Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cisco identity services engine 2.3 vulnerabilities and exploits
(subscribe to this query)
383
VMScore
CVE-2018-0339
A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote malicious user to conduct a cross-site scripting (XSS) attack against a user of the web-based interface. The vulnerability is due to insufficient i...
Cisco Identity Services Engine Software 2.3\\(0.298\\)
Cisco Identity Services Engine Software 2.4\\(0.126\\)
312
VMScore
CVE-2021-34759
A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) Software could allow an authenticated, remote attacker with administrative credentials to conduct a cross-site scripting (XSS) attack against a user of the interface. This vulnerability ...
Cisco Identity Services Engine 2.4.0
Cisco Identity Services Engine 2.3.0
Cisco Identity Services Engine 2.6.0
Cisco Identity Services Engine 2.2.0
Cisco Identity Services Engine 2.7.0
Cisco Identity Services Engine 3.0.0
Cisco Identity Services Engine
356
VMScore
CVE-2019-1851
A vulnerability in the External RESTful Services (ERS) API of the Cisco Identity Services Engine (ISE) could allow an authenticated, remote malicious user to generate arbitrary certificates signed by the Internal Certificate Authority (CA) Services on ISE. This vulnerability is d...
Cisco Identity Services Engine 2.3\\(0.298\\)
Cisco Identity Services Engine 2.2\\(0.470\\)
Cisco Identity Services Engine 2.4\\(0.357\\)
356
VMScore
CVE-2021-1416
Multiple vulnerabilities in the Admin portal of Cisco Identity Services Engine (ISE) could allow an authenticated, remote malicious user to obtain sensitive information. These vulnerabilities are due to improper enforcement of administrator privilege levels for sensitive data. An...
Cisco Identity Services Engine 2.4.0
Cisco Identity Services Engine 2.3.0
Cisco Identity Services Engine 2.6.0
Cisco Identity Services Engine 2.7.0
Cisco Identity Services Engine 3.0.0
Cisco Identity Services Engine
356
VMScore
CVE-2021-1412
Multiple vulnerabilities in the Admin portal of Cisco Identity Services Engine (ISE) could allow an authenticated, remote malicious user to obtain sensitive information. These vulnerabilities are due to improper enforcement of administrator privilege levels for sensitive data. An...
Cisco Identity Services Engine 2.4.0
Cisco Identity Services Engine 2.3.0
Cisco Identity Services Engine 2.6.0
Cisco Identity Services Engine 2.7.0
Cisco Identity Services Engine 3.0.0
Cisco Identity Services Engine
641
VMScore
CVE-2017-12261
A vulnerability in the restricted shell of the Cisco Identity Services Engine (ISE) that is accessible via SSH could allow an authenticated, local malicious user to run arbitrary CLI commands with elevated privileges. The vulnerability is due to incomplete input validation of the...
Cisco Identity Services Engine 1.4
Cisco Identity Services Engine 2.0
Cisco Identity Services Engine 2.0.1
Cisco Identity Services Engine 2.1.0
Cisco Identity Services Engine Express 2.0
Cisco Identity Services Engine Express 2.0.1
Cisco Identity Services Engine Express 2.1.0
Cisco Identity Services Engine Express 1.4
Cisco Identity Services Engine Virtual Appliance 2.0
Cisco Identity Services Engine Virtual Appliance 2.1.0
Cisco Identity Services Engine Virtual Appliance 1.4
Cisco Identity Services Engine Virtual Appliance 2.0.1
578
VMScore
CVE-2018-15459
A vulnerability in the administrative web interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote malicious user to gain additional privileges on an affected device. The vulnerability is due to improper controls on certain pages in the web interface...
Cisco Identity Services Engine 2.5\\(0.1\\)
Cisco Identity Services Engine 2.3\\(0.298\\)
1 Article
641
VMScore
CVE-2018-0275
A vulnerability in the support tunnel feature of Cisco Identity Services Engine (ISE) could allow an authenticated, local malicious user to access the device's shell. The vulnerability is due to improper configuration of the support tunnel feature. An attacker could exploit ...
Cisco Identity Services Engine
958
VMScore
CVE-2018-11776
Apache Struts versions 2.3 to 2.3.34 and 2.5 to 2.5.16 suffer from possible Remote Code Execution when alwaysSelectFullNamespace is true (either by user or a plugin like Convention Plugin) and then: results are used with no namespace and in same time, its upper package have no or...
Apache Struts
3 EDB exploits
45 Github repositories
3 Articles
1000
VMScore
CVE-2017-5638
The Jakarta Multipart parser in Apache Struts 2 2.3.x prior to 2.3.32 and 2.5.x prior to 2.5.10.1 has incorrect exception handling and error-message generation during file-upload attempts, which allows remote malicious users to execute arbitrary commands via a crafted Content-Typ...
Apache Struts 2.3.5
Apache Struts 2.3.28
Apache Struts 2.3.20.2
Apache Struts 2.3.15
Apache Struts 2.3.25
Apache Struts 2.3.14
Apache Struts 2.3.13
Apache Struts 2.3.16
Apache Struts 2.3.24.2
Apache Struts 2.3.17
Apache Struts 2.3.24.1
Apache Struts 2.3.22
Apache Struts 2.3.9
Apache Struts 2.3.16.3
Apache Struts 2.3.23
Apache Struts 2.3.6
Apache Struts 2.3.24.3
Apache Struts 2.3.15.2
Apache Struts 2.3.29
Apache Struts 2.3.14.3
Apache Struts 2.3.19
Apache Struts 2.3.20.1
2 EDB exploits
2 Nmap scripts
144 Github repositories
15 Articles
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
NEXT »