Vulnerabilities > Cisco > Identity Services Engine > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-06-15 | CVE-2022-20819 | Improper Privilege Management vulnerability in Cisco Identity Services Engine A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to obtain sensitive information from an affected device. | 6.5 |
2022-04-06 | CVE-2022-20782 | Improper Privilege Management vulnerability in Cisco Identity Services Engine A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to obtain sensitive information from an affected device. | 6.5 |
2021-10-21 | CVE-2021-34738 | Cross-site Scripting vulnerability in Cisco Identity Services Engine Multiple vulnerabilities in the web-based management interface of Cisco Identity Services Engine (ISE) Software could allow an attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. | 6.1 |
2021-10-21 | CVE-2021-40121 | Cross-site Scripting vulnerability in Cisco Identity Services Engine Multiple vulnerabilities in the web-based management interface of Cisco Identity Services Engine (ISE) Software could allow an attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. | 4.8 |
2021-10-21 | CVE-2021-40123 | Incorrect Default Permissions vulnerability in Cisco Identity Services Engine A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker with administrative read-only privileges to download files that should be restricted. | 6.5 |
2021-10-06 | CVE-2021-34702 | Unspecified vulnerability in Cisco Identity Services Engine A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to obtain sensitive information. | 4.3 |
2021-10-06 | CVE-2021-34706 | XXE vulnerability in Cisco Identity Services Engine A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to access sensitive information or conduct a server-side request forgery (SSRF) attack through an affected device. | 5.4 |
2021-09-02 | CVE-2021-34759 | Cross-site Scripting vulnerability in Cisco Identity Services Engine A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) Software could allow an authenticated, remote attacker with administrative credentials to conduct a cross-site scripting (XSS) attack against a user of the interface. | 4.8 |
2021-07-08 | CVE-2021-1603 | Cross-site Scripting vulnerability in Cisco Identity Services Engine Multiple vulnerabilities in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user. | 4.8 |
2021-07-08 | CVE-2021-1604 | Cross-site Scripting vulnerability in Cisco Identity Services Engine Multiple vulnerabilities in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user. | 4.8 |