Home/Product/cisco identity services engine
Product

cisco identity services engine

165 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
CVE-2026-20076
<= 3.1.0
A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote
4.8MEDIUM
 CVE-2026-20047
< 3.2
A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) and Cisco ISE Passive Identity Conne
4.8MEDIUM
 CVE-2025-20343
all versions
A vulnerability in the RADIUS setting Reject RADIUS requests from clients with repeated failures on Cisco Identity Services Engine
8.6HIGH
 CVE-2025-20305
<= 3.1.0
A vulnerability in the web-based management interface of Cisco ISE could allow an authenticated, remote attacker to obtain sensiti
4.3MEDIUM
 CVE-2025-20304
<= 3.1.0
Multiple vulnerabilities in the web-based management interface of Cisco ISE and Cisco ISE-PIC could allow an authenticated, remote
5.4MEDIUM
 CVE-2025-20303
<= 3.1.0
Multiple vulnerabilities in the web-based management interface of Cisco ISE and Cisco ISE-PIC could allow an authenticated, remote
5.4MEDIUM
 CVE-2025-20289
<= 3.1.0
Multiple vulnerabilities in the web-based management interface of Cisco ISE and Cisco ISE-PIC could allow an authenticated, remote
4.8MEDIUM
 CVE-2025-20337
all versions
A vulnerability in a specific API of Cisco ISE and Cisco ISE-PIC could allow an unauthenticated, remote attacker to execute arbitr
10.0CRITICAL
 CVE-2025-20285
< 3.3.0
A vulnerability in the IP Access Restriction feature of Cisco ISE and Cisco ISE-PIC could allow an authenticated, remote attacker
4.1MEDIUM
 CVE-2025-20284
< 3.3.0
A vulnerability in a specific API of Cisco ISE and Cisco ISE-PIC could allow an authenticated, remote attacker to execute arbitrar
6.5MEDIUM
 CVE-2025-20283
< 3.3.0
A vulnerability in a specific API of Cisco ISE and Cisco ISE-PIC could allow an authenticated, remote attacker to execute arbitrar
6.5MEDIUM
 CVE-2025-20282
all versions
A vulnerability in an internal API of Cisco ISE and Cisco ISE-PIC could allow an unauthenticated, remote attacker to upload arbitr
10.0CRITICAL
 CVE-2025-20281
all versions
A vulnerability in a specific API of Cisco ISE and Cisco ISE-PIC could allow an unauthenticated, remote attacker to execute arbitr
10.0CRITICAL
 CVE-2025-20264
all versions
A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote
6.4MEDIUM
 CVE-2025-20286
all versions
A vulnerability in Amazon Web Services (AWS), Microsoft Azure, and Oracle Cloud Infrastructure (OCI) cloud deployments of Cisco Id
9.9CRITICAL
 CVE-2025-20130
< 3.1.0
A vulnerability in the API of Cisco Identity Services Engine (ISE) and Cisco ISE Passive Identity Connector (ISE-PIC) could allow
4.9MEDIUM
 CVE-2025-20267
< 3.2.0
A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote
4.8MEDIUM
 CVE-2025-20152
all versions
A vulnerability in the RADIUS message processing feature of Cisco Identity Services Engine (ISE) could allow an unauthenticated, r
8.6HIGH
 CVE-2025-20205
>= 3.0.0 and < 3.2
Multiple vulnerabilities in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticate
4.8MEDIUM
 CVE-2025-20204
>= 3.0.0 and < 3.2
Multiple vulnerabilities in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticate
4.8MEDIUM
 CVE-2025-20125
< 3.1
A vulnerability in an API of Cisco ISE could allow an authenticated, remote attacker with valid read-only credentials to obtain se
9.1CRITICAL
 CVE-2025-20124
< 3.1
A vulnerability in an API of Cisco ISE could allow an authenticated, remote attacker to execute arbitrary commands as the root use
9.9CRITICAL
 CVE-2020-3525
all versions
A vulnerability in the Admin portal of Cisco&nbsp;Identity Services Engine (ISE) could allow an authenticated, remote attacker to
4.3MEDIUM
 CVE-2024-20539
all versions
A vulnerability in the web-based management interface of Cisco ISE could allow an authenticated, remote attacker to conduct a stor
4.8MEDIUM
 CVE-2024-20538
all versions
A vulnerability in the web-based management interface of Cisco ISE could allow an unauthenticated, remote attacker to conduct an X
6.1MEDIUM
 CVE-2024-20537
all versions
A vulnerability in the web-based management interface of Cisco ISE could allow an authenticated, remote attacker to bypass the aut
