Cisco Identity Services Engine Periodic Backup Password Disclosure Vulnerability

A vulnerability in the periodic backup functionality of Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote attacker to discover the password used to encrypt the backup on the system.

The vulnerability is due to improper processing of certain client requests by the affected software. An attacker could exploit this vulnerability by submitting a crafted request that is designed to trigger the issue in the affected software. If the request is processed, Cisco ISE could generate a reply that contains the backup password. An attacker could use this password to decrypt the backup on the system and disclose sensitive information.

Cisco has confirmed the vulnerability in a security notice and released updated software.

To exploit the vulnerability, the attacker may need access to trusted or internal networks to transmit a crafted request to the targeted system. This access requirement could limit the likelihood of a successful exploit.