20171
Multiple vulnerabilities in Cisco Identity Services Engine (ISE) could allow an authenticated attacker to delete or read arbitrary files on the underlying operating system. To exploit these vulnerabil...
Cisco Identity Services Engine=3.1
Cisco Identity Services Engine=3.1-patch1
Cisco Identity Services Engine=3.1-patch3
Cisco Identity Services Engine=3.1-patch4
Cisco Identity Services Engine=3.1-patch5
Cisco Identity Services Engine=3.2
and 1 more
CVE-2023-20166
Multiple vulnerabilities in Cisco Identity Services Engine (ISE) could allow an authenticated attacker to perform path traversal attacks on the underlying operating system to either elevate privileges...
Cisco Identity Services Engine=3.2
Cisco Identity Services Engine=3.2-patch1
CVE-2023-20174
Multiple vulnerabilities in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to read arbitrary files or conduct a server-side re...
Cisco Identity Services Engine<3.0.0
Cisco Identity Services Engine=3.0.0
Cisco Identity Services Engine=3.0.0-patch1
Cisco Identity Services Engine=3.0.0-patch2
Cisco Identity Services Engine=3.0.0-patch3
Cisco Identity Services Engine=3.0.0-patch4
and 11 more
CVE-2023-20077
Multiple vulnerabilities in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to download arbitrary files from the filesystem of ...
Cisco Identity Services Engine<=3.1
Cisco Identity Services Engine=3.2
CVE-2023-20087
Multiple vulnerabilities in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to download arbitrary files from the filesystem of ...
Cisco Identity Services Engine<=3.1
Cisco Identity Services Engine=3.2
CVE-2023-20106
Multiple vulnerabilities in Cisco Identity Services Engine (ISE) could allow an authenticated attacker to delete or read arbitrary files on the underlying operating system. To exploit these vulnerabil...
Cisco Identity Services Engine=3.1
Cisco Identity Services Engine=3.1-patch1
Cisco Identity Services Engine=3.1-patch3
Cisco Identity Services Engine=3.1-patch4
Cisco Identity Services Engine=3.1-patch5
Cisco Identity Services Engine=3.2
and 1 more
CVE-2023-20122
Multiple vulnerabilities in the restricted shell of Cisco Evolved Programmable Network Manager (EPNM), Cisco Identity Services Engine (ISE), and Cisco Prime Infrastructure could allow an authenticated...
Cisco Identity Services Engine=3.2
CVE-2023-20121
Multiple vulnerabilities in the restricted shell of Cisco Evolved Programmable Network Manager (EPNM), Cisco Identity Services Engine (ISE), and Cisco Prime Infrastructure could allow an authenticated...
Cisco Evolved Programmable Network Manager<7.0.1
Cisco Identity Services Engine=3.2
Cisco Prime Infrastructure<3.10.4
CVE-2023-20152
Multiple vulnerabilities in specific Cisco Identity Services Engine (ISE) CLI commands could allow an authenticated, local attacker to perform command injection attacks on the underlying operating sys...
Cisco Identity Services Engine=3.2
CVE-2023-20022
Multiple vulnerabilities in specific Cisco Identity Services Engine (ISE) CLI commands could allow an authenticated, local attacker to perform command injection attacks on the underlying operating sys...
Cisco Identity Services Engine=3.2
CVE-2023-20023
Multiple vulnerabilities in specific Cisco Identity Services Engine (ISE) CLI commands could allow an authenticated, local attacker to perform command injection attacks on the underlying operating sys...
Cisco Identity Services Engine=3.2
CVE-2023-20030
A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to access sensitive information, conduct a server-side reque...
Cisco Identity Services Engine<3.2
Cisco Identity Services Engine=3.2
CVE-2023-20021
Multiple vulnerabilities in specific Cisco Identity Services Engine (ISE) CLI commands could allow an authenticated, local attacker to perform command injection attacks on the underlying operating sys...
Cisco Identity Services Engine=3.2
CVE-2023-20085
A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a u...
