Vulnerabilities > Cisco > Identity Services Engine

DATE CVE VULNERABILITY TITLE RISK
2020-07-02 CVE-2020-3340 Cross-site Scripting vulnerability in Cisco Identity Services Engine
Multiple vulnerabilities in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker with administrative credentials to conduct a cross-site scripting (XSS) attack against a user of the interface.
network
low complexity
cisco CWE-79
4.8
2020-06-03 CVE-2020-3353 Race Condition vulnerability in Cisco Identity Services Engine 2.2.0.470/2.3.0.298/2.4.0.357
A vulnerability in the syslog processing engine of Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.
network
high complexity
cisco CWE-362
5.9
2020-03-04 CVE-2020-3157 Cross-site Scripting vulnerability in Cisco Identity Services Engine
A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based interface.
network
low complexity
cisco CWE-79
5.4
2020-02-19 CVE-2020-3156 Cross-site Scripting vulnerability in Cisco Identity Services Engine 2.6.0/2.7
A vulnerability in the logging component of Cisco Identity Services Engine could allow an unauthenticated remote attacker to conduct cross-site scripting attacks.
network
low complexity
cisco CWE-79
6.1
2020-02-05 CVE-2020-3149 Cross-site Scripting vulnerability in Cisco Identity Services Engine
A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) Software could allow an authenticated, remote attacker to perform a stored cross-site scripting (XSS) attack on an affected device.
network
low complexity
cisco CWE-79
4.8
2020-01-26 CVE-2019-15255 Unspecified vulnerability in Cisco Identity Services Engine 2.2/2.2(0.470)
A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to bypass authorization and access sensitive information related to the device.
network
low complexity
cisco
6.5
2019-10-16 CVE-2019-12638 Cross-site Scripting vulnerability in Cisco Identity Services Engine
A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the web-based management interface.
network
low complexity
cisco CWE-79
5.4
2019-10-16 CVE-2019-12637 Cross-site Scripting vulnerability in Cisco Identity Services Engine
Multiple vulnerabilities in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the web-based management interface.
network
low complexity
cisco CWE-79
5.4
2019-10-02 CVE-2019-12631 Cross-site Scripting vulnerability in Cisco Identity Services Engine
A vulnerability in the web-based guest portal of Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface.
network
low complexity
cisco CWE-79
6.1
2019-09-05 CVE-2019-12644 Cross-site Scripting vulnerability in Cisco Identity Services Engine
A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device.
network
low complexity
cisco CWE-79
6.1