6.5MEDIUM
 CVE-2024-20532
>= 3.0.0 and < 3.1.0
A vulnerability in the API of Cisco ISE could allow an authenticated, remote attacker to read and delete arbitrary files on an aff
5.5MEDIUM
 CVE-2024-20531
all versions
A vulnerability in the API of Cisco ISE could allow an authenticated, remote attacker to read arbitrary files on the underlying op
5.5MEDIUM
 CVE-2024-20530
all versions
A vulnerability in the web-based management interface of Cisco ISE could allow an unauthenticated, remote attacker to conduct an X
6.1MEDIUM
 CVE-2024-20529
>= 3.0.0 and < 3.1.0
A vulnerability in the API of Cisco ISE could allow an authenticated, remote attacker to read and delete arbitrary files on an aff
5.5MEDIUM
 CVE-2024-20528
>= 3.0.0 and < 3.1.0
A vulnerability in the API of Cisco ISE could allow an authenticated, remote attacker to upload files to arbitrary locations on th
3.8LOW
 CVE-2024-20527
>= 3.0.0 and < 3.1.0
A vulnerability in the API of Cisco ISE could allow an authenticated, remote attacker to read and delete arbitrary files on an aff
5.5MEDIUM
 CVE-2024-20525
all versions
A vulnerability in the web-based management interface of Cisco ISE could allow an unauthenticated, remote attacker to conduct an X
6.1MEDIUM
 CVE-2024-20487
>= 3.0.0 and < 3.1.0
A vulnerability in the web-based management interface of Cisco ISE could allow an authenticated, remote attacker to conduct a stor
4.3MEDIUM
 CVE-2024-20476
< 3.1
A vulnerability in the web-based management interface of Cisco ISE could allow an authenticated, remote attacker to bypass the aut
4.3MEDIUM
 CVE-2024-20515
all versions
A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote
6.5MEDIUM
 CVE-2024-20469
all versions
A vulnerability in specific CLI commands in Cisco Identity Services Engine (ISE) could allow an authenticated, local attacker to p
6.0MEDIUM
 CVE-2024-20486
>= 2.7.0 and < 3.1
A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an unauthenticated, remo
6.5MEDIUM
 CVE-2024-20466
>= 2.7.0 and < 3.1
A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote
6.5MEDIUM
 CVE-2024-20417
> 3.0.0 and <= 3.1
Multiple vulnerabilities in the REST API of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to
6.5MEDIUM
 CVE-2024-20479
all versions
A vulnerability in the web-based management interface of Cisco ISE could allow an authenticated, remote attacker to conduct an XSS
4.8MEDIUM
 CVE-2024-20443
all versions
A vulnerability in the web-based management interface of Cisco ISE could allow an authenticated, remote attacker to conduct an XSS
5.4MEDIUM
 CVE-2024-20296
>= 3.0.0 and < 3.1
A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote
4.7MEDIUM
 CVE-2024-20368
>= 2.7.0 and < 3.1.0
A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an unauthenticated, remo
6.5MEDIUM
 CVE-2024-20332
all versions
A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote
5.5MEDIUM
 CVE-2024-20251
all versions
A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote
4.8MEDIUM
 CVE-2023-20272
all versions
A vulnerability in the web-based management interface of Cisco Identity Services Engine could allow an authenticated, remote attac
6.7MEDIUM
 CVE-2023-20208
all versions
A vulnerability in the web-based management interface of Cisco ISE could allow an authenticated, remote attacker to conduct an XSS
4.8MEDIUM
 CVE-2023-20196
all versions
Two vulnerabilities in Cisco ISE could allow an authenticated, remote attacker to upload arbitrary files to an affected device. To
4.7MEDIUM
 CVE-2023-20175
all versions
A vulnerability in a specific Cisco ISE CLI command could allow an authenticated, local attacker to perform command injection atta
8.8HIGH
 CVE-2023-20170
all versions
A vulnerability in a specific Cisco ISE CLI command could allow an authenticated, local attacker to perform command injection atta
6.0MEDIUM
 CVE-2023-20213
all versions
A vulnerability in the CDP processing feature of Cisco ISE could allow an unauthenticated, adjacent attacker to cause a denial of
4.3MEDIUM
 CVE-2023-20195
all versions