Cisco Identity Services Engine=3.2
CVE-2022-20967
A vulnerability in the web-based management interface of Cisco Identity Services Engine could allow an authenticated, remote attacker to conduct cross-site scripting attacks against other users of the...
Cisco Identity Services Engine<2.6.0
Cisco Identity Services Engine=2.6.0
Cisco Identity Services Engine=2.6.0-patch1
Cisco Identity Services Engine=2.6.0-patch10
Cisco Identity Services Engine=2.6.0-patch11
Cisco Identity Services Engine=2.6.0-patch12
and 27 more
CVE-2022-20964
A vulnerability in the web-based management interface of Cisco Identity Services Engine could allow an authenticated, remote attacker to inject arbitrary commands on the underlying operating system. ...
Cisco Identity Services Engine<2.6.0
Cisco Identity Services Engine=2.6.0
Cisco Identity Services Engine=2.6.0-patch1
Cisco Identity Services Engine=2.6.0-patch10
Cisco Identity Services Engine=2.6.0-patch11
Cisco Identity Services Engine=2.6.0-patch12
and 27 more
CVE-2022-20966
A vulnerability in the web-based management interface of Cisco Identity Services Engine could allow an authenticated, remote attacker to conduct cross-site scripting attacks against other users of the...
Cisco Identity Services Engine<2.6.0
Cisco Identity Services Engine=2.6.0
Cisco Identity Services Engine=2.6.0-patch1
Cisco Identity Services Engine=2.6.0-patch10
Cisco Identity Services Engine=2.6.0-patch11
Cisco Identity Services Engine=2.6.0-patch12
and 27 more
CVE-2022-20965
A vulnerability in the web-based management interface of Cisco Identity Services Engine could allow an authenticated, remote attacker to take privileges actions within the web-based management interfa...
Cisco Identity Services Engine<2.6.0
Cisco Identity Services Engine=2.6.0
Cisco Identity Services Engine=2.6.0-patch1
Cisco Identity Services Engine=2.6.0-patch10
Cisco Identity Services Engine=2.6.0-patch11
Cisco Identity Services Engine=2.6.0-patch12
and 27 more
CVE-2022-20962
A vulnerability in the Localdisk Management feature of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to make unauthorized changes to the file system of an affected...
Cisco Identity Services Engine=3.1
Cisco Identity Services Engine=3.1-patch1
Cisco Identity Services Engine=3.1-patch3
CVE-2022-20963
A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a use...
Cisco Identity Services Engine<2.7.0
Cisco Identity Services Engine=2.7.0
Cisco Identity Services Engine=2.7.0-patch1
Cisco Identity Services Engine=2.7.0-patch2
Cisco Identity Services Engine=2.7.0-patch3
Cisco Identity Services Engine=2.7.0-patch4
and 13 more
CVE-2022-20937
A vulnerability in a feature that monitors RADIUS requests on Cisco Identity Services Engine (ISE) Software could allow an unauthenticated, remote attacker to negatively affect the performance of an a...
Cisco Identity Services Engine<2.7.0
Cisco Identity Services Engine=2.7.0
Cisco Identity Services Engine=2.7.0-patch1
Cisco Identity Services Engine=2.7.0-patch2
Cisco Identity Services Engine=2.7.0-patch3
Cisco Identity Services Engine=2.7.0-patch4
and 12 more
CVE-2022-20956
A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to bypass authorization and access system files. This vul...
Cisco Identity Services Engine=3.1
Cisco Identity Services Engine=3.1-patch1
Cisco Identity Services Engine=3.1-patch3
Cisco Identity Services Engine=3.1-patch4
Cisco Identity Services Engine=3.2
CVE-2022-20961
A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack and ...
