The Sponsor Portal in Cisco Identity Services Engine (ISE) uses weak permissions for uploaded files, which allows remote malicious users to read arbitrary files via a direct request, aka Bug ID CSCui67506.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
cisco identity_services_engine_software - |
||
cisco identity_services_engine - |