Two vulnerabilities in Cisco ISE could allow an authenticated, remote attacker to upload arbitrary files to an affected device. To
4.7MEDIUM
 CVE-2023-20194
<= 2.7
A vulnerability in the ERS API of Cisco ISE could allow an authenticated, remote attacker to read arbitrary files on the underlyin
4.9MEDIUM
 CVE-2023-20193
<= 2.7
A vulnerability in the Embedded Service Router (ESR) of Cisco ISE could allow an authenticated, local attacker to read, write, or
6.0MEDIUM
 CVE-2023-20243
all versions
A vulnerability in the RADIUS message processing feature of Cisco Identity Services Engine (ISE) could allow an unauthenticated, r
8.6HIGH
 CVE-2023-20111
<= 2.6.0
A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote
6.5MEDIUM
 CVE-2023-20174
< 3.0.0
Multiple vulnerabilities in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticate
4.9MEDIUM
 CVE-2023-20173
< 3.0.0
Multiple vulnerabilities in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticate
4.9MEDIUM
 CVE-2023-20172
all versions
Multiple vulnerabilities in Cisco Identity Services Engine (ISE) could allow an authenticated attacker to delete or read arbitrary
5.4MEDIUM
 CVE-2023-20171
all versions
Multiple vulnerabilities in Cisco Identity Services Engine (ISE) could allow an authenticated attacker to delete or read arbitrary
5.4MEDIUM
 CVE-2023-20167
< 3.1
Multiple vulnerabilities in Cisco Identity Services Engine (ISE) could allow an authenticated attacker to perform path traversal a
6.0MEDIUM
 CVE-2023-20166
all versions
Multiple vulnerabilities in Cisco Identity Services Engine (ISE) could allow an authenticated attacker to perform path traversal a
6.0MEDIUM
 CVE-2023-20164
<= 2.7
Multiple vulnerabilities in Cisco Identity Services Engine (ISE) could allow an authenticated attacker to perform command injectio
6.5MEDIUM
 CVE-2023-20163
<= 2.7
Multiple vulnerabilities in Cisco Identity Services Engine (ISE) could allow an authenticated attacker to perform command injectio
6.5MEDIUM
 CVE-2023-20106
all versions
Multiple vulnerabilities in Cisco Identity Services Engine (ISE) could allow an authenticated attacker to delete or read arbitrary
5.4MEDIUM
 CVE-2023-20087
<= 3.1
Multiple vulnerabilities in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticate
4.9MEDIUM
 CVE-2023-20077
<= 3.1
Multiple vulnerabilities in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticate
4.9MEDIUM
 CVE-2023-20153
all versions
Multiple vulnerabilities in specific Cisco Identity Services Engine (ISE) CLI commands could allow an authenticated, local attacke
6.0MEDIUM
 CVE-2023-20122
all versions
Multiple vulnerabilities in the restricted shell of Cisco Evolved Programmable Network Manager (EPNM), Cisco Identity Services Eng
6.0MEDIUM
 CVE-2023-20121
all versions
Multiple vulnerabilities in the restricted shell of Cisco Evolved Programmable Network Manager (EPNM), Cisco Identity Services Eng
6.0MEDIUM
 CVE-2023-20152
all versions
Multiple vulnerabilities in specific Cisco Identity Services Engine (ISE) CLI commands could allow an authenticated, local attacke
6.0MEDIUM
 CVE-2023-20030
< 3.2
A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote
6.0MEDIUM
 CVE-2023-20023
all versions
Multiple vulnerabilities in specific Cisco Identity Services Engine (ISE) CLI commands could allow an authenticated, local attacke
6.0MEDIUM
 CVE-2023-20022
all versions
Multiple vulnerabilities in specific Cisco Identity Services Engine (ISE) CLI commands could allow an authenticated, local attacke
6.0MEDIUM
 CVE-2023-20021
all versions
Multiple vulnerabilities in specific Cisco Identity Services Engine (ISE) CLI commands could allow an authenticated, local attacke
6.0MEDIUM
 CVE-2023-20085
all versions
A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an unauthenticated, remo
6.1MEDIUM
 CVE-2022-20967
< 2.6.0
A vulnerability in the web-based management interface of Cisco Identity Services Engine could allow an authenticated, remote attac
4.8MEDIUM
 CVE-2022-20966
< 2.6.0
A vulnerability in the web-based management interface of Cisco Identity Services Engine could allow an authenticated, remote attac
5.4MEDIUM
 CVE-2022-20965
< 2.6.0
