Vulnerabilities > Cisco > Identity Services Engine > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-06-15 | CVE-2022-20733 | Unspecified vulnerability in Cisco Identity Services Engine 3.1 A vulnerability in the login page of Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote attacker to log in without credentials and access all roles without any restrictions. | 9.8 |
| 2021-12-10 | CVE-2021-44228 | Deserialization of Untrusted Data vulnerability in multiple products Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1) JNDI features used in configuration, log messages, and parameters do not protect against attacker controlled LDAP and other JNDI related endpoints. network low complexity apache siemens intel debian fedoraproject sonicwall netapp cisco snowsoftware bentley percussion apple CWE-502 critical | 10.0 |
| 2011-09-21 | CVE-2011-3290 | Credentials Management vulnerability in Cisco products Cisco Identity Services Engine (ISE) before 1.0.4.MR2 has default Oracle database credentials, which allows remote attackers to modify settings or perform unspecified other administrative actions via unknown vectors, aka Bug ID CSCts59135. | 10.0 |