Vulnerabilities > Cisco > Identity Services Engine Software > 1.0.4.573

DATE CVE VULNERABILITY TITLE RISK
2019-10-16 CVE-2019-15282 Missing Authentication for Critical Function vulnerability in Cisco Identity Services Engine Software
A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) Software could allow an unauthenticated, remote attacker read tcpdump files generated on an affected device.
network
low complexity
cisco CWE-306
5.3
2019-10-16 CVE-2019-15281 Cross-site Scripting vulnerability in Cisco Identity Services Engine Software
A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) Software could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device.
network
low complexity
cisco CWE-79
4.8
2016-01-23 CVE-2015-6317 Improper Access Control vulnerability in Cisco Identity Services Engine Software
Cisco Identity Services Engine (ISE) before 2.0 allows remote authenticated users to bypass intended web-resource access restrictions via a direct request, aka Bug ID CSCuu45926.
network
low complexity
cisco CWE-284
6.5