A vulnerability in the web-based management interface of Cisco Identity Services Engine could allow an authenticated, remote attac
4.3MEDIUM
 CVE-2022-20964
< 2.6.0
A vulnerability in the web-based management interface of Cisco Identity Services Engine could allow an authenticated, remote attac
6.3MEDIUM
 CVE-2022-20963
< 2.7.0
A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote
5.4MEDIUM
 CVE-2022-20962
all versions
A vulnerability in the Localdisk Management feature of Cisco Identity Services Engine (ISE) could allow an authenticated, remote a
3.8LOW
 CVE-2022-20961
< 2.6.0
A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an unauthenticated, remo
8.8HIGH
 CVE-2022-20956
all versions
A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote
7.1HIGH
 CVE-2022-20937
< 2.7.0
A vulnerability in a feature that monitors RADIUS requests on Cisco Identity Services Engine (ISE) Software could allow an unauthe
5.3MEDIUM
 CVE-2022-20959
>= 2.4 and < 2.7.0
A vulnerability in the External RESTful Services (ERS) API of Cisco Identity Services Engine (ISE) Software could allow an authent
6.1MEDIUM
 CVE-2022-20822
all versions
A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote
7.1HIGH
 CVE-2022-20914
>= 2.4.0 and < 2.6.0
A vulnerability in the External RESTful Services (ERS) API of Cisco Identity Services Engine (ISE) Software could allow an authent
4.9MEDIUM
 CVE-2022-20819
< 2.4.0.357
A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote
6.5MEDIUM
 CVE-2022-20733
all versions
A vulnerability in the login page of Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote attacker to log i
5.3MEDIUM
 CVE-2022-20782
all versions
A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote
6.5MEDIUM
 CVE-2022-20756
all versions
A vulnerability in the RADIUS feature of Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote attacker to c
8.6HIGH
 CVE-2021-44228
< 2.4.0
Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1) JNDI features used in configuration
10.0CRITICAL
 CVE-2021-40123
<= 2.6
A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote
4.3MEDIUM
 CVE-2021-40121
<= 2.6
Multiple vulnerabilities in the web-based management interface of Cisco Identity Services Engine (ISE) Software could allow an att
6.1MEDIUM
 CVE-2021-34738
< 2.6.0
Multiple vulnerabilities in the web-based management interface of Cisco Identity Services Engine (ISE) Software could allow an att
6.1MEDIUM
 CVE-2021-34706
<= 3.1
A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote
6.4MEDIUM
 CVE-2021-34702
>= 2.2.0 and < 2.6.0
A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote
4.3MEDIUM
 CVE-2021-1594
>= 2.4.0 and < 2.6.0
A vulnerability in the REST API of Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote attacker to perform
7.5HIGH
 CVE-2021-34759
< 2.2.0
A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) Software could allow an authenticate
4.8MEDIUM
 CVE-2021-1607
< 2.6.0
Multiple vulnerabilities in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticate
4.8MEDIUM
 CVE-2021-1606
< 2.6.0
Multiple vulnerabilities in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticate
4.8MEDIUM
 CVE-2021-1605
< 2.6.0
Multiple vulnerabilities in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticate
4.8MEDIUM
 CVE-2021-1604
< 2.6.0
Multiple vulnerabilities in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticate
4.8MEDIUM
 CVE-2021-1603
< 2.6.0
Multiple vulnerabilities in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticate
4.8MEDIUM
 CVE-2021-1306
< 2.7.0
A vulnerability in the restricted shell of Cisco Evolved Programmable Network (EPN) Manager, Cisco Identity Services Engine (ISE),
4.4MEDIUM
 CVE-2021-1416
< 2.3.0
Multiple vulnerabilities in the Admin portal of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker
6.5MEDIUM
 CVE-2021-1412
< 2.3.0
Multiple vulnerabilities in the Admin portal of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker
6.5MEDIUM
 CVE-2020-3551
all versions
A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an unauthenticated, remo
6.1MEDIUM
 CVE-2020-27122
< 3.0.0
