CVE-2015-4182

The administrative web interface in Cisco Identity Services Engine (ISE) before 1.3 allows remote authenticated users to bypass intended access restrictions, and obtain sensitive information or change settings, via unspecified vectors, aka Bug ID CSCui72087.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
5.5 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:S/C:P/I:P/A:N
ciscoCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 43%
VendorProductVersion
ciscoidentity_services_engine_software
1.0.4.573
ciscoidentity_services_engine_software
1.0_base:_base
ciscoidentity_services_engine_software
1.1
ciscoidentity_services_engine_software
1.2
ciscoidentity_services_engine_software
1.2\(0.747\)
ciscoidentity_services_engine_software
1.2\(0.899\)
ciscoidentity_services_engine_software
1.2\(1.901\)
ciscoidentity_services_engine_software
1.3
ciscoidentity_services_engine_software
1.4
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://tools.cisco.com/security/center/viewAlert.x?alertId=39299
http://www.securityfocus.com/bid/75152
http://www.securitytracker.com/id/1032579
http://tools.cisco.com/security/center/viewAlert.x?alertId=39299
http://www.securityfocus.com/bid/75152
http://www.securitytracker.com/id/1032579