Cisco Identity Services Engine (ISE) 1.x before 1.1.1 allows remote attackers to bypass authentication, and read support-bundle configuration and credentials data, via a crafted session on TCP port 443, aka Bug ID CSCty20405.
When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Identity_services_engine_software | Cisco | 1.0 (including) | 1.0 (including) |
Identity_services_engine_software | Cisco | 1.1 (including) | 1.1 (including) |