Vulnerabilities > Cisco > Identity Services Engine Software > 2.4.0.223
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-10-16 | CVE-2019-15282 | Missing Authentication for Critical Function vulnerability in Cisco Identity Services Engine Software A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) Software could allow an unauthenticated, remote attacker read tcpdump files generated on an affected device. | 5.0 |
| 2019-10-16 | CVE-2019-15281 | Cross-site Scripting vulnerability in Cisco Identity Services Engine Software A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) Software could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. | 3.5 |
| 2018-05-17 | CVE-2018-0289 | Cross-site Scripting vulnerability in Cisco Identity Services Engine Software 2.3(0.298)/2.4(0.223) A vulnerability in the logs component of Cisco Identity Services Engine could allow an unauthenticated, remote attacker to conduct cross-site scripting attacks. | 4.3 |