Cisco

Identity Services Engine

146 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
8.8

CVE-2022-20961

  • EPSS 0.64%
  • Veröffentlicht 04.11.2022 18:15:11
  • Zuletzt bearbeitet 21.11.2024 06:43:55

A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack and perform arbitrary actions on an affected device. ...

8.8

CVE-2022-20962

  • EPSS 0.1%
  • Veröffentlicht 04.11.2022 18:15:11
  • Zuletzt bearbeitet 21.11.2024 06:43:55

A vulnerability in the Localdisk Management feature of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to make unauthorized changes to the file system of an affected device. This vulnerability is due to insuffici...

5.4

CVE-2022-20963

  • EPSS 0.15%
  • Veröffentlicht 04.11.2022 18:15:11
  • Zuletzt bearbeitet 21.11.2024 06:43:55

A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affe...

5.4

CVE-2022-20959

  • EPSS 0.23%
  • Veröffentlicht 26.10.2022 15:15:15
  • Zuletzt bearbeitet 21.11.2024 06:43:55

A vulnerability in the External RESTful Services (ERS) API of Cisco Identity Services Engine (ISE) Software could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface of an affected de...

8.1

CVE-2022-20822

  • EPSS 0.26%
  • Veröffentlicht 26.10.2022 15:15:14
  • Zuletzt bearbeitet 21.11.2024 06:43:37

A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to read and delete files on an affected device. This vulnerability is due to insufficient validation of user-s...

4.9

CVE-2022-20914

  • EPSS 0.16%
  • Veröffentlicht 10.08.2022 09:15:08
  • Zuletzt bearbeitet 21.11.2024 06:43:48

A vulnerability in the External RESTful Services (ERS) API of Cisco Identity Services Engine (ISE) Software could allow an authenticated, remote attacker to obtain sensitive information. This vulnerability is due to excessive verbosity in a specific ...

6.5

CVE-2022-20819

  • EPSS 0.17%
  • Veröffentlicht 15.06.2022 18:15:09
  • Zuletzt bearbeitet 21.11.2024 06:43:37

A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to obtain sensitive information from an affected device. This vulnerability exists because administrative priv...

9.8

CVE-2022-20733

  • EPSS 0.52%
  • Veröffentlicht 15.06.2022 18:15:08
  • Zuletzt bearbeitet 21.11.2024 06:43:26

A vulnerability in the login page of Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote attacker to log in without credentials and access all roles without any restrictions. This vulnerability is due to exposed sensitive Secu...

7.5

CVE-2022-20756

  • EPSS 1.13%
  • Veröffentlicht 06.04.2022 19:15:08
  • Zuletzt bearbeitet 21.11.2024 06:43:29

A vulnerability in the RADIUS feature of Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote attacker to cause the affected system to stop processing RADIUS packets. This vulnerability is due to improper handling of certain RA...

6.5

CVE-2022-20782

  • EPSS 0.17%
  • Veröffentlicht 06.04.2022 19:15:08
  • Zuletzt bearbeitet 21.11.2024 06:43:32

A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to obtain sensitive information from an affected device. This vulnerability is due to improper enforcement of ...