CVE-2024-20251

A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to perform a stored cross-site scripting (XSS) attack against a user of the interface on an affected device. This vulnerability exists because the web-based management interface does not properly validate user-supplied input. An attacker could exploit this vulnerability by injecting malicious code into specific pages of the interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information.

Published: Jan 17, 2024
Updated: Jan 27, 2024
CVE: CVE-2024-20251
Severity: Medium
Exploit:

CVSS v3:

Severity: Medium
Score: 5.4
AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

CWEs:

CWE-79

OWASP TOP 10:

A7 - Cross-Site Scripting (XSS)

Affected Software
References

Software	From	Fixed in
cisco / identity_services_engine	1.4(0.253)	1.4(0.253).x
cisco / identity_services_engine	2.0(0.169)	2.0(0.169).x
cisco / identity_services_engine	1.3(120.135)	1.3(120.135).x
cisco / identity_services_engine	2.0(0.222)	2.0(0.222).x
cisco / identity_services_engine	2.1(102.101)	2.1(102.101).x
cisco / identity_services_engine	2.1(0.800)	2.1(0.800).x
cisco / identity_services_engine	2.1(0.474)	2.1(0.474).x
cisco / identity_services_engine	1.4(0.181)	1.4(0.181).x
cisco / identity_services_engine	1.4(0.908)	1.4(0.908).x
cisco / identity_services_engine	1.2(1.199)	1.2(1.199).x
cisco / identity_services_engine	2.2(0.283)	2.2(0.283).x
cisco / identity_services_engine	2.0(0.147)	2.0(0.147).x
cisco / identity_services_engine	1.3(106.146)	1.3(106.146).x
cisco / identity_services_engine	1.3(0.876)	1.3(0.876).x
cisco / identity_services_engine	2.3(0.151)	2.3(0.151).x
cisco / identity_services_engine	2.0(1.130)	2.0(1.130).x
cisco / identity_services_engine	1.4(0.109)	1.4(0.109).x
cisco / identity_services_engine	1.3(0.722)	1.3(0.722).x
cisco / identity_services_engine	1.3(0.909)	1.3(0.909).x
cisco / identity_services_engine	1.4	1.4.x
cisco / identity_services_engine	2.0	2.0.x
cisco / identity_services_engine	2.0.1	2.0.1.x
cisco / identity_services_engine	2.0(0.249)	2.0(0.249).x
cisco / identity_services_engine	2.1(0.476)	2.1(0.476).x
cisco / identity_services_engine	2.2(0.471)	2.2(0.471).x
cisco / identity_services_engine	2.3(0.298)	2.3(0.298).x
cisco / identity_services_engine	2.0(0.234)	2.0(0.234).x
cisco / identity_services_engine	2.1(102.103)	2.1(102.103).x
cisco / identity_services_engine	2.1(0.904)	2.1(0.904).x
cisco / identity_services_engine	2.2(0.470)	2.2(0.470).x
cisco / identity_services_engine	2.2(1.145)	2.2(1.145).x
cisco / identity_services_engine	2.4(0.247)	2.4(0.247).x
cisco / identity_services_engine	2.2(0.903)	2.2(0.903).x
cisco / identity_services_engine	2.4(0.192)	2.4(0.192).x
cisco / identity_services_engine	2.0(0.306)	2.0(0.306).x
cisco / identity_services_engine	2.1(0.907)	2.1(0.907).x
cisco / identity_services_engine	2.2(0.909)	2.2(0.909).x
cisco / identity_services_engine	2.3(0.905)	2.3(0.905).x
cisco / identity_services_engine	2.4(0.357)	2.4(0.357).x
cisco / identity_services_engine	2.4(0.904)	2.4(0.904).x
cisco / identity_services_engine	2.4(100.159)	2.4(100.159).x
cisco / identity_services_engine	2.5(0.1)	2.5(0.1).x
cisco / identity_services_engine	2.2(0.910)	2.2(0.910).x
cisco / identity_services_engine	2.4(0.903)	2.4(0.903).x
cisco / identity_services_engine	2.4(0.901)	2.4(0.901).x
cisco / identity_services_engine	2.4(0.901.1)	2.4(0.901.1).x
cisco / identity_services_engine	2.5(0.353)	2.5(0.353).x
cisco / identity_services_engine	2.4(0.902)	2.4(0.902).x
cisco / identity_services_engine	2.5(0.225)	2.5(0.225).x
cisco / identity_services_engine	2.7(0.207)	2.7(0.207).x
cisco / identity_services_engine	2.6(0.156)	2.6(0.156).x
cisco / identity_services_engine	2.4.0-patch7	2.4.0-patch7.x
cisco / identity_services_engine	2.4.0-patch8	2.4.0-patch8.x
cisco / identity_services_engine	2.4.0-patch9	2.4.0-patch9.x
cisco / identity_services_engine	2.4.0-patch1	2.4.0-patch1.x
cisco / identity_services_engine	2.4.0-patch2	2.4.0-patch2.x
cisco / identity_services_engine	2.4.0-patch3	2.4.0-patch3.x
cisco / identity_services_engine	2.4.0-patch4	2.4.0-patch4.x
cisco / identity_services_engine	2.4.0-patch5	2.4.0-patch5.x
cisco / identity_services_engine	2.4.0-patch6	2.4.0-patch6.x
cisco / identity_services_engine	2.3.0-patch1	2.3.0-patch1.x
cisco / identity_services_engine	2.3.0-patch2	2.3.0-patch2.x
cisco / identity_services_engine	2.3.0-patch3	2.3.0-patch3.x
cisco / identity_services_engine	2.3.0-patch4	2.3.0-patch4.x
cisco / identity_services_engine	2.3.0-patch5	2.3.0-patch5.x
cisco / identity_services_engine	2.3.0-patch6	2.3.0-patch6.x
cisco / identity_services_engine	2.3.0	2.3.0.x
cisco / identity_services_engine	2.4.0.357	2.4.0.357.x
cisco / identity_services_engine	2.4.0.357-patch1	2.4.0.357-patch1.x
cisco / identity_services_engine	2.4.0.357-patch2	2.4.0.357-patch2.x
cisco / identity_services_engine	2.4.0.357-patch3	2.4.0.357-patch3.x
cisco / identity_services_engine	2.4.0.357-patch4	2.4.0.357-patch4.x
cisco / identity_services_engine	2.4.0.357-patch5	2.4.0.357-patch5.x
cisco / identity_services_engine	2.4.0.357-patch6	2.4.0.357-patch6.x
cisco / identity_services_engine	2.4.0.357-patch7	2.4.0.357-patch7.x
cisco / identity_services_engine	2.4.0.357-patch8	2.4.0.357-patch8.x
cisco / identity_services_engine	2.4.0.357-patch9	2.4.0.357-patch9.x
cisco / identity_services_engine	2.3.0.298	2.3.0.298.x
cisco / identity_services_engine	2.3.0.298-patch1	2.3.0.298-patch1.x
cisco / identity_services_engine	2.3.0.298-patch2	2.3.0.298-patch2.x
cisco / identity_services_engine	2.3.0.298-patch3	2.3.0.298-patch3.x
cisco / identity_services_engine	2.3.0.298-patch4	2.3.0.298-patch4.x
cisco / identity_services_engine	2.3.0.298-patch5	2.3.0.298-patch5.x
cisco / identity_services_engine	2.3.0.298-patch6	2.3.0.298-patch6.x
cisco / identity_services_engine	2.2	2.2.x
cisco / identity_services_engine	2.6.0-patch1	2.6.0-patch1.x
cisco / identity_services_engine	2.6.0-patch2	2.6.0-patch2.x
cisco / identity_services_engine	2.6.0-patch3	2.6.0-patch3.x
cisco / identity_services_engine	2.7	2.7.x
cisco / identity_services_engine	2.2.0.470	2.2.0.470.x
cisco / identity_services_engine	2.2.0.470-patch1	2.2.0.470-patch1.x
cisco / identity_services_engine	2.2.0.470-patch2	2.2.0.470-patch2.x
cisco / identity_services_engine	2.2.0.470-patch3	2.2.0.470-patch3.x
cisco / identity_services_engine	2.2.0.470-patch4	2.2.0.470-patch4.x
cisco / identity_services_engine	2.2.0.470-patch5	2.2.0.470-patch5.x
cisco / identity_services_engine	2.2.0.470-patch6	2.2.0.470-patch6.x
cisco / identity_services_engine	2.2.0.470-patch7	2.2.0.470-patch7.x
cisco / identity_services_engine	2.2.0.470-patch8	2.2.0.470-patch8.x
cisco / identity_services_engine	2.2.0.470-patch9	2.2.0.470-patch9.x
cisco / identity_services_engine	2.2.0.470-patch10	2.2.0.470-patch10.x
cisco / identity_services_engine	2.2.0.470-patch11	2.2.0.470-patch11.x
cisco / identity_services_engine	2.2.0.470-patch12	2.2.0.470-patch12.x
cisco / identity_services_engine	2.6.0-patch6	2.6.0-patch6.x
cisco / identity_services_engine	2.6.0-patch5	2.6.0-patch5.x
cisco / identity_services_engine	2.6.0	2.6.0.x
cisco / identity_services_engine	2.4.0-patch12	2.4.0-patch12.x
cisco / identity_services_engine	2.3.0-patch7	2.3.0-patch7.x
cisco / identity_services_engine	2.2.0-patch16	2.2.0-patch16.x
cisco / identity_services_engine	2.6.0-patch7	2.6.0-patch7.x
cisco / identity_services_engine	2.7.0-patch2	2.7.0-patch2.x
cisco / identity_services_engine	2.2.0.470-patch13	2.2.0.470-patch13.x
cisco / identity_services_engine	2.2.0.470-patch14	2.2.0.470-patch14.x
cisco / identity_services_engine	2.2.0.470-patch15	2.2.0.470-patch15.x
cisco / identity_services_engine	2.2.0.470-patch16	2.2.0.470-patch16.x
cisco / identity_services_engine	2.3.0.298-patch7	2.3.0.298-patch7.x
cisco / identity_services_engine	2.4.0.357-patch10	2.4.0.357-patch10.x
cisco / identity_services_engine	2.6.0.156-patch7	2.6.0.156-patch7.x
cisco / identity_services_engine	2.6.0.156-patch6	2.6.0.156-patch6.x
cisco / identity_services_engine	2.6.0.156-patch5	2.6.0.156-patch5.x
cisco / identity_services_engine	2.6.0.156-patch3	2.6.0.156-patch3.x
cisco / identity_services_engine	2.6.0.156-patch2	2.6.0.156-patch2.x
cisco / identity_services_engine	2.6.0.156-patch1	2.6.0.156-patch1.x
cisco / identity_services_engine	2.4.0.357-patch11	2.4.0.357-patch11.x
cisco / identity_services_engine	2.4.0.357-patch12	2.4.0.357-patch12.x
cisco / identity_services_engine	2.5	2.5.x
cisco / identity_services_engine	2.7.0.356-patch1	2.7.0.356-patch1.x
cisco / identity_services_engine	2.7(0.356)	2.7(0.356).x
cisco / identity_services_engine	2.6	2.6.x
cisco / identity_services_engine	3.0.0	3.0.0.x
cisco / identity_services_engine	3.0.0-patch1	3.0.0-patch1.x
cisco / identity_services_engine	2.7.0	2.7.0.x
cisco / identity_services_engine	2.6.0-patch8	2.6.0-patch8.x
cisco / identity_services_engine	2.4.0-patch13	2.4.0-patch13.x
cisco / identity_services_engine	2.4.0-patch11	2.4.0-patch11.x
cisco / identity_services_engine	2.4.0-patch10	2.4.0-patch10.x
cisco / identity_services_engine	2.4.0	2.4.0.x
cisco / identity_services_engine	3.1	3.1.x
cisco / identity_services_engine	3.0.0-patch2	3.0.0-patch2.x
cisco / identity_services_engine	2.7.0-patch1	2.7.0-patch1.x
cisco / identity_services_engine	2.6(0.999)	2.6(0.999).x
cisco / identity_services_engine	2.2.0-patch1	2.2.0-patch1.x
cisco / identity_services_engine	2.2.0-patch10	2.2.0-patch10.x
cisco / identity_services_engine	2.2.0-patch12	2.2.0-patch12.x
cisco / identity_services_engine	2.2.0-patch13	2.2.0-patch13.x
cisco / identity_services_engine	2.2.0-patch14	2.2.0-patch14.x
cisco / identity_services_engine	2.2.0-patch15	2.2.0-patch15.x
cisco / identity_services_engine	2.2.0-patch2	2.2.0-patch2.x
cisco / identity_services_engine	2.2.0-patch3	2.2.0-patch3.x
cisco / identity_services_engine	2.2.0-patch4	2.2.0-patch4.x
cisco / identity_services_engine	2.2.0-patch5	2.2.0-patch5.x
cisco / identity_services_engine	2.2.0-patch6	2.2.0-patch6.x
