Описание
The web framework in Cisco Identity Services Engine (ISE) 1.0 and 1.1.0 before 1.1.0.665-5, 1.1.1 before 1.1.1.268-7, 1.1.2 before 1.1.2.145-10, 1.1.3 before 1.1.3.124-7, 1.1.4 before 1.1.4.218-7, and 1.2 before 1.2.0.899-2 allows remote authenticated users to execute arbitrary commands via a crafted session on TCP port 443, aka Bug ID CSCuh81511.
Ссылки
- Vendor Advisory
- Third Party AdvisoryUS Government Resource
- Vendor Advisory
- Third Party AdvisoryUS Government Resource
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:cisco:identity_services_engine_software:1.0:*:*:*:*:*:*:*
cpe:2.3:a:cisco:identity_services_engine_software:1.1:*:*:*:*:*:*:*
cpe:2.3:a:cisco:identity_services_engine_software:1.1.1:*:*:*:*:*:*:*
cpe:2.3:a:cisco:identity_services_engine_software:1.1.2:*:*:*:*:*:*:*
cpe:2.3:a:cisco:identity_services_engine_software:1.1.3:*:*:*:*:*:*:*
cpe:2.3:a:cisco:identity_services_engine_software:1.1.4:*:*:*:*:*:*:*
cpe:2.3:a:cisco:identity_services_engine_software:1.2:*:*:*:*:*:*:*
EPSS
Процентиль: 37%
0.00163
Низкий
9 Critical
CVSS2
Дефекты
CWE-78
Связанные уязвимости
github
больше 3 лет назад
The web framework in Cisco Identity Services Engine (ISE) 1.0 and 1.1.0 before 1.1.0.665-5, 1.1.1 before 1.1.1.268-7, 1.1.2 before 1.1.2.145-10, 1.1.3 before 1.1.3.124-7, 1.1.4 before 1.1.4.218-7, and 1.2 before 1.2.0.899-2 allows remote authenticated users to execute arbitrary commands via a crafted session on TCP port 443, aka Bug ID CSCuh81511.
EPSS
Процентиль: 37%
0.00163
Низкий
9 Critical
CVSS2
Дефекты
CWE-78