The Admin portal in Cisco Identity Services Engine (ISE) 1.1.x, 1.2.0 before patch 17, 1.2.1 before patch 8, 1.3 before patch 5, and 1.4 before patch 4 allows remote malicious users to obtain administrative access via unspecified vectors, aka Bug ID CSCuw34253.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
cisco identity services engine software 1.1.2 |
||
cisco identity services engine software 1.1.3 |
||
cisco identity services engine software 1.1.1 |
||
cisco identity services engine software 1.1.4 |
||
cisco identity services engine software 1.2(0.793) |
||
cisco identity services engine software 1.1 base |
||
cisco identity services engine software 1.3(0.876) |
||
cisco identity services engine software 1.2(1.198) |
||
cisco identity services engine software 1.3(0.722) |
||
cisco identity services engine software 1.2.1 |
||
cisco identity services engine software 1.2 base |
||
cisco identity services engine software 1.2(1.901) |
||
cisco identity services engine software 1.2.0.899 |
||
cisco identity services engine software 1.2(0.747) |
||
cisco identity services engine software 1.4(0.181) |
||
cisco identity services engine software 1.3(106.146) |
||
cisco identity services engine software 1.3(120.135) |
||
cisco identity services engine software 1.4(0.109) |
||
cisco identity services engine software 1.4(0.253) |
Wi-Fi gear, WLAN controllers, ISE get security patches
Cisco sysadmins have a busy day ahead of them, with vulnerabilities announced in wireless LAN controllers, the Cisco Identity Services Engine, and Aironet access points. The Aironet 1800 series flaw, CVE-2015-6336, is that old favorite: a hardcoded static password granting access to the device. Luckily, the account with the hardwired credential doesn't have admin privilege, so Cisco reckons its exposure is limited to denial-of-service attacks. The access points that need updating are the 1830e, ...