cisco / identity_services_engine	2.2.0-patch7	2.2.0-patch7.x
cisco / identity_services_engine	2.2.0-patch8	2.2.0-patch8.x
cisco / identity_services_engine	2.2.0-patch9	2.2.0-patch9.x
cisco / identity_services_engine	2.4.0-patch14	2.4.0-patch14.x
cisco / identity_services_engine	3.0.0-patch3	3.0.0-patch3.x
cisco / identity_services_engine	2.7.0-patch3	2.7.0-patch3.x
cisco / identity_services_engine	2.7.0-patch4	2.7.0-patch4.x
cisco / identity_services_engine	2.6.0-patch9	2.6.0-patch9.x
cisco / identity_services_engine	2.2.0-patch17	2.2.0-patch17.x
cisco / identity_services_engine	2.2.0	2.2.0.x
cisco / identity_services_engine	2.7(0.903)	2.7(0.903).x
cisco / identity_services_engine	3.0(0.458)	3.0(0.458).x
cisco / identity_services_engine	2.6.0-patch10	2.6.0-patch10.x
cisco / identity_services_engine	003.000(000.458)	003.000(000.458).x
cisco / identity_services_engine	002.007(000.356)	002.007(000.356).x
cisco / identity_services_engine	002.006(000.156)	002.006(000.156).x
cisco / identity_services_engine	002.004(000.914)	002.004(000.914).x
cisco / identity_services_engine	3.0.0-patch4	3.0.0-patch4.x
cisco / identity_services_engine	2.7.0-patch5	2.7.0-patch5.x
cisco / identity_services_engine	2.7.0-patch6	2.7.0-patch6.x
cisco / identity_services_engine	3.1-patch1	3.1-patch1.x
cisco / identity_services_engine	2.7.0-patch7	2.7.0-patch7.x
cisco / identity_services_engine	3.0.0-patch5	3.0.0-patch5.x
cisco / identity_services_engine	3.1-patch2	3.1-patch2.x
cisco / identity_services_engine	3.0.0-patch6	3.0.0-patch6.x
cisco / identity_services_engine	3.1-patch3	3.1-patch3.x
cisco / identity_services_engine	3.1-patch4	3.1-patch4.x
cisco / identity_services_engine	2.6.0-patch11	2.6.0-patch11.x
cisco / identity_services_engine	3.1-patch5	3.1-patch5.x
cisco / identity_services_engine	2.7.0-patch8	2.7.0-patch8.x
cisco / identity_services_engine	2.6.0-patch12	2.6.0-patch12.x
cisco / identity_services_engine	3.1-patch6	3.1-patch6.x
cisco / identity_services_engine	3.0.0-patch7	3.0.0-patch7.x
cisco / identity_services_engine	2.7.0-patch9	2.7.0-patch9.x
cisco / identity_services_engine	3.1-patch7	3.1-patch7.x
cisco / identity_services_engine	2.6.0-patch4	2.6.0-patch4.x
cisco / identity_services_engine	1.0	1.0.x
cisco / identity_services_engine	1.0.4	1.0.4.x
cisco / identity_services_engine	1.1	1.1.x
cisco / identity_services_engine	1.1.1	1.1.1.x
cisco / identity_services_engine	1.1.2	1.1.2.x
cisco / identity_services_engine	1.1.3	1.1.3.x
cisco / identity_services_engine	1.1.4	1.1.4.x
cisco / identity_services_engine	1.2	1.2.x
cisco / identity_services_engine	1.2.1	1.2.1.x
cisco / identity_services_engine	1.3	1.3.x
cisco / identity_services_engine	2.1	2.1.x
cisco / identity_services_engine	2.3	2.3.x
cisco / identity_services_engine	2.3(0.904)	2.3(0.904).x
cisco / identity_services_engine	2.4	2.4.x
cisco / identity_services_engine	2.4.0-patch_11	2.4.0-patch_11.x
cisco / identity_services_engine	3.2	3.2.x
cisco / identity_services_engine	3.2-patch1	3.2-patch1.x
cisco / identity_services_engine	3.2-patch2	3.2-patch2.x
cisco / identity_services_engine	3.2-patch3	3.2-patch3.x
cisco / identity_services_engine	3.2-patch4	3.2-patch4.x

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ISE-XSS-bL4VTML

Vulnerability Database

289,599

CVE-2024-20251