Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
identity services engine software vulnerabilities and exploits
(subscribe to this query)
6.7
CVSSv3
CVE-2020-27122
A vulnerability in the Microsoft Active Directory integration of Cisco Identity Services Engine (ISE) could allow an authenticated, local malicious user to elevate privileges on an affected device. To exploit this vulnerability, an attacker would need to have a valid administrato...
Cisco Identity Services Engine
6.7
CVSSv3
CVE-2018-0275
A vulnerability in the support tunnel feature of Cisco Identity Services Engine (ISE) could allow an authenticated, local malicious user to access the device's shell. The vulnerability is due to improper configuration of the support tunnel feature. An attacker could exploit ...
Cisco Identity Services Engine
6.7
CVSSv3
CVE-2018-0221
A vulnerability in specific CLI commands for the Cisco Identity Services Engine (ISE) could allow an authenticated, local malicious user to perform command injection to the underlying operating system or cause a hang or disconnect of the user session. The attacker needs valid adm...
Cisco Identity Services Engine 2.0\\(0.249\\)
Cisco Identity Services Engine 2.1\\(0.474\\)
Cisco Identity Services Engine 2.2\\(0.903\\)
Cisco Identity Services Engine 2.4\\(0.192\\)
Cisco Identity Services Engine 2.2\\(0.470\\)
Cisco Identity Services Engine 2.3\\(0.298\\)
6.6
CVSSv3
CVE-2021-44832
Apache Log4j2 versions 2.0-beta7 up to and including 2.17.0 (excluding security fix releases 2.3.2 and 2.12.4) are vulnerable to a remote code execution (RCE) attack when a configuration uses a JDBC Appender with a JNDI LDAP data source URI when an attacker has control of the tar...
Apache Log4j 2.0
Apache Log4j
Oracle Weblogic Server 12.2.1.3.0
Oracle Primavera Unifier 18.8
Oracle Weblogic Server 12.2.1.4.0
Oracle Primavera Unifier 19.12
Oracle Weblogic Server 14.1.1.0.0
Oracle Primavera Unifier 20.12
Oracle Communications Interactive Session Recorder 6.3
Oracle Communications Interactive Session Recorder 6.4
Oracle Primavera Gateway
Oracle Retail Assortment Planning 16.0.3
Oracle Primavera Unifier 21.12
Oracle Primavera P6 Enterprise Project Portfolio Management 21.12.0.0
Oracle Primavera P6 Enterprise Project Portfolio Management
Oracle Primavera Gateway 21.12.0
Oracle Retail Fiscal Management 14.2
Oracle Siebel Ui Framework 21.12
Oracle Communications Diameter Signaling Router
Cisco Cloudcenter 4.10.0.16
Fedoraproject Fedora 34
Fedoraproject Fedora 35
34 Github repositories
4 Articles
6.6
CVSSv3
CVE-2019-1736
A vulnerability in the firmware of the Cisco UCS C-Series Rack Servers could allow an authenticated, physical malicious user to bypass Unified Extensible Firmware Interface (UEFI) Secure Boot validation checks and load a compromised software image on an affected device. The vulne...
Cisco Fmc1000-k9 Bios
Cisco Fmc1000-k9 Firmware
Cisco Fmc2500-k9 Bios
Cisco Fmc2500-k9 Firmware
Cisco Fmc4500-k9 Bios
Cisco Fmc4500-k9 Firmware
Cisco Sns-3515-k9 Bios
Cisco Sns-3515-k9 Firmware
Cisco Sns-3595-k9 Bios
Cisco Sns-3595-k9 Firmware
Cisco Sns-3615-k9 Bios
Cisco Sns-3615-k9 Firmware
Cisco Sns-3655-k9 Bios
Cisco Sns-3655-k9 Firmware
Cisco Sns-3695-k9 Bios
Cisco Sns-3695-k9 Firmware
Cisco Tg5004-k9 Bios
Cisco Tg5004-k9 Firmware
Cisco Tg5004-k9-rf Bios
Cisco Tg5004-k9-rf Firmware
Cisco Identity Services Engine 2.4\\(0.357\\)
Cisco Identity Services Engine 2.6\\(0.156\\)
6.5
CVSSv3
CVE-2023-20111
A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote malicious user to access sensitive information. This vulnerability is due to the improper storage of sensitive information within the web-based manag...
Cisco Identity Services Engine
Cisco Identity Services Engine 2.7.0
Cisco Identity Services Engine 3.0.0
Cisco Identity Services Engine 3.1
6.5
CVSSv3
CVE-2023-20171
Multiple vulnerabilities in Cisco Identity Services Engine (ISE) could allow an authenticated malicious user to delete or read arbitrary files on the underlying operating system. To exploit these vulnerabilities, an attacker must have valid credentials on an affected device. For ...
Cisco Identity Services Engine 3.1
Cisco Identity Services Engine 3.2
6.5
CVSSv3
CVE-2023-20077
Multiple vulnerabilities in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote malicious user to download arbitrary files from the filesystem of an affected device. These vulnerabilities are due to insufficient input va...
Cisco Identity Services Engine
Cisco Identity Services Engine 3.2
6.5
CVSSv3
CVE-2023-20087
Multiple vulnerabilities in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote malicious user to download arbitrary files from the filesystem of an affected device. These vulnerabilities are due to insufficient input va...
Cisco Identity Services Engine
Cisco Identity Services Engine 3.2
6.5
CVSSv3
CVE-2022-20819
A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote malicious user to obtain sensitive information from an affected device. This vulnerability exists because administrative privilege levels for sensiti...
Cisco Identity Services Engine 2.4.0.357
Cisco Identity Services Engine 2.6.0.156
Cisco Identity Services Engine
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »