CVEs (165)
CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS |
|---|
1Cisco 2Identity Services Engine Identity Services Engine SoftwareApr 29, 2026 Oct 16, 2013 N/A· v4 N/A· v3 5.0 MEDIUM· v2 The Sponsor Portal in Cisco Identity Services Engine (ISE) uses weak permissions for uploaded files, which allows remote attackers to read arbitrary files via a direct request, aka Bug ID CSCui67506. |
The firewall subsystem in Cisco Identity Services Engine has an incorrect rule for open ports, which allows remote attackers to cause a denial of service (CPU consumption or process crash) via a flood of malformed IP pac...Show more |
1Cisco 2Identity Services Engine Identity Services Engine SoftwareApr 29, 2026 Jul 18, 2013 N/A· v4 N/A· v3 6.8 MEDIUM· v2 Cross-site request forgery (CSRF) vulnerability in the web framework on the Cisco Identity Services Engine (ISE) allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCuh25506. |
1Cisco 2Identity Services Engine Identity Services Engine SoftwareApr 29, 2026 Sep 16, 2012 N/A· v4 N/A· v3 6.8 MEDIUM· v2 Multiple cross-site request forgery (CSRF) vulnerabilities in the ISE Administrator user interface (aka the Apache Tomcat interface) on Cisco Identity Services Engine (ISE) 3300 series appliances before 1.1.0.665 Cumulat...Show more |
1Cisco 2Identity Services Engine Identity Services Engine SoftwareApr 29, 2026 Sep 21, 2011 N/A· v4 N/A· v3 10.0 HIGH· v2 Cisco Identity Services Engine (ISE) before 1.0.4.MR2 has default Oracle database credentials, which allows remote attackers to modify settings or perform unspecified other administrative actions via unknown vectors, aka...Show more |