Cisco

Identity Services Engine

146 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.7

CVE-2023-20023

  • EPSS 0.06%
  • Veröffentlicht 05.04.2023 16:15:07
  • Zuletzt bearbeitet 21.11.2024 07:40:22

Multiple vulnerabilities in specific Cisco Identity Services Engine (ISE) CLI commands could allow an authenticated, local attacker to perform command injection attacks on the underlying operating system and elevate privileges to root. To exploit the...

6

CVE-2023-20030

  • EPSS 0.19%
  • Veröffentlicht 05.04.2023 16:15:07
  • Zuletzt bearbeitet 21.11.2024 07:40:23

A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to access sensitive information, conduct a server-side request forgery (SSRF) attack through an affected devic...

6.7

CVE-2023-20021

  • EPSS 0.06%
  • Veröffentlicht 05.04.2023 15:15:06
  • Zuletzt bearbeitet 21.11.2024 07:40:22

Multiple vulnerabilities in specific Cisco Identity Services Engine (ISE) CLI commands could allow an authenticated, local attacker to perform command injection attacks on the underlying operating system and elevate privileges to root. To exploit the...

6.1

CVE-2023-20085

  • EPSS 0.16%
  • Veröffentlicht 01.03.2023 08:15:12
  • Zuletzt bearbeitet 21.11.2024 07:40:31

A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an af...

5.4

CVE-2022-20965

  • EPSS 0.02%
  • Veröffentlicht 20.01.2023 07:15:11
  • Zuletzt bearbeitet 21.11.2024 06:43:55

A vulnerability in the web-based management interface of Cisco Identity Services Engine could allow an authenticated, remote attacker to take privileges actions within the web-based management interface. This vulnerability is due to improper acces...

5.4

CVE-2022-20966

  • EPSS 3.87%
  • Veröffentlicht 20.01.2023 07:15:11
  • Zuletzt bearbeitet 21.11.2024 06:43:56

A vulnerability in the web-based management interface of Cisco Identity Services Engine could allow an authenticated, remote attacker to conduct cross-site scripting attacks against other users of the application web-based management interface. Th...

5.4

CVE-2022-20967

  • EPSS 0.07%
  • Veröffentlicht 20.01.2023 07:15:11
  • Zuletzt bearbeitet 21.11.2024 06:43:56

A vulnerability in the web-based management interface of Cisco Identity Services Engine could allow an authenticated, remote attacker to conduct cross-site scripting attacks against other users of the application web-based management interface. Th...

8.8

CVE-2022-20964

  • EPSS 4.95%
  • Veröffentlicht 20.01.2023 07:15:10
  • Zuletzt bearbeitet 21.11.2024 06:43:55

A vulnerability in the web-based management interface of Cisco Identity Services Engine could allow an authenticated, remote attacker to inject arbitrary commands on the underlying operating system. This vulnerability is due to improper validation...

5.3

CVE-2022-20937

  • EPSS 0.4%
  • Veröffentlicht 04.11.2022 18:15:11
  • Zuletzt bearbeitet 21.11.2024 06:43:51

A vulnerability in a feature that monitors RADIUS requests on Cisco Identity Services Engine (ISE) Software could allow an unauthenticated, remote attacker to negatively affect the performance of an affected device. This vulnerability is due to in...

8.8

CVE-2022-20956

  • EPSS 0.08%
  • Veröffentlicht 04.11.2022 18:15:11
  • Zuletzt bearbeitet 21.11.2024 06:43:54

A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to bypass authorization and access system files. This vulnerability is due to improper access control in th...