Vulnerabilities > Cisco > Identity Services Engine > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-04-06 | CVE-2022-20756 | Unspecified vulnerability in Cisco Identity Services Engine A vulnerability in the RADIUS feature of Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote attacker to cause the affected system to stop processing RADIUS packets. | 7.5 |
| 2021-10-06 | CVE-2021-1594 | OS Command Injection vulnerability in Cisco Identity Services Engine A vulnerability in the REST API of Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote attacker to perform a command injection attack and elevate privileges to root. | 8.1 |
| 2020-10-08 | CVE-2020-3467 | Incorrect Authorization vulnerability in Cisco Identity Services Engine A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to modify parts of the configuration on an affected device. | 7.7 |
| 2019-04-17 | CVE-2019-1718 | Unspecified vulnerability in Cisco Identity Services Engine 2.1(0.907) A vulnerability in the web interface of Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote attacker to trigger high CPU usage, resulting in a denial of service (DoS) condition. | 7.5 |
| 2019-01-23 | CVE-2018-15459 | Unspecified vulnerability in Cisco Identity Services Engine 2.3(0.298)/2.5(0.1) A vulnerability in the administrative web interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to gain additional privileges on an affected device. | 7.2 |
| 2018-05-17 | CVE-2018-0277 | Improper Certificate Validation vulnerability in Cisco Identity Services Engine A vulnerability in the Extensible Authentication Protocol-Transport Layer Security (EAP-TLS) certificate validation during EAP authentication for the Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote attacker to cause the ISE application server to restart unexpectedly, causing a denial of service (DoS) condition on an affected system. | 8.6 |
| 2018-03-08 | CVE-2018-0213 | Improper Input Validation vulnerability in Cisco Identity Services Engine 2.1(0.904) A vulnerability in the credential reset functionality for Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to gain elevated privileges. | 8.8 |
| 2017-11-02 | CVE-2017-12261 | Incorrect Authorization vulnerability in Cisco products A vulnerability in the restricted shell of the Cisco Identity Services Engine (ISE) that is accessible via SSH could allow an authenticated, local attacker to run arbitrary CLI commands with elevated privileges. | 7.8 |
| 2017-05-22 | CVE-2017-6653 | Allocation of Resources Without Limits or Throttling vulnerability in Cisco Identity Services Engine 2.1(0.474) A vulnerability in the TCP throttling process for the GUI of the Cisco Identity Services Engine (ISE) 2.1(0.474) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device where the ISE GUI may fail to respond to new or established connection requests. | 7.5 |
| 2016-12-14 | CVE-2016-9198 | Resource Management Errors vulnerability in Cisco Identity Services Engine 1.2(1.199) A vulnerability in the Active Directory integration component of Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote attacker to perform a denial of service (DoS) attack. | 7.5 |