Vulnerabilities > CVE-2023-20106 - Unspecified vulnerability in Cisco Identity Services Engine 3.1/3.2

CVSS 3.8 - LOW

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

HIGH

Confidentiality impact

LOW

Integrity impact

LOW

Availability impact

NONE

network

low complexity

cisco

NVD

Published: 2023-05-18

Updated: 2023-11-07

Summary

Multiple vulnerabilities in Cisco Identity Services Engine (ISE) could allow an authenticated attacker to delete or read arbitrary files on the underlying operating system. To exploit these vulnerabilities, an attacker must have valid credentials on an affected device. For more information about these vulnerabilities, see the Details section of this advisory.

Vulnerable Configurations

Part	Description	Count
Application	Cisco Cisco Identity Services Engine 3.1 Cisco Identity Services Engine 3.2	7

References

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-file-delete-read-PK5ghDDd