Vulnerabilities > Cisco > Identity Services Engine Software > 1.4

DATE	CVE	VULNERABILITY TITLE	RISK
2019-10-16	CVE-2019-15282	Missing Authentication for Critical Function vulnerability in Cisco Identity Services Engine Software A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) Software could allow an unauthenticated, remote attacker read tcpdump files generated on an affected device. network low complexity cisco CWE-306	5.0
2019-10-16	CVE-2019-15281	Cross-site Scripting vulnerability in Cisco Identity Services Engine Software A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) Software could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. network cisco CWE-79	3.5
2015-06-12	CVE-2015-4182	Permissions, Privileges, and Access Controls vulnerability in Cisco Identity Services Engine Software The administrative web interface in Cisco Identity Services Engine (ISE) before 1.3 allows remote authenticated users to bypass intended access restrictions, and obtain sensitive information or change settings, via unspecified vectors, aka Bug ID CSCui72087. network low complexity cisco CWE-264	5.5

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.