[c-nsp] Cisco Security Advisory: Cisco Identity Services Engine Unauthorized Access Vulnerability

Cisco Systems Product Security Incident Response Team psirt at cisco.com
Wed Jan 13 11:46:48 EST 2016


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Cisco Security Advisory: Cisco Identity Services Engine Unauthorized Access Vulnerability

Advisory ID: cisco-sa-20160113-ise

Revision: 1.0

For Public Release 2016 January 13 16:00  GMT


+---------------------------------------------------------------------

Summary
+======

A vulnerability in the Admin portal of devices running Cisco Identity Services Engine (ISE) software could allow an unauthenticated, remote attacker to gain unauthorized access to an affected device.

An attacker who can connect to the Admin portal of an affected device could potentially exploit this vulnerability. A successful exploit may result in a complete compromise of the affected device. Customers are advised to apply a patch or upgrade to a version of Cisco ISE software that resolves this vulnerability.

Cisco has released software updates that address this vulnerability.

There are no workarounds that address this vulnerability. 

This advisory is available at the following link:

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160113-ise


-----BEGIN PGP SIGNATURE-----
Comment: GPGTools - http://gpgtools.org

iQIcBAEBCAAGBQJWlny2AAoJEIpI1I6i1Mx3eEcQAIRqkvk1kK4y5bDKzv0T5Gqu
kBIqY0e4nyGdj6p3K7+o4TEv388pGrlwlPT9TUnyvreHJ/MQ2h+5q+ekowYrDUEB
mapfb8gU3x28NXKZJQNK2m6SEKroTFT/vhzalMUZNJz8XLHYR+10XC4T7TXfHs77
qAj1BC3NaKMzUO3kVxvG65qgo5i9sdD4yBPmPvVzk4s4WPh2yhc7eFO/qeoayIyV
EXpI6YaegO5mArV9qhqTpz+/uoaDhQ7FP+ZaNuV0qylcgkZAjFS7sw6PtfLKiUMH
BUGccr4FI8nGB5DR3xZhOWbXpWrcOUSzkpjwC1Ip1zkK8ievBXgG3EiZbmbEZgVN
R3XXy4c1gTE+WiDEGBAeeU++HPr3R8/ZYsKueam6cmRXziLQj2o1L3nTu6XCdqI2
Qi4RcgC3pHJwjVSjM7NJcdGUmEabmvf5v0Hm8lXSyklHcNHXi3oAZgJJ4fQAeuIY
MiwJvZCiZ8rlf8V6n1RWa6z5KPiHNxhyAMWdCi5ObkjIHx/Bc9SchvGO8EvLY30e
5CJcIqmNmbs0O+WrdZPdpcz+yHHK2j5l0M/Zs8+h4+jJdiINeV/KpKQkfv+Y0wsg
MiBk88gLpyCWXPHcpSx4pObmuMj/uAJs/J1e+LMhc6WDQ9hjUV6Gu5jgDdc9arPD
VFOybhYGwVeOBSRVwndo
=HUXg
-----END PGP SIGNATURE-----


More information about the cisco-nsp mailing list