Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
identity services engine software vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-20022
Multiple vulnerabilities in specific Cisco Identity Services Engine (ISE) CLI commands could allow an authenticated, local malicious user to perform command injection attacks on the underlying operating system and elevate privileges to root. To exploit these vulnerabilities, an a...
Cisco Identity Services Engine 3.2
NA
CVE-2023-20023
Multiple vulnerabilities in specific Cisco Identity Services Engine (ISE) CLI commands could allow an authenticated, local malicious user to perform command injection attacks on the underlying operating system and elevate privileges to root. To exploit these vulnerabilities, an a...
Cisco Identity Services Engine 3.2
NA
CVE-2023-02121
Multiple vulnerabilities in the restricted shell of Cisco Evolved Programmable Network Manager (EPNM), Cisco Identity Services Engine (ISE), and Cisco Prime Infrastructure could allow an authenticated, local attacker to escape the restricted shell and gain root privileges on the ...
NA
CVE-2023-20021
Multiple vulnerabilities in specific Cisco Identity Services Engine (ISE) CLI commands could allow an authenticated, local malicious user to perform command injection attacks on the underlying operating system and elevate privileges to root. To exploit these vulnerabilities, an a...
Cisco Identity Services Engine 3.2
NA
CVE-2023-20085
A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote malicious user to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. This vuln...
Cisco Identity Services Engine 3.2
NA
CVE-2022-20965
A vulnerability in the web-based management interface of Cisco Identity Services Engine could allow an authenticated, remote malicious user to take privileges actions within the web-based management interface. This vulnerability is due to improper access control on a feature with...
Cisco Identity Services Engine
Cisco Identity Services Engine 2.6.0
Cisco Identity Services Engine 2.7.0
Cisco Identity Services Engine 3.0.0
Cisco Identity Services Engine 3.1
Cisco Identity Services Engine 3.2
NA
CVE-2022-20966
A vulnerability in the web-based management interface of Cisco Identity Services Engine could allow an authenticated, remote malicious user to conduct cross-site scripting attacks against other users of the application web-based management interface. This vulnerability is due to ...
Cisco Identity Services Engine
Cisco Identity Services Engine 2.6.0
Cisco Identity Services Engine 2.7.0
Cisco Identity Services Engine 3.0.0
Cisco Identity Services Engine 3.1
Cisco Identity Services Engine 3.2
NA
CVE-2022-20967
A vulnerability in the web-based management interface of Cisco Identity Services Engine could allow an authenticated, remote malicious user to conduct cross-site scripting attacks against other users of the application web-based management interface. This vulnerability is due to ...
Cisco Identity Services Engine
Cisco Identity Services Engine 2.6.0
Cisco Identity Services Engine 2.7.0
Cisco Identity Services Engine 3.0.0
Cisco Identity Services Engine 3.1
Cisco Identity Services Engine 3.2
NA
CVE-2022-20964
A vulnerability in the web-based management interface of Cisco Identity Services Engine could allow an authenticated, remote malicious user to inject arbitrary commands on the underlying operating system. This vulnerability is due to improper validation of user input within reque...
Cisco Identity Services Engine
Cisco Identity Services Engine 2.6.0
Cisco Identity Services Engine 2.7.0
Cisco Identity Services Engine 3.0.0
Cisco Identity Services Engine 3.1
Cisco Identity Services Engine 3.2
NA
CVE-2022-20956
A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote malicious user to bypass authorization and access system files. This vulnerability is due to improper access control in the web-based management inte...
Cisco Identity Services Engine 3.1
Cisco Identity Services Engine 3.2
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »