Executive Summary
| Summary | |
|---|---|
| Title | Cisco Identity Services Engine Unauthorized Access Vulnerability |
| Informations | |||
|---|---|---|---|
| Name | cisco-sa-20160113-ise | First vendor Publication | 2016-01-13 |
| Vendor | Cisco | Last vendor Modification | 2016-01-13 |
| Severity (Vendor) | N/A | Revision | N/A |
Security-Database Scoring CVSS v3
| Cvss vector : N/A | |||
|---|---|---|---|
| Overall CVSS Score | NA | ||
| Base Score | NA | Environmental Score | NA |
| impact SubScore | NA | Temporal Score | NA |
| Exploitabality Sub Score | NA | ||
| Calculate full CVSS 3.0 Vectors scores | |||
Security-Database Scoring CVSS v2
| Cvss vector : (AV:N/AC:L/Au:N/C:C/I:C/A:C) | |||
|---|---|---|---|
| Cvss Base Score | 10 | Attack Range | Network |
| Cvss Impact Score | 10 | Attack Complexity | Low |
| Cvss Expoit Score | 10 | Authentication | None Required |
| Calculate full CVSS 2.0 Vectors scores | |||
Detail
| A vulnerability in the Admin portal of devices running Cisco Identity Services Engine (ISE) software could allow an unauthenticated, remote attacker to gain unauthorized access to an affected device. An attacker who can connect to the Admin portal of an affected device could potentially exploit this vulnerability. A successful exploit may result in a complete compromise of the affected device. Customers are advised to apply a patch or upgrade to a version of Cisco ISE software that resolves this vulnerability. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160113-ise BEGIN PGP SIGNATURE Comment: GPGTools - http://gpgtools.org iQIcBAEBCAAGBQJWlny2AAoJEIpI1I6i1Mx3eEcQAIRqkvk1kK4y5bDKzv0T5Gqu kBIqY0e4nyGdj6p3K7+o4TEv388pGrlwlPT9TUnyvreHJ/MQ2h+5q+ekowYrDUEB mapfb8gU3x28NXKZJQNK2m6SEKroTFT/vhzalMUZNJz8XLHYR+10XC4T7TXfHs77 qAj1BC3NaKMzUO3kVxvG65qgo5i9sdD4yBPmPvVzk4s4WPh2yhc7eFO/qeoayIyV EXpI6YaegO5mArV9qhqTpz+/uoaDhQ7FP+ZaNuV0qylcgkZAjFS7sw6PtfLKiUMH BUGccr4FI8nGB5DR3xZhOWbXpWrcOUSzkpjwC1Ip1zkK8ievBXgG3EiZbmbEZgVN R3XXy4c1gTE+WiDEGBAeeU++HPr3R8/ZYsKueam6cmRXziLQj2o1L3nTu6XCdqI2 Qi4RcgC3pHJwjVSjM7NJcdGUmEabmvf5v0Hm8lXSyklHcNHXi3oAZgJJ4fQAeuIY MiwJvZCiZ8rlf8V6n1RWa6z5KPiHNxhyAMWdCi5ObkjIHx/Bc9SchvGO8EvLY30e 5CJcIqmNmbs0O+WrdZPdpcz+yHHK2j5l0M/Zs8+h4+jJdiINeV/KpKQkfv+Y0wsg MiBk88gLpyCWXPHcpSx4pObmuMj/uAJs/J1e+LMhc6WDQ9hjUV6Gu5jgDdc9arPD VFOybhYGwVeOBSRVwndo =HUXg END PGP SIGNATURE _______________________________________________ cust-security-announce mailing list cust-security-announce@cisco.com To unsubscribe, send the command "unsubscribe" in the subject of your message to cust-security-announce-leave@cisco.com |
Original Source
| Url : http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco (...) |
CPE : Common Platform Enumeration
Snort® IPS/IDS
| Date | Description |
|---|---|
| 2016-03-14 | Cisco Identity Services Engine default password authentication attempt RuleID : 37358 - Revision : 1 - Type : SERVER-WEBAPP |
Nessus® Vulnerability Scanner
| Date | Description |
|---|---|
| 2017-03-01 | Name : An identity and access control policy management application running on the r... File : cisco-sa-20160113-ise.nasl - Type : ACT_GATHER_INFO |
Alert History
| Date | Informations |
|---|---|
| 2017-03-02 13:24:50 |
|
| 2016-02-11 08:49:06 |
|
| 2016-02-11 05:29:00 |
|
| 2016-02-11 00:29:19 |
|
| 2016-02-10 21:29:25 |
|
| 2016-02-10 17:29:05 |
|
| 2016-02-10 13:27:58 |
|
| 2016-02-10 09:29:01 |
|
| 2016-02-10 05:29:16 |
|
| 2016-02-10 00:29:16 |
|
| 2016-02-09 21:30:16 |
|
| 2016-02-09 17:30:24 |
|
| 2016-02-09 13:31:22 |
|
| 2016-01-13 21:23:55 |
|