A vulnerability in the Microsoft Active Directory integration of Cisco Identity Services Engine (ISE) could allow an authenticated
6.7MEDIUM
 CVE-2020-26083
all versions
A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote
4.8MEDIUM
 CVE-2020-3589
all versions
A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) Software could allow an authenticate
4.8MEDIUM
 CVE-2020-3467
<= 2.4
A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote
7.7HIGH
 CVE-2019-1736
all versions
A vulnerability in the firmware of the Cisco UCS C-Series Rack Servers could allow an authenticated, physical attacker to bypass U
6.6MEDIUM
 CVE-2020-3340
< 2.6.0
Multiple vulnerabilities in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticate
4.8MEDIUM
 CVE-2020-3353
all versions
A vulnerability in the syslog processing engine of Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote att
5.9MEDIUM
 CVE-2020-3157
<= 2.7
A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote
5.4MEDIUM
 CVE-2020-3156
all versions
A vulnerability in the logging component of Cisco Identity Services Engine could allow an unauthenticated remote attacker to condu
6.1MEDIUM
 CVE-2020-3149
< 2.7
A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) Software could allow an authenticate
4.8MEDIUM
 CVE-2019-15255
all versions
A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote
6.5MEDIUM
 CVE-2019-12638
<= 2.2.0
A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote
5.4MEDIUM
 CVE-2019-12637
<= 2.3
Multiple vulnerabilities in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticate
5.4MEDIUM
 CVE-2019-12631
<= 2.3
A vulnerability in the web-based guest portal of Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote attac
6.1MEDIUM
 CVE-2019-12644
< 2.6.0
A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) Software could allow an unauthentica
6.1MEDIUM
 CVE-2019-1942
<= 2.6.0
A vulnerability in the sponsor portal web interface for Cisco Identity Services Engine (ISE) could allow an authenticated, remote
4.3MEDIUM
 CVE-2019-1941
< 2.4.0
A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an unauthenticated, remo
6.1MEDIUM
 CVE-2019-1851
all versions
A vulnerability in the External RESTful Services (ERS) API of the Cisco Identity Services Engine (ISE) could allow an authenticate
6.8MEDIUM
 CVE-2019-1719
all versions
A vulnerability in the web-based guest portal of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacke
6.1MEDIUM
 CVE-2019-1718
all versions
A vulnerability in the web interface of Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote attacker to tr
7.5HIGH
 CVE-2019-1673
all versions
A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote
5.4MEDIUM
 CVE-2018-15459
all versions
A vulnerability in the administrative web interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote a
6.5MEDIUM
 CVE-2018-15455
all versions
A vulnerability in the logging component of Cisco Identity Services Engine could allow an unauthenticated, remote attacker to cond
6.1MEDIUM
 CVE-2018-0187
all versions
A vulnerability in the Admin portal of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to obtai
6.5MEDIUM
 CVE-2018-15456
all versions
A vulnerability in the Admin Portal of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to view
4.3MEDIUM
 CVE-2018-15425
all versions
A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote
4.7MEDIUM
 CVE-2018-15424
all versions
A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote
4.7MEDIUM
 CVE-2018-0277
all versions
A vulnerability in the Extensible Authentication Protocol-Transport Layer Security (EAP-TLS) certificate validation during EAP aut
8.6HIGH
 CVE-2018-0275
< 2.2\(0.470\)
A vulnerability in the support tunnel feature of Cisco Identity Services Engine (ISE) could allow an authenticated, local attacker
6.7MEDIUM
 CVE-2018-0221
all versions
A vulnerability in specific CLI commands for the Cisco Identity Services Engine (ISE) could allow an authenticated, local attacker
6.7MEDIUM
 CVE-2018-0216
all versions
A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an unauthenticated, remo
5.4MEDIUM
 CVE-2018-0215
all versions
A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an unauthenticated, remo
