Vulnerability Description
The administrative web interface in Cisco Identity Services Engine (ISE) before 1.3 allows remote authenticated users to bypass intended access restrictions, and obtain sensitive information or change settings, via unspecified vectors, aka Bug ID CSCui72087.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Cisco | Identity Services Engine Software | 1.0.4.573 |
Related Weaknesses (CWE)
References
- http://tools.cisco.com/security/center/viewAlert.x?alertId=39299Vendor Advisory
- http://www.securityfocus.com/bid/75152Third Party AdvisoryVDB Entry
- http://www.securitytracker.com/id/1032579Third Party AdvisoryVDB Entry
- http://tools.cisco.com/security/center/viewAlert.x?alertId=39299Vendor Advisory
- http://www.securityfocus.com/bid/75152Third Party AdvisoryVDB Entry
- http://www.securitytracker.com/id/1032579Third Party AdvisoryVDB Entry
FAQ
What is CVE-2015-4182?
CVE-2015-4182 is a vulnerability with a CVSS score of 5.5 (MEDIUM). The administrative web interface in Cisco Identity Services Engine (ISE) before 1.3 allows remote authenticated users to bypass intended access restrictions, and obtain sensitive information or change...
How severe is CVE-2015-4182?
CVE-2015-4182 has been rated MEDIUM with a CVSS base score of 5.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2015-4182?
Check the references section above for vendor advisories and patch information. Affected products include: Cisco Identity Services Engine Software.