Multiple Vulnerabilities in Cisco Identity Services Engine (ISE) 
Indian - Computer Emergency Response Team (cert-in.org.in)

Severity Rating: HIGH

Software Affected

Cisco Identity Services Engine
Overview

Multiple vulnerabilities have been reported in Cisco ISE which could allow a remote attacker to inject arbitrary operating system commands, bypass security protections, and conduct cross-site scripting attacks on targeted system.

Description

1. Command Injection Vulnerability  ( CVE-2022-20964   )

This Vulnerability exists in Cisco ISE due to improper validation of user input within requests as part of the web-based management interface tcpdump feature. A remote attacker could exploit this vulnerability by manipulating requests to the web-based management interface to contain operating system commands.
Successful exploitation of this vulnerability could allow the attacker to inject and execute arbitrary commands on the system with root privileges.

2. Security Bypass Vulnerability ( CVE-2022-20965   )

This Vulnerability exists in Cisco ISE due to improper access control on a feature within the web-based management interface. An attacker could exploit this vulnerability bypassing checks within the application through direct requests on affected system.
Successful exploitation of this vulnerability could allow the attacker to gain privileged actions within the web-based management interface that should be otherwise restricted.

3. Cross-site scripting  Vulnerability ( CVE-2022-20966   CVE-2022-20967   )

These vulnerabilities exist in web-based management interface of Cisco ISE due to improper validation of input to an application feature before storage within the web-based management interface tcpdump feature. An attacker could exploit these vulnerabilities  by creating entries that contain malicious HTML or script code within the application interface (URL).
Successful exploitation of these vulnerabilities could allow the attacker to store malicious HTML or script code within the application interface for use in further cross-site scripting attacks.

Solution

Apply appropriate updates as mentioned in:


Vendor Information

CISCO

References

CISCO

CVE Name
CVE-2022-20964
CVE-2022-20965
CVE-2022-20966
CVE-2022-20967

About Cert Advisory

We have created this blog to provide latest security advisory from the india cert for the security vulnerability, threats, attacks and patching required to mitigate any kind of cyber attacks.

View all posts [..]

Related Posts

© Copyright 2020. Designed By Templateify

© Copyright 2020. Ud64

Scroll to Top