Cisco Identity Services Engine<2.6.0
Cisco Identity Services Engine=2.6.0
Cisco Identity Services Engine=2.6.0-patch1
Cisco Identity Services Engine=2.6.0-patch10
Cisco Identity Services Engine=2.6.0-patch11
Cisco Identity Services Engine=2.6.0-patch2
and 23 more
CVE-2022-20959
Cisco Identity Services Engine Cross-Site Scripting Vulnerability
Cisco Identity Services Engine>=2.4<2.7.0
Cisco Identity Services Engine=2.7.0
Cisco Identity Services Engine=2.7.0-patch1
Cisco Identity Services Engine=2.7.0-patch2
Cisco Identity Services Engine=2.7.0-patch3
Cisco Identity Services Engine=2.7.0-patch4
and 14 more
CVE-2022-20822
Cisco Identity Services Engine Unauthorized File Access Vulnerability
Cisco Identity Services Engine=3.1
Cisco Identity Services Engine=3.1-patch1
Cisco Identity Services Engine=3.1-patch3
Cisco Identity Services Engine=3.2
CVE-2022-20914
A vulnerability in the External RESTful Services (ERS) API of Cisco Identity Services Engine (ISE) Software could allow an authenticated, remote attacker to obtain sensitive information. This vulnerab...
Cisco Identity Services Engine>=2.4.0<2.6.0
Cisco Identity Services Engine=2.6.0
Cisco Identity Services Engine=2.6.0-patch1
Cisco Identity Services Engine=2.6.0-patch10
Cisco Identity Services Engine=2.6.0-patch2
Cisco Identity Services Engine=2.6.0-patch3
and 21 more
CVE-2022-20819
A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to obtain sensitive information from an affected device. Thi...
Cisco Identity Services Engine<2.4.0.357
Cisco Identity Services Engine>=2.6.<2.6.0.156
Cisco Identity Services Engine>=2.7<2.7.0.305
Cisco Identity Services Engine=2.4.0.357
Cisco Identity Services Engine=2.4.0.357-patch1
Cisco Identity Services Engine=2.4.0.357-patch10
and 11 more
CVE-2022-20733
A vulnerability in the login page of Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote attacker to log in without credentials and access all roles without any restrictions. T...
Cisco Identity Services Engine=3.1
Cisco Identity Services Engine=3.1-patch1
CVE-2022-20756
A vulnerability in the RADIUS feature of Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote attacker to cause the affected system to stop processing RADIUS packets. This vulne...
Cisco Identity Services Engine=2.2.0-patch17
Cisco Identity Services Engine=2.4.0-patch12
Cisco Identity Services Engine=2.4.0-patch13
Cisco Identity Services Engine=2.4.0-patch14
Cisco Identity Services Engine=2.6.0-patch10
Cisco Identity Services Engine=2.6.0-patch5
and 10 more
CVE-2022-20782
A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to obtain sensitive information from an affected device. Thi...
Cisco Identity Services Engine=2.6.0
Cisco Identity Services Engine=2.6.0-patch1
Cisco Identity Services Engine=2.6.0-patch10
Cisco Identity Services Engine=2.6.0-patch2
Cisco Identity Services Engine=2.6.0-patch3
Cisco Identity Services Engine=2.6.0-patch5
and 17 more
CVE-2021-44228
Apache Log4j2 Remote Code Execution Vulnerability
debian/apache-log4j1.2
debian/apache-log4j2
debian/apache-log4j2<=2.13.3-1<=2.7-2<=2.11.1-2
Apple Xcode<13.3
Apache Log4j2
redhat/log4j<2.15.0
and 429 more
CVE-2021-40121
Multiple vulnerabilities in the web-based management interface of Cisco Identity Services Engine (ISE) Software could allow an attacker to conduct a cross-site scripting (XSS) attack against a user of...
Cisco Identity Services Engine<=2.6
Cisco Identity Services Engine=2.6\(0.156\)
Cisco Identity Services Engine=2.6\(0.999\)
Cisco Identity Services Engine=2.6.0
Cisco Identity Services Engine=2.6.0-patch1
Cisco Identity Services Engine=2.6.0-patch2
and 20 more
CVE-2021-40123
A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker with administrative read-only privileges to download files t...
Cisco Identity Services Engine<=2.6
Cisco Identity Services Engine=2.6.0
Cisco Identity Services Engine=2.6.0-patch1
Cisco Identity Services Engine=2.6.0-patch2
Cisco Identity Services Engine=2.6.0-patch3
Cisco Identity Services Engine=2.6.0-patch5
and 19 more

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203