Cisco Identity Services Engine Software Vulnerabilità

Sequenza temporale

Versione

1.0	7
3.2.0	6
2.7.0	5
3.0.0	5
3.1.0	5

Contromisure

Official Fix	17
Temporary Fix	0
Workaround	0
Unavailable	0
Not Defined	14

Sfruttabilità

High	4
Functional	0
Proof-of-Concept	0
Unproven	2
Not Defined	25

Accesso al vettore

Not Defined	0
Physical	0
Local	2
Adjacent	1
Network	28

Autenticazione

Not Defined	0
High	4
Low	10
None	17

Interazione dell'utente

Not Defined	0
Required	9
None	22

CVSSv3 Base

≤1	0
≤2	0
≤3	0
≤4	1
≤5	11
≤6	12
≤7	4
≤8	0
≤9	2
≤10	1

CVSSv3 Temp

≤1	0
≤2	0
≤3	0
≤4	2
≤5	13
≤6	10
≤7	3
≤8	1
≤9	1
≤10	1

VulDB

≤1	0
≤2	0
≤3	0
≤4	1
≤5	16
≤6	7
≤7	4
≤8	1
≤9	1
≤10	1

NVD

≤1	0
≤2	0
≤3	0
≤4	0
≤5	0
≤6	0
≤7	0
≤8	3
≤9	0
≤10	0

CNA

≤1	0
≤2	0
≤3	0
≤4	0
≤5	3
≤6	3
≤7	1
≤8	0
≤9	1
≤10	0

Fornitore

≤1	0
≤2	0
≤3	0
≤4	0
≤5	0
≤6	0
≤7	0
≤8	0
≤9	0
≤10	0

Research

≤1	0
≤2	0
≤3	0
≤4	0
≤5	0
≤6	0
≤7	0
≤8	0
≤9	0
≤10	0

Exploiter 0 giorni

<1k	0
<2k	0
<5k	2
<10k	14
<25k	11
<50k	4
<100k	0
≥100k	0

Exploiter aujourd'hui

<1k	15
<2k	3
<5k	11
<10k	2
<25k	0
<50k	0
<100k	0
≥100k	0

Affected Versions (57): 1, 1.0, 1.0.1, 1.0.2, 1.0.3, 1.1, 1.1.1, 1.1.2, 1.2, 2.0, 2.1, 2.2, 2.3, 2.4, 2.5, 2.6, 2.6.0 p1, 2.6.0 p2, 2.6.0 p3, 2.6.0 p5, 2.6.0 p6, 2.6.0 p7, 2.6.0 p8, 2.6.0 p9, 2.6.0 p11, 2.6.0 p12, 2.7, 2.7 Patch 7, 2.7.0 p1, 2.7.0 p2, 2.7.0 p3, 2.7.0 p4, 2.7.0 p5, 2.7.0 p6, 2.7.0 p7, 2.7.0 p9, 3, 3.0 Patch 5, 3.0.0 p1, 3.0.0 p2, 3.0.0 p3, 3.0.0 p4, 3.0.0 p5, 3.0.0 p6, 3.0.0 p7, 3.1, 3.1 Patch 3, 3.1.0 p1, 3.1.0 p3, 3.1.0 p4, 3.1.0 p5, 3.1.0 p6, 3.1.0 p7, 3.2, 3.2.0 p1, 3.2.0 p2, 3.3

Link to Product Website: https://www.cisco.com/

Tipo di software: Policy Management Software

Data di pubblicazione	Base	Temp	Vulnerabilità	0day	Oggi	Sfr	Con	CTI	CVE
03/04/2024	5.4	5.3	Cisco Identity Services Engine Software Web-based Management Interface cross site request forgery	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.02	CVE-2024-20368
03/04/2024	5.1	5.0	Cisco Identity Services Engine Software Web-based Management Interface escalazione di privilegi	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.07	CVE-2024-20332
01/11/2023	8.1	8.0	Cisco Identity Services Engine Software CLI escalazione di privilegi	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.04	CVE-2023-20175
01/11/2023	5.1	5.0	Cisco Identity Services Engine Software CLI escalazione di privilegi	$0-$5k	$0-$5k	Not Defined	Official Fix	0.02	CVE-2023-20170
01/11/2023	4.3	4.2	Cisco Identity Services Engine Software CDP denial of service	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.00	CVE-2023-20213
01/11/2023	5.5	5.5	Cisco Identity Services Engine Software escalazione di privilegi	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.04	CVE-2023-20195
01/11/2023	5.5	5.5	Cisco Identity Services Engine Software escalazione di privilegi	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.02	CVE-2023-20196
02/11/2022	5.3	5.2	Cisco Identity Services Engine Software RADIUS denial of service	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.00	CVE-2022-20937
15/01/2015	4.3	4.3	Cisco Identity Services Engine Software cross site scripting	$5k-$25k	$0-$5k	Not Defined	Not Defined	0.00	CVE-2014-8022
22/12/2014	5.3	5.3	Cisco Identity Services Engine Software rivelazione di un 'informazione	$5k-$25k	$0-$5k	Not Defined	Not Defined	0.00	CVE-2014-8017