CVE-2022-20956 — Incorrect Use of Privileged APIs in Cisco Identity Services Engine Software

CWE-648 — Incorrect Use of Privileged APIs4 documents4 sources

Severity

8.8HIGHNVD

CNA7.1

EPSS

0.3%

top 49.19%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Cisco Identity Services Engine Software Cisco Identity Services Engine

Timeline

PublishedNov 4

Description

A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to bypass authorization and access system files. This vulnerability is due to improper access control in the web-based management interface of an affected device. An attacker could exploit this vulnerability by sending a crafted HTTP request to the affected device. A successful exploit could allow the attacker to list, download, and delete certain files that…

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 2.8 | Impact: 5.9

Affected Packages2 packages

▶CVEListV5cisco/cisco_identity_services_engine_software5 versions+4

▶NVDcisco/identity_services_engine3.1, 3.2+1

🔴Vulnerability Details

GHSA

GHSA-4x6g-xmp8-726r: A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to bypass↗2022-11-04

▶

CVEList

CVE-2022-20956: A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to bypass↗2022-11-03

▶

📋Vendor Advisories

Cisco

Cisco Identity Services Engine Insufficient Access Control Vulnerability↗2022-11-02

▶