Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The RBAC implementation in Cisco Identity Services Engine (ISE) Software does not properly verify privileges for support-bundle downloads, which allows remote authenticated users to obtain sensitive information via a download action, as demonstrated by obtaining read access to the user database, aka Bug ID CSCul83904.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Cisco Identity Services Engine 权限许可和访问控制漏洞
Vulnerability Description
Cisco Identity Services Engine(ISE)是美国思科(Cisco)公司的一款基于身份的环境感知平台(ISE身份服务引擎)。该平台通过收集网络、用户和设备中的实时信息,制定并实施相应策略来监管网络。 Cisco ISE Software的role-based访问控制代码存在权限许可和访问控制漏洞,该漏洞源于当下载支持包时,程序没有正确检查用户权限。远程攻击者可通过下载支持包利用该漏洞获取敏感信息,如读取用户数据库。
CVSS Information
N/A
Vulnerability Type
N/A