CVE-2015-4182

2015-06-1214:59:04

CWE-264

[email protected]

web.nvd.nist.gov

CVSS2

5.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:S/C:P/I:P/A:N

AI Score

Confidence

Low

EPSS

0.001

Percentile

49.2%

JSON

The administrative web interface in Cisco Identity Services Engine (ISE) before 1.3 allows remote authenticated users to bypass intended access restrictions, and obtain sensitive information or change settings, via unspecified vectors, aka Bug ID CSCui72087.

Affected configurations

Nvd

Node

ciscoidentity_services_engine_softwareMatch1.0.4.573

ciscoidentity_services_engine_softwareMatch1.0_base

ciscoidentity_services_engine_softwareMatch1.1

ciscoidentity_services_engine_softwareMatch1.2

ciscoidentity_services_engine_softwareMatch1.2\(0.747\)

ciscoidentity_services_engine_softwareMatch1.2\(0.899\)

ciscoidentity_services_engine_softwareMatch1.2\(1.901\)

ciscoidentity_services_engine_softwareMatch1.3

ciscoidentity_services_engine_softwareMatch1.4

VendorProductVersionCPE
ciscoidentity_services_engine_software1.0.4.573cpe:2.3:a:cisco:identity_services_engine_software:1.0.4.573:*:*:*:*:*:*:*
ciscoidentity_services_engine_software1.0_basecpe:2.3:a:cisco:identity_services_engine_software:1.0_base:*:*:*:*:*:*:*
ciscoidentity_services_engine_software1.1cpe:2.3:a:cisco:identity_services_engine_software:1.1:*:*:*:*:*:*:*
ciscoidentity_services_engine_software1.2cpe:2.3:a:cisco:identity_services_engine_software:1.2:*:*:*:*:*:*:*
ciscoidentity_services_engine_software1.2(0.747)cpe:2.3:a:cisco:identity_services_engine_software:1.2\(0.747\):*:*:*:*:*:*:*
ciscoidentity_services_engine_software1.2(0.899)cpe:2.3:a:cisco:identity_services_engine_software:1.2\(0.899\):*:*:*:*:*:*:*
ciscoidentity_services_engine_software1.2(1.901)cpe:2.3:a:cisco:identity_services_engine_software:1.2\(1.901\):*:*:*:*:*:*:*
ciscoidentity_services_engine_software1.3cpe:2.3:a:cisco:identity_services_engine_software:1.3:*:*:*:*:*:*:*
ciscoidentity_services_engine_software1.4cpe:2.3:a:cisco:identity_services_engine_software:1.4:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
cisco	identity_services_engine_software	1.0.4.573	cpe:2.3:a:cisco:identity_services_engine_software:1.0.4.573:::::::*
cisco	identity_services_engine_software	1.0_base	cpe:2.3:a:cisco:identity_services_engine_software:1.0_base:::::::*
cisco	identity_services_engine_software	1.1	cpe:2.3:a:cisco:identity_services_engine_software:1.1:::::::*
cisco	identity_services_engine_software	1.2	cpe:2.3:a:cisco:identity_services_engine_software:1.2:::::::*
cisco	identity_services_engine_software	1.2(0.747)	cpe:2.3:a:cisco:identity_services_engine_software:1.2\(0.747\):::::::*
cisco	identity_services_engine_software	1.2(0.899)	cpe:2.3:a:cisco:identity_services_engine_software:1.2\(0.899\):::::::*
cisco	identity_services_engine_software	1.2(1.901)	cpe:2.3:a:cisco:identity_services_engine_software:1.2\(1.901\):::::::*
cisco	identity_services_engine_software	1.3	cpe:2.3:a:cisco:identity_services_engine_software:1.3:::::::*
cisco	identity_services_engine_software	1.4	cpe:2.3:a:cisco:identity_services_engine_software:1.4:::::::*