Identity services engine software
This hub aggregates every CVE we track for Identity services engine software, a product in the networking infrastructure space. Use it to gauge the current risk picture and drill into individual advisories.
49
CVEs tracked
3
Critical
4
High
0
In CISA KEV
Severity distribution
MEDIUM41HIGH4CRITICAL3LOW1
Monthly trend
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
2024-072026-06
Latest CVEs
The 15 most recently published vulnerabilities affecting Identity services engine software.
- CVE-2019-15282Cisco Identity Services Engine Information Disclosure Vulnerability5.3
- CVE-2019-15281Cisco Identity Services Engine Stored Cross-Site Scripting Vulnerability4.8
- CVE-2018-15463Cisco Identity Services Engine Multiple Cross-Site Scripting Vulnerabilities6.1
- CVE-2018-15440Cisco Identity Services Engine Multiple Cross-Site Scripting Vulnerabilities6.1
- CVE-2018-0413A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack a...8.8
- CVE-2018-0339A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against ...6.1
- CVE-2018-0327A vulnerability in the web framework of Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web...6.1
- CVE-2018-0289A vulnerability in the logs component of Cisco Identity Services Engine could allow an unauthenticated, remote attacker to conduct cross-site scripting attacks. The vulnerability is due to improper...6.1
- CVE-2017-12316A vulnerability in the Guest Portal login page of Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote attacker to perform multiple login attempts in excess of the configured...7.5
- CVE-2017-3835A vulnerability in the sponsor portal of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to access notices owned by other users, because of SQL Injection. More In...8.8
- CVE-2016-9214Cisco Identity Services Engine (ISE) contains a vulnerability that could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against the user of the web interfa...6.1
- CVE-2016-1485Cross-site scripting (XSS) vulnerability in Cisco Identity Services Engine 1.3(0.876) allows remote attackers to inject arbitrary web script or HTML via crafted parameters, aka Bug ID CSCva46497.6.1
- CVE-2016-1402The Active Directory (AD) integration component in Cisco Identity Service Engine (ISE) before 1.2.0.899 patch 7, when AD group-membership authorization is enabled, allows remote attackers to cause ...7.5
- CVE-2015-6317Cisco Identity Services Engine (ISE) before 2.0 allows remote authenticated users to bypass intended web-resource access restrictions via a direct request, aka Bug ID CSCuu45926.6.5
- CVE-2015-6323The Admin portal in Cisco Identity Services Engine (ISE) 1.1.x, 1.2.0 before patch 17, 1.2.1 before patch 8, 1.3 before patch 5, and 1.4 before patch 4 allows remote attackers to obtain administrat...9.8
Product normalization is registry-driven with AI assist and human review. How it works