Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
identity services engine vulnerabilities and exploits
(subscribe to this query)
5.4
CVSSv3
CVE-2022-20967
A vulnerability in the web-based management interface of Cisco Identity Services Engine could allow an authenticated, remote malicious user to conduct cross-site scripting attacks against other users of the application web-based management interface. This vulnerability is due to ...
Cisco Identity Services Engine
Cisco Identity Services Engine 2.6.0
Cisco Identity Services Engine 2.7.0
Cisco Identity Services Engine 3.0.0
Cisco Identity Services Engine 3.1
Cisco Identity Services Engine 3.2
8.8
CVSSv3
CVE-2022-20956
A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote malicious user to bypass authorization and access system files. This vulnerability is due to improper access control in the web-based management inte...
Cisco Identity Services Engine 3.1
Cisco Identity Services Engine 3.2
5.3
CVSSv3
CVE-2022-20937
A vulnerability in a feature that monitors RADIUS requests on Cisco Identity Services Engine (ISE) Software could allow an unauthenticated, remote malicious user to negatively affect the performance of an affected device. This vulnerability is due to insufficient management of sy...
Cisco Identity Services Engine 2.7.0
Cisco Identity Services Engine 3.0.0
Cisco Identity Services Engine 3.1
Cisco Identity Services Engine
8.8
CVSSv3
CVE-2022-20961
A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote malicious user to conduct a cross-site request forgery (CSRF) attack and perform arbitrary actions on an affected device. This vulnerability is due...
Cisco Identity Services Engine
Cisco Identity Services Engine 2.6.0
Cisco Identity Services Engine 2.7.0
Cisco Identity Services Engine 3.0.0
Cisco Identity Services Engine 3.1
5.4
CVSSv3
CVE-2022-20963
A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote malicious user to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. This vulner...
Cisco Identity Services Engine 2.7.0
Cisco Identity Services Engine 3.0.0
Cisco Identity Services Engine 3.1
Cisco Identity Services Engine
8.8
CVSSv3
CVE-2022-20962
A vulnerability in the Localdisk Management feature of Cisco Identity Services Engine (ISE) could allow an authenticated, remote malicious user to make unauthorized changes to the file system of an affected device. This vulnerability is due to insufficient input validation. An at...
Cisco Identity Services Engine 3.1
8.1
CVSSv3
CVE-2022-20822
A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote malicious user to read and delete files on an affected device. This vulnerability is due to insufficient validation of user-supplied input. An attack...
Cisco Identity Services Engine 3.1
Cisco Identity Services Engine 3.2
1 Article
5.4
CVSSv3
CVE-2022-20959
A vulnerability in the External RESTful Services (ERS) API of Cisco Identity Services Engine (ISE) Software could allow an authenticated, remote malicious user to conduct a cross-site scripting (XSS) attack against a user of the interface of an affected device. This vulnerability...
Cisco Identity Services Engine 2.7.0
Cisco Identity Services Engine 3.0.0
Cisco Identity Services Engine 3.1
Cisco Identity Services Engine
Cisco Identity Services Engine 3.2
4.9
CVSSv3
CVE-2022-20914
A vulnerability in the External RESTful Services (ERS) API of Cisco Identity Services Engine (ISE) Software could allow an authenticated, remote malicious user to obtain sensitive information. This vulnerability is due to excessive verbosity in a specific REST API output. An atta...
Cisco Identity Services Engine 2.6.0
Cisco Identity Services Engine 2.7.0
Cisco Identity Services Engine 3.0.0
Cisco Identity Services Engine 3.1
Cisco Identity Services Engine
9.8
CVSSv3
CVE-2022-20733
A vulnerability in the login page of Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote malicious user to log in without credentials and access all roles without any restrictions. This vulnerability is due to exposed sensitive Security Assertion Markup La...
Cisco Identity Services Engine 3.1
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-34377
CVE-2024-20859
CVE-2023-49606
inject
arbitrary
CVE-2024-33788
CVE-2024-30973
IDOR
CVE-2024-33907
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »