Описание
The Sponsor Portal in Cisco Identity Services Engine (ISE) uses weak permissions for uploaded files, which allows remote attackers to read arbitrary files via a direct request, aka Bug ID CSCui67506.
Уязвимые конфигурации
Конфигурация 1
Одновременно
cpe:2.3:a:cisco:identity_services_engine_software:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:identity_services_engine:-:*:*:*:*:*:*:*
EPSS
Процентиль: 41%
0.0019
Низкий
5 Medium
CVSS2
Дефекты
CWE-264
Связанные уязвимости
github
больше 3 лет назад
The Sponsor Portal in Cisco Identity Services Engine (ISE) uses weak permissions for uploaded files, which allows remote attackers to read arbitrary files via a direct request, aka Bug ID CSCui67506.
EPSS
Процентиль: 41%
0.0019
Низкий
5 Medium
CVSS2
Дефекты
CWE-264