Cisco Identity_services_engine
21 CVEs affecting Cisco Identity_services_engine. Latest disclosed: 2025-02-05. Critical: 1, High: 5.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2017-6747 | Critical | 9.8 | 2017-08-07 | A vulnerability in the authentication module of Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote attacker to bypass local authentica… |
CVE-2017-12261 | High | 7.8 | 2017-11-02 | A vulnerability in the restricted shell of the Cisco Identity Services Engine (ISE) that is accessible via SSH could allow an authenticated, local attacker to… |
CVE-2017-6653 | High | 7.5 | 2017-05-22 | A vulnerability in the TCP throttling process for the GUI of the Cisco Identity Services Engine (ISE) 2.1(0.474) could allow an unauthenticated, remote attacke… |
CVE-2016-9198 | High | 7.5 | 2016-12-14 | A vulnerability in the Active Directory integration component of Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote attacker to perfor… |
CVE-2016-1402 | High | 7.5 | 2016-05-21 | The Active Directory (AD) integration component in Cisco Identity Service Engine (ISE) before 1.2.0.899 patch 7, when AD group-membership authorization is enab… |
CVE-2016-6453 | High | 7.3 | 2016-11-03 | A vulnerability in the web framework code of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to execute arbitrary SQL comman… |
CVE-2017-6733 | Medium | 6.1 | 2017-07-10 | A vulnerability in the web-based application interface of the Cisco Identity Services Engine (ISE) portal could allow an unauthenticated, remote attacker to co… |
CVE-2017-6701 | Medium | 6.1 | 2017-07-04 | A vulnerability in the web application interface of the Cisco Identity Services Engine (ISE) portal could allow an unauthenticated, remote attacker to conduct… |
CVE-2017-6734 | Medium | 5.4 | 2017-07-10 | A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) Software could allow an authenticated, remote attacker to conduct… |
CVE-2017-6605 | Medium | 5.4 | 2017-07-04 | A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to conduct a reflec… |
CVE-2025-20205 | Medium | 4.8 | 2025-02-05 | Multiple vulnerabilities in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to conduct… |
CVE-2025-20204 | Medium | 4.8 | 2025-02-05 | Multiple vulnerabilities in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to conduct… |
CVE-2014-0680 | | 2014-01-29 | Cross-site scripting (XSS) vulnerability in the HTTP control interface in the NAC Web Agent component in Cisco Identity Services Engine (ISE) allows remote att… | |
CVE-2013-5541 | | 2013-10-16 | Cross-site scripting (XSS) vulnerability in the file-upload interface in Cisco Identity Services Engine (ISE) allows remote authenticated users to inject arbit… | |
CVE-2013-5540 | | 2013-10-16 | The file-upload feature in Cisco Identity Services Engine (ISE) allows remote authenticated users to cause a denial of service (disk consumption and administra… | |
CVE-2013-5539 | | 2013-10-16 | The upload-dialog implementation in Cisco Identity Services Engine (ISE) allows remote authenticated users to upload files with an arbitrary file type, and con… | |
CVE-2013-5538 | | 2013-10-16 | The Sponsor Portal in Cisco Identity Services Engine (ISE) uses weak permissions for uploaded files, which allows remote attackers to read arbitrary files via… | |
CVE-2013-3445 | | 2013-07-29 | The firewall subsystem in Cisco Identity Services Engine has an incorrect rule for open ports, which allows remote attackers to cause a denial of service (CPU… | |
CVE-2013-3420 | | 2013-07-18 | Cross-site request forgery (CSRF) vulnerability in the web framework on the Cisco Identity Services Engine (ISE) allows remote attackers to hijack the authenti… | |
CVE-2012-3908 | | 2012-09-16 | Multiple cross-site request forgery (CSRF) vulnerabilities in the ISE Administrator user interface (aka the Apache Tomcat interface) on Cisco Identity Services… |