VYPR

Identity Services Engine Software

by Cisco Systems, Inc.

CVEs (215)

  • CVE-2023-20106May 18, 2023
    risk 0.00cvss epss 0.00

    Multiple vulnerabilities in Cisco Identity Services Engine (ISE) could allow an authenticated attacker to delete or read arbitrary files on the underlying operating system. To exploit these vulnerabilities, an attacker must have valid credentials on an affected device. For more…

  • CVE-2023-20171May 18, 2023
    risk 0.00cvss epss 0.00

    Multiple vulnerabilities in Cisco Identity Services Engine (ISE) could allow an authenticated attacker to delete or read arbitrary files on the underlying operating system. To exploit these vulnerabilities, an attacker must have valid credentials on an affected device. For more…

  • CVE-2023-20167May 18, 2023
    risk 0.00cvss epss 0.00

    Multiple vulnerabilities in Cisco Identity Services Engine (ISE) could allow an authenticated attacker to perform path traversal attacks on the underlying operating system to either elevate privileges to root or read arbitrary files. To exploit these vulnerabilities, an attacker…

  • CVE-2023-20164May 18, 2023
    risk 0.00cvss epss 0.01

    Multiple vulnerabilities in Cisco Identity Services Engine (ISE) could allow an authenticated attacker to perform command injection attacks on the underlying operating system and elevate privileges to root. To exploit these vulnerabilities, an attacker must have valid…

  • CVE-2023-20174May 18, 2023
    risk 0.00cvss epss 0.01

    Multiple vulnerabilities in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to read arbitrary files or conduct a server-side request forgery (SSRF) attack through an affected device. To exploit these…

  • CVE-2023-20163May 18, 2023
    risk 0.00cvss epss 0.01

    Multiple vulnerabilities in Cisco Identity Services Engine (ISE) could allow an authenticated attacker to perform command injection attacks on the underlying operating system and elevate privileges to root. To exploit these vulnerabilities, an attacker must have valid…

  • CVE-2023-20077May 18, 2023
    risk 0.00cvss epss 0.01

    Multiple vulnerabilities in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to download arbitrary files from the filesystem of an affected device. These vulnerabilities are due to insufficient input…

  • CVE-2023-20087May 18, 2023
    risk 0.00cvss epss 0.01

    Multiple vulnerabilities in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to download arbitrary files from the filesystem of an affected device. These vulnerabilities are due to insufficient input…

  • CVE-2023-20152Apr 5, 2023
    risk 0.00cvss epss 0.00

    Multiple vulnerabilities in specific Cisco Identity Services Engine (ISE) CLI commands could allow an authenticated, local attacker to perform command injection attacks on the underlying operating system and elevate privileges to root. To exploit these vulnerabilities, an…

  • CVE-2023-20121Apr 5, 2023
    risk 0.00cvss epss 0.00

    Multiple vulnerabilities in the restricted shell of Cisco Evolved Programmable Network Manager (EPNM), Cisco Identity Services Engine (ISE), and Cisco Prime Infrastructure could allow an authenticated, local attacker to escape the restricted shell and gain root privileges on the…

  • CVE-2023-20023Apr 5, 2023
    risk 0.00cvss epss 0.00

    Multiple vulnerabilities in specific Cisco Identity Services Engine (ISE) CLI commands could allow an authenticated, local attacker to perform command injection attacks on the underlying operating system and elevate privileges to root. To exploit these vulnerabilities, an…

  • CVE-2023-20021Apr 5, 2023
    risk 0.00cvss epss 0.00

    Multiple vulnerabilities in specific Cisco Identity Services Engine (ISE) CLI commands could allow an authenticated, local attacker to perform command injection attacks on the underlying operating system and elevate privileges to root. To exploit these vulnerabilities, an…

  • CVE-2023-20153Apr 5, 2023
    risk 0.00cvss epss 0.00

    Multiple vulnerabilities in specific Cisco Identity Services Engine (ISE) CLI commands could allow an authenticated, local attacker to perform command injection attacks on the underlying operating system and elevate privileges to root. To exploit these vulnerabilities, an…

  • CVE-2023-20122Apr 5, 2023
    risk 0.00cvss epss 0.00

    Multiple vulnerabilities in the restricted shell of Cisco Evolved Programmable Network Manager (EPNM), Cisco Identity Services Engine (ISE), and Cisco Prime Infrastructure could allow an authenticated, local attacker to escape the restricted shell and gain root privileges on the…

  • CVE-2023-20022Apr 5, 2023
    risk 0.00cvss epss 0.00

    Multiple vulnerabilities in specific Cisco Identity Services Engine (ISE) CLI commands could allow an authenticated, local attacker to perform command injection attacks on the underlying operating system and elevate privileges to root. To exploit these vulnerabilities, an…

  • CVE-2023-20030Apr 5, 2023
    risk 0.00cvss epss 0.01

    A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to access sensitive information, conduct a server-side request forgery (SSRF) attack through an affected device, or negatively impact the…

  • CVE-2023-20085Feb 16, 2023
    risk 0.00cvss epss 0.01

    A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. This…

  • CVE-2022-20967Jan 18, 2023
    risk 0.00cvss epss 0.01

    A vulnerability in the web-based management interface of Cisco Identity Services Engine could allow an authenticated, remote attacker to conduct cross-site scripting attacks against other users of the application web-based management interface. This vulnerability is due to…

  • CVE-2022-20964Jan 18, 2023
    risk 0.00cvss epss 0.31

    A vulnerability in the web-based management interface of Cisco Identity Services Engine could allow an authenticated, remote attacker to inject arbitrary commands on the underlying operating system. This vulnerability is due to improper validation of user input within…

  • CVE-2022-20966Jan 18, 2023
    risk 0.00cvss epss 0.28

    A vulnerability in the web-based management interface of Cisco Identity Services Engine could allow an authenticated, remote attacker to conduct cross-site scripting attacks against other users of the application web-based management interface. This vulnerability is due to…

Page 6 of 11