CVE-2023-20194 Vulnerability Analysis & Exploit Details

CVE-2023-20194 Vulnerability Summary

CVE-2023-20194: A vulnerability in the ERS API of Cisco ISE could allow an authenticated, remote attacker to read arbitrary files on the underlying operating system of an affected device. To exploit this vulnerability, an attacker must have valid Administrator-level privileges on the affected device. This vulnerability is due to improper privilege management in the ERS API. An attacker could exploit this vulnerability by sending a crafted request to an affected device. A successful exploit could allow the attacker to elevate their privileges beyond the sphere of their intended access level, which would allow them to obtain sensitive information from the underlying operating system. Note: The ERS is not enabled by default. To verify the status of the ERS API in the Admin GUI, choose Administration > Settings > API Settings > API Service Settings.

Exploit Prediction Scoring System (EPSS)

The EPSS score estimates the probability that this vulnerability will be exploited in the near future.

EPSS Score: 0.078% (probability of exploit)

EPSS Percentile: 36.95% (lower percentile = lower relative risk)
This vulnerability is less risky than approximately 63.05% of others.

CVE-2023-20194 References

External References

• https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-priv-esc-KJLp2Aw
• https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-priv-esc-KJLp2Aw

CWE Common Weakness Enumeration

CAPEC Common Attack Pattern Enumeration and Classification

• Privilege Abuse CAPEC-122 An adversary is able to exploit features of the target that should be reserved for privileged users or administrators but are exposed to use by lower or non-privileged accounts. Access to sensitive information and functionality must be controlled to ensure that only authorized users are able to access these resources.
• Privilege Escalation CAPEC-233 An adversary exploits a weakness enabling them to elevate their privilege and perform an action that they are not supposed to be authorized to perform.
• Restful Privilege Elevation CAPEC-58 An adversary identifies a Rest HTTP (Get