Vulnerabilities > Cisco > Identity Services Engine > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-11-02 | CVE-2017-12261 | Incorrect Authorization vulnerability in Cisco products A vulnerability in the restricted shell of the Cisco Identity Services Engine (ISE) that is accessible via SSH could allow an authenticated, local attacker to run arbitrary CLI commands with elevated privileges. | 7.8 |
| 2017-05-22 | CVE-2017-6653 | Allocation of Resources Without Limits or Throttling vulnerability in Cisco Identity Services Engine 2.1(0.474) A vulnerability in the TCP throttling process for the GUI of the Cisco Identity Services Engine (ISE) 2.1(0.474) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device where the ISE GUI may fail to respond to new or established connection requests. | 7.5 |
| 2016-12-14 | CVE-2016-9198 | Resource Management Errors vulnerability in Cisco Identity Services Engine 1.2(1.199) A vulnerability in the Active Directory integration component of Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote attacker to perform a denial of service (DoS) attack. | 7.5 |
| 2016-11-03 | CVE-2016-6453 | SQL Injection vulnerability in Cisco Identity Services Engine 1.3(0.876) A vulnerability in the web framework code of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to execute arbitrary SQL commands on the database. | 7.3 |