Cisco

Identity Services Engine

140 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
8.8

CVE-2023-20175

  • EPSS 0.1%
  • Published 01.11.2023 18:15:09
  • Last modified 21.11.2024 07:40:44

A vulnerability in a specific Cisco ISE CLI command could allow an authenticated, local attacker to perform command injection attacks on the underlying operating system and elevate privileges to root. To exploit this vulnerability, an attacker must h...

7.2

CVE-2023-20196

  • EPSS 0.42%
  • Published 01.11.2023 18:15:09
  • Last modified 21.11.2024 07:40:48

Two vulnerabilities in Cisco ISE could allow an authenticated, remote attacker to upload arbitrary files to an affected device. To exploit these vulnerabilities, an attacker must have valid Administrator credentials on the affected device. These vuln...

7.2

CVE-2023-20195

  • EPSS 0.42%
  • Published 01.11.2023 17:15:11
  • Last modified 21.11.2024 07:40:48

Two vulnerabilities in Cisco ISE could allow an authenticated, remote attacker to upload arbitrary files to an affected device. To exploit these vulnerabilities, an attacker must have valid Administrator credentials on the affected device. These vuln...

4.3

CVE-2023-20213

  • EPSS 0.04%
  • Published 01.11.2023 17:15:11
  • Last modified 21.11.2024 07:40:54

A vulnerability in the CDP processing feature of Cisco ISE could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition of the CDP process on an affected device. This vulnerability is due to insufficient bounds check...

6.7

CVE-2023-20193

  • EPSS 0.03%
  • Published 07.09.2023 20:15:07
  • Last modified 21.11.2024 07:40:48

A vulnerability in the Embedded Service Router (ESR) of Cisco ISE could allow an authenticated, local attacker to read, write, or delete arbitrary files on the underlying operating system and escalate their privileges to root. To exploit this vulnera...

4.9

CVE-2023-20194

  • EPSS 0.06%
  • Published 07.09.2023 20:15:07
  • Last modified 21.11.2024 07:40:48

A vulnerability in the ERS API of Cisco ISE could allow an authenticated, remote attacker to read arbitrary files on the underlying operating system of an affected device. To exploit this vulnerability, an attacker must have valid Administrator-level...

8.6

CVE-2023-20243

  • EPSS 0.38%
  • Published 06.09.2023 18:15:08
  • Last modified 21.11.2024 07:40:58

A vulnerability in the RADIUS message processing feature of Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote attacker to cause the affected system to stop processing RADIUS packets. This vulnerability is due to improper ...

6.5

CVE-2023-20111

  • EPSS 0.15%
  • Published 16.08.2023 22:15:10
  • Last modified 21.11.2024 07:40:34

A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to access sensitive information. This vulnerability is due to the improper storage of sensitive information...

7.2

CVE-2023-20163

  • EPSS 0.35%
  • Published 18.05.2023 03:15:10
  • Last modified 21.11.2024 07:40:43

Multiple vulnerabilities in Cisco Identity Services Engine (ISE) could allow an authenticated attacker to perform command injection attacks on the underlying operating system and elevate privileges to root. To exploit these vulnerabilities, an attack...

7.2

CVE-2023-20164

  • EPSS 0.35%
  • Published 18.05.2023 03:15:10
  • Last modified 21.11.2024 07:40:43

Multiple vulnerabilities in Cisco Identity Services Engine (ISE) could allow an authenticated attacker to perform command injection attacks on the underlying operating system and elevate privileges to root. To exploit these vulnerabilities, an attack...