CVE-2015-6317 :: Enginsight Vulnerability Database

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	NIST	6.5 MEDIUM	NETWORK	LOW	LOW	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
cisco	CNA	---				---
CVE	ADP	---				---

Base Score

CVSS 3.x

EPSS Score

Percentile: 38%

Vendor	Product	Version
cisco	identity_services_engine_software	1.0.4.573
cisco	identity_services_engine_software	1.0_base:_base
cisco	identity_services_engine_software	1.0_mr_base:_mr_base
cisco	identity_services_engine_software	1.1.1:p1
cisco	identity_services_engine_software	1.1.1:p2
cisco	identity_services_engine_software	1.1.1:p3
cisco	identity_services_engine_software	1.1.1:p4
cisco	identity_services_engine_software	1.1.1:p5
cisco	identity_services_engine_software	1.1.1:p6
cisco	identity_services_engine_software	1.1.2:p1
cisco	identity_services_engine_software	1.1.2:p2
cisco	identity_services_engine_software	1.1.2:p3
cisco	identity_services_engine_software	1.1.2:p4
cisco	identity_services_engine_software	1.1.2:p5
cisco	identity_services_engine_software	1.1.2:p6
cisco	identity_services_engine_software	1.1.2:p7
cisco	identity_services_engine_software	1.1.2:p8
cisco	identity_services_engine_software	1.1.2:p9
cisco	identity_services_engine_software	1.1.3:p1
cisco	identity_services_engine_software	1.1.3:p2
cisco	identity_services_engine_software	1.1.3:p3
cisco	identity_services_engine_software	1.1.3:p4
cisco	identity_services_engine_software	1.1.3:p5
cisco	identity_services_engine_software	1.1.3:p6
cisco	identity_services_engine_software	1.1.3:p7
cisco	identity_services_engine_software	1.1.4:p1
cisco	identity_services_engine_software	1.1.4:p2
cisco	identity_services_engine_software	1.1.4:p3
cisco	identity_services_engine_software	1.1.4:p4
cisco	identity_services_engine_software	1.1.4:p5
cisco	identity_services_engine_software	1.1.4:p6
cisco	identity_services_engine_software	1.1.4:p7
cisco	identity_services_engine_software	1.1_base:_base
cisco	identity_services_engine_software	1.2\(0.747\)
cisco	identity_services_engine_software	1.2\(0.793\)
cisco	identity_services_engine_software	1.2\(1.198\)
cisco	identity_services_engine_software	1.2\(1.901\)
cisco	identity_services_engine_software	1.2.0.899:p14
cisco	identity_services_engine_software	1.2.1:p1
cisco	identity_services_engine_software	1.2.1:p2
cisco	identity_services_engine_software	1.2_base:_base
cisco	identity_services_engine_software	1.3\(0.722\)
cisco	identity_services_engine_software	1.3\(0.876\)
cisco	identity_services_engine_software	1.3\(106.146\)
cisco	identity_services_engine_software	1.3\(120.135\)
cisco	identity_services_engine_software	1.4\(0.109\)
cisco	identity_services_engine_software	1.4\(0.181\)
cisco	identity_services_engine_software	1.4\(0.253\)

𝑥

= Vulnerable software versions

Common Weakness Enumeration

CWE-284 - Improper Access Control
The software does not restrict or incorrectly restricts access to a resource from an unauthorized actor.

References

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160113-ise2

http://www.securitytracker.com/id/1034767

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160113-ise2

http://www.securitytracker.com/id/1034767