CVE-2015-4182

EUVD-2015-4205
The administrative web interface in Cisco Identity Services Engine (ISE) before 1.3 allows remote authenticated users to bypass intended access restrictions, and obtain sensitive information or change settings, via unspecified vectors, aka Bug ID CSCui72087.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
5.5 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:S/C:P/I:P/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 50%
Affected Products (NVD)
VendorProductVersion
ciscoidentity_services_engine_software
1.0.4.573
ciscoidentity_services_engine_software
1.0_base:_base
ciscoidentity_services_engine_software
1.1
ciscoidentity_services_engine_software
1.2
ciscoidentity_services_engine_software
1.2\(0.747\)
ciscoidentity_services_engine_software
1.2\(0.899\)
ciscoidentity_services_engine_software
1.2\(1.901\)
ciscoidentity_services_engine_software
1.3
ciscoidentity_services_engine_software
1.4
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://tools.cisco.com/security/center/viewAlert.x?alertId=39299
http://www.securityfocus.com/bid/75152
http://www.securitytracker.com/id/1032579
http://tools.cisco.com/security/center/viewAlert.x?alertId=39299
http://www.securityfocus.com/bid/75152
http://www.securitytracker.com/id/1032579