6.3MEDIUM
 CVE-2018-0214
all versions
A vulnerability in certain CLI commands of Cisco Identity Services Engine (ISE) could allow an authenticated, local attacker to ex
5.3MEDIUM
 CVE-2018-0213
all versions
A vulnerability in the credential reset functionality for Cisco Identity Services Engine (ISE) could allow an authenticated, remot
8.8HIGH
 CVE-2018-0212
all versions
A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an unauthenticated, remo
6.1MEDIUM
 CVE-2018-0211
all versions
A vulnerability in specific CLI commands for the Cisco Identity Services Engine could allow an authenticated, local attacker to ca
4.4MEDIUM
 CVE-2018-0091
all versions
A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an unauthenticated, remo
6.1MEDIUM
 CVE-2017-12261
all versions
A vulnerability in the restricted shell of the Cisco Identity Services Engine (ISE) that is accessible via SSH could allow an auth
7.8HIGH
 CVE-2017-6747
all versions
A vulnerability in the authentication module of Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote attack
9.8CRITICAL
 CVE-2017-6734
all versions
A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) Software could allow an authenticate
5.4MEDIUM
 CVE-2017-6733
all versions
A vulnerability in the web-based application interface of the Cisco Identity Services Engine (ISE) portal could allow an unauthent
6.1MEDIUM
 CVE-2017-6701
all versions
A vulnerability in the web application interface of the Cisco Identity Services Engine (ISE) portal could allow an unauthenticated
6.1MEDIUM
 CVE-2017-6605
all versions
A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote
5.4MEDIUM
 CVE-2017-6653
all versions
A vulnerability in the TCP throttling process for the GUI of the Cisco Identity Services Engine (ISE) 2.1(0.474) could allow an un
7.5HIGH
 CVE-2016-9198
all versions
A vulnerability in the Active Directory integration component of Cisco Identity Services Engine (ISE) could allow an unauthenticat
7.5HIGH
 CVE-2016-6453
all versions
A vulnerability in the web framework code of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to
7.3HIGH
 CVE-2014-0680
all versions
Cross-site scripting (XSS) vulnerability in the HTTP control interface in the NAC Web Agent component in Cisco Identity Services E
 CVE-2013-5541
all versions
Cross-site scripting (XSS) vulnerability in the file-upload interface in Cisco Identity Services Engine (ISE) allows remote authen
 CVE-2013-5540
all versions
The file-upload feature in Cisco Identity Services Engine (ISE) allows remote authenticated users to cause a denial of service (di
 CVE-2013-5539
all versions
The upload-dialog implementation in Cisco Identity Services Engine (ISE) allows remote authenticated users to upload files with an
 CVE-2013-5538
all versions
The Sponsor Portal in Cisco Identity Services Engine (ISE) uses weak permissions for uploaded files, which allows remote attackers
 CVE-2013-3445
all versions
The firewall subsystem in Cisco Identity Services Engine has an incorrect rule for open ports, which allows remote attackers to ca
 CVE-2013-3420
all versions
Cross-site request forgery (CSRF) vulnerability in the web framework on the Cisco Identity Services Engine (ISE) allows remote att
 CVE-2012-3908
all versions
Multiple cross-site request forgery (CSRF) vulnerabilities in the ISE Administrator user interface (aka the Apache Tomcat interfac
 CVE-2011-3290
all versions
Cisco Identity Services Engine (ISE) before 1.0.4.MR2 has default Oracle database credentials, which allows remote attackers to mo
Vulnerabilities
CISA KEV catalog
CWE weaknesses
CAPEC attack patterns
Package vulnerabilities
Threat intelligence
Threat actors
Tools & malware
ATT&CK techniques
IOCs
Detection & defense
Sigma rules
YARA rules
Atomic Red Team tests
D3FEND countermeasures
Compliance
NIST 800-53
ISO 27001:2022
SOC 2 TSC
PCI-DSS v4.0
CIS Controls v8.1
About
All capabilities
Live statistics
Data sources
Privacy policy
Terms of service
threatengine.sh  ·  Open-source threat intelligence platform  ·  100+ authoritative sources  ·  Every fact traces to its origin