Lucene search
CiscoCVE-2015-6323HistoryJan 15, 2016 - 3:59 a.m.
CVE-2015-6323
2016-01-1503:59:06
cisco
web.nvd.nist.gov
39
cisco
ise
admin portal
remote access
cve-2015-6323
security vulnerability
nvd
CVSS2
10
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
9.3
Confidence
High
EPSS
0.004
Percentile
73.6%
The Admin portal in Cisco Identity Services Engine (ISE) 1.1.x, 1.2.0 before patch 17, 1.2.1 before patch 8, 1.3 before patch 5, and 1.4 before patch 4 allows remote attackers to obtain administrative access via unspecified vectors, aka Bug ID CSCuw34253.
Affected configurations
Node
ciscoidentity_services_engine_softwareMatch1.1.1
ORciscoidentity_services_engine_softwareMatch1.1.1p1
ORciscoidentity_services_engine_softwareMatch1.1.1p2
ORciscoidentity_services_engine_softwareMatch1.1.1p3
ORciscoidentity_services_engine_softwareMatch1.1.1p4
ORciscoidentity_services_engine_softwareMatch1.1.1p5
ORciscoidentity_services_engine_softwareMatch1.1.1p6
ORciscoidentity_services_engine_softwareMatch1.1.2
ORciscoidentity_services_engine_softwareMatch1.1.2p1
ORciscoidentity_services_engine_softwareMatch1.1.2p2
ORciscoidentity_services_engine_softwareMatch1.1.2p3
ORciscoidentity_services_engine_softwareMatch1.1.2p4
ORciscoidentity_services_engine_softwareMatch1.1.2p5
ORciscoidentity_services_engine_softwareMatch1.1.2p6
ORciscoidentity_services_engine_softwareMatch1.1.2p7
ORciscoidentity_services_engine_softwareMatch1.1.2p8
ORciscoidentity_services_engine_softwareMatch1.1.2p9
ORciscoidentity_services_engine_softwareMatch1.1.3
ORciscoidentity_services_engine_softwareMatch1.1.3p1
ORciscoidentity_services_engine_softwareMatch1.1.3p2
ORciscoidentity_services_engine_softwareMatch1.1.3p3
ORciscoidentity_services_engine_softwareMatch1.1.3p4
ORciscoidentity_services_engine_softwareMatch1.1.3p5
ORciscoidentity_services_engine_softwareMatch1.1.3p6
ORciscoidentity_services_engine_softwareMatch1.1.3p7
ORciscoidentity_services_engine_softwareMatch1.1.4
ORciscoidentity_services_engine_softwareMatch1.1.4p1
ORciscoidentity_services_engine_softwareMatch1.1.4p2
ORciscoidentity_services_engine_softwareMatch1.1.4p3
ORciscoidentity_services_engine_softwareMatch1.1.4p4
ORciscoidentity_services_engine_softwareMatch1.1.4p5
ORciscoidentity_services_engine_softwareMatch1.1.4p6
ORciscoidentity_services_engine_softwareMatch1.1.4p7
ORciscoidentity_services_engine_softwareMatch1.1_base
ORciscoidentity_services_engine_softwareMatch1.2\(0.747\)
ORciscoidentity_services_engine_softwareMatch1.2\(0.793\)
ORciscoidentity_services_engine_softwareMatch1.2\(1.198\)
ORciscoidentity_services_engine_softwareMatch1.2\(1.901\)
ORciscoidentity_services_engine_softwareMatch1.2.0.899p14
ORciscoidentity_services_engine_softwareMatch1.2.1
ORciscoidentity_services_engine_softwareMatch1.2.1p1
ORciscoidentity_services_engine_softwareMatch1.2.1p2
ORciscoidentity_services_engine_softwareMatch1.2_base
ORciscoidentity_services_engine_softwareMatch1.3\(0.722\)
ORciscoidentity_services_engine_softwareMatch1.3\(0.876\)
ORciscoidentity_services_engine_softwareMatch1.3\(106.146\)
ORciscoidentity_services_engine_softwareMatch1.3\(120.135\)
ORciscoidentity_services_engine_softwareMatch1.4\(0.109\)
ORciscoidentity_services_engine_softwareMatch1.4\(0.181\)
ORciscoidentity_services_engine_softwareMatch1.4\(0.253\)
| Vendor | Product | Version | CPE |
|---|---|---|---|
| cisco | identity_services_engine_software | 1.1.1 | cpe:2.3:a:cisco:identity_services_engine_software:1.1.1:*:*:*:*:*:*:* |
| cisco | identity_services_engine_software | 1.1.1 | cpe:2.3:a:cisco:identity_services_engine_software:1.1.1:p1:*:*:*:*:*:* |
| cisco | identity_services_engine_software | 1.1.1 | cpe:2.3:a:cisco:identity_services_engine_software:1.1.1:p2:*:*:*:*:*:* |
| cisco | identity_services_engine_software | 1.1.1 | cpe:2.3:a:cisco:identity_services_engine_software:1.1.1:p3:*:*:*:*:*:* |
| cisco | identity_services_engine_software | 1.1.1 | cpe:2.3:a:cisco:identity_services_engine_software:1.1.1:p4:*:*:*:*:*:* |
| cisco | identity_services_engine_software | 1.1.1 | cpe:2.3:a:cisco:identity_services_engine_software:1.1.1:p5:*:*:*:*:*:* |
| cisco | identity_services_engine_software | 1.1.1 | cpe:2.3:a:cisco:identity_services_engine_software:1.1.1:p6:*:*:*:*:*:* |
| cisco | identity_services_engine_software | 1.1.2 | cpe:2.3:a:cisco:identity_services_engine_software:1.1.2:*:*:*:*:*:*:* |
| cisco | identity_services_engine_software | 1.1.2 | cpe:2.3:a:cisco:identity_services_engine_software:1.1.2:p1:*:*:*:*:*:* |
| cisco | identity_services_engine_software | 1.1.2 | cpe:2.3:a:cisco:identity_services_engine_software:1.1.2:p2:*:*:*:*:*:* |
Related
cisco
cisco
Cisco Identity Services Engine Unauthorized Access Vulnerability
2016-01-13 16:00:00
cvelist
cvelist
CVE-2015-6323
2016-01-15 02:00:00
openvas
openvas
Cisco Identity Services Engine Unauthorized Access Vulnerability
2016-01-14 00:00:00
nvd
nvd
CVE-2015-6323
2016-01-15 03:59:06
nessus
nessus
Cisco Identify Services Engine (ISE) Admin Portal Unauthorized Access
2017-03-01 00:00:00
prion
prion
Code injection
2016-01-15 03:59:00
CVSS2
10
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
9.3
Confidence
High
EPSS
0.004
Percentile
73.6%
Related for CVE-2015-6323