Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cisco identity services engine software - vulnerabilities and exploits
(subscribe to this query)
6.7
CVSSv3
CVE-2023-20193
A vulnerability in the Embedded Service Router (ESR) of Cisco ISE could allow an authenticated, local malicious user to read, write, or delete arbitrary files on the underlying operating system and escalate their privileges to root. To exploit this vulnerability, an attacker must...
Cisco Identity Services Engine
1 Article
4.9
CVSSv3
CVE-2023-20194
A vulnerability in the ERS API of Cisco ISE could allow an authenticated, remote malicious user to read arbitrary files on the underlying operating system of an affected device. To exploit this vulnerability, an attacker must have valid Administrator-level privileges on the affec...
Cisco Identity Services Engine
Cisco Identity Services Engine 3.0.0
Cisco Identity Services Engine 3.1
Cisco Identity Services Engine 3.2
1 Article
8.6
CVSSv3
CVE-2023-20243
A vulnerability in the RADIUS message processing feature of Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote malicious user to cause the affected system to stop processing RADIUS packets. This vulnerability is due to improper handling of certain RADIUS ...
Cisco Identity Services Engine 3.1
Cisco Identity Services Engine 3.2
6.5
CVSSv3
CVE-2023-20111
A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote malicious user to access sensitive information. This vulnerability is due to the improper storage of sensitive information within the web-based manag...
Cisco Identity Services Engine
Cisco Identity Services Engine 2.7.0
Cisco Identity Services Engine 3.0.0
Cisco Identity Services Engine 3.1
6.5
CVSSv3
CVE-2023-20077
Multiple vulnerabilities in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote malicious user to download arbitrary files from the filesystem of an affected device. These vulnerabilities are due to insufficient input va...
Cisco Identity Services Engine
Cisco Identity Services Engine 3.2
6.7
CVSSv3
CVE-2023-20166
Multiple vulnerabilities in Cisco Identity Services Engine (ISE) could allow an authenticated malicious user to perform path traversal attacks on the underlying operating system to either elevate privileges to root or read arbitrary files. To exploit these vulnerabilities, an att...
Cisco Identity Services Engine 3.2
6.5
CVSSv3
CVE-2023-20171
Multiple vulnerabilities in Cisco Identity Services Engine (ISE) could allow an authenticated malicious user to delete or read arbitrary files on the underlying operating system. To exploit these vulnerabilities, an attacker must have valid credentials on an affected device. For ...
Cisco Identity Services Engine 3.1
Cisco Identity Services Engine 3.2
4.9
CVSSv3
CVE-2023-20172
Multiple vulnerabilities in Cisco Identity Services Engine (ISE) could allow an authenticated malicious user to delete or read arbitrary files on the underlying operating system. To exploit these vulnerabilities, an attacker must have valid credentials on an affected device. For ...
Cisco Identity Services Engine 3.1
Cisco Identity Services Engine 3.2
4.9
CVSSv3
CVE-2023-20174
Multiple vulnerabilities in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote malicious user to read arbitrary files or conduct a server-side request forgery (SSRF) attack through an affected device. To exploit these v...
Cisco Identity Services Engine
Cisco Identity Services Engine 3.0.0
Cisco Identity Services Engine 3.1
Cisco Identity Services Engine 3.2
6.5
CVSSv3
CVE-2023-20087
Multiple vulnerabilities in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote malicious user to download arbitrary files from the filesystem of an affected device. These vulnerabilities are due to insufficient input va...
Cisco Identity Services Engine
Cisco Identity Services Engine 3.2
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-22120
CVE-2024-35921
CVE-2024-35874
brute force
CVE-2024-36080
unprivileged
CVE-2024-35917
IDOR
CVE-2024-4947
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »