Cisco ISE Support Information Download Authentication Bypass Vulnerability

A vulnerability in the implementation of the authentication code that is used to validate requests to download a product support bundle could allow an unauthenticated, remote attacker to download a full product support bundle.

The vulnerability is due to an error in the logic that is used to validate support bundle access requests. An attacker could exploit this vulnerability by sending a crafted request to the vulnerable system. An exploit could allow an attacker to obtain a full copy of the product configuration or other sensitive information including administrative credentials.

Cisco confirmed the vulnerability in a security advisory and released software updates.

A successful exploit could allow an attacker to gain access to information in support packages stored on the targeted system. The file contents may include authentication credentials that could allow the attacker to conduct further exploits against the targeted system or other related systems.