QID 317275
Date Published: 2022-11-21
QID 317275: Cisco Identity Services Engine (ISE) Insufficient Access Control Vulnerability (cisco-sa-ise-access-contol-EeufSUCx)
A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to bypass authorization and access system files.
Affected Products
Cisco ISE following vulnerable versions:
Cisco ISE 3.1
Cisco ISE 3.2
Note: Cisco ISE releases 3.1P4 and 3.2 reduce the impact of this vulnerability by preventing files from being downloaded. The files can still be listed and deleted. This fix is tracked in CSCwb75965.
Note: Cisco ISE releases 3.1P4 and 3.2P1 further reduce the impact of this vulnerability by limiting the accessible files to the localdisk folder only. For more information about the localdisk folder, see the ISE 3.1 Release Notes. This fix is tracked in CSCwc62413.
Note: Patch for the version 3.1 and 3.2 will be updated once vendor updates the patch information.
QID Detection Logic (Authenticated):
The check matches the Cisco ISE version and ise_patch retrieved via Unix Auth using "show version" command.
A successful exploit could allow the attacker to list, download, and delete certain files that they should not have access to.
Customers are advised to refer to cisco-sa-ise-access-contol-EeufSUCx for more information.
- cisco-sa-ise-access-contol-EeufSUCx -
tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-access-contol-EeufSUCx
CVEs related to QID 317275
| Advisory ID | Software | Component | Link |
|---|---|---|---|
| cisco-sa-ise-access-contol-EeufSUCx |
tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-access-contol-EeufSUCx |