CVE-2015-4182

The administrative web interface in Cisco Identity Services Engine (ISE) before 1.3 allows remote authenticated users to bypass intended access restrictions, and obtain sensitive information or change settings, via unspecified vectors, aka Bug ID CSCui72087.

Published: Jun 12, 2015
Updated: Apr 13, 2023
CVE: CVE-2015-4182
Severity: Medium
Exploit:

CVSS v2:

Severity: Medium
Score: 5.5
AV:N/AC:L/Au:S/C:P/I:P/A:N

CWEs:

CWE-264

Affected Software
References

Software	From	Fixed in
cisco / identity_services_engine_software	1.1	1.1.x
cisco / identity_services_engine_software	1.2	1.2.x
cisco / identity_services_engine_software	1.0.4.573	1.0.4.573.x
cisco / identity_services_engine_software	1.2(1.901)	1.2(1.901).x
cisco / identity_services_engine_software	1.4	1.4.x
cisco / identity_services_engine_software	1.2(0.747)	1.2(0.747).x
cisco / identity_services_engine_software	1.2(0.899)	1.2(0.899).x
cisco / identity_services_engine_software	1.0_base	1.0_base.x
cisco / identity_services_engine_software	1.3	1.3.x

Vulnerability Database

289,697

CVE-2015-4182