Cisco Identity Services Engine (ISE) prior to 2.0 allows remote authenticated users to bypass intended web-resource access restrictions via a direct request, aka Bug ID CSCuu45926.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
cisco identity services engine software 1.3\\(120.135\\) |
||
cisco identity services engine software 1.3\\(106.146\\) |
||
cisco identity services engine software 1.2.1 |
||
cisco identity services engine software 1.1.4 |
||
cisco identity services engine software 1.1.3 |
||
cisco identity services engine software 1.1.2 |
||
cisco identity services engine software 1.1.1 |
||
cisco identity services engine software 1.0.4.573 |
||
cisco identity services engine software 1.0_mr_base |
||
cisco identity services engine software 1.2\\(1.198\\) |
||
cisco identity services engine software 1.4\\(0.109\\) |
||
cisco identity services engine software 1.2\\(0.793\\) |
||
cisco identity services engine software 1.2.0.899 |
||
cisco identity services engine software 1.2\\(0.747\\) |
||
cisco identity services engine software 1.2_base |
||
cisco identity services engine software 1.1_base |
||
cisco identity services engine software 1.3\\(0.722\\) |
||
cisco identity services engine software 1.2\\(1.901\\) |
||
cisco identity services engine software 1.0_base |
||
cisco identity services engine software 1.4\\(0.253\\) |
||
cisco identity services engine software 1.4\\(0.181\\) |
||
cisco identity services engine software 1.3\\(0.876\\) |
Wi-Fi gear, WLAN controllers, ISE get security patches
Cisco sysadmins have a busy day ahead of them, with vulnerabilities announced in wireless LAN controllers, the Cisco Identity Services Engine, and Aironet access points. The Aironet 1800 series flaw, CVE-2015-6336, is that old favorite: a hardcoded static password granting access to the device. Luckily, the account with the hardwired credential doesn't have admin privilege, so Cisco reckons its exposure is limited to denial-of-service attacks. The access points that need updating are the 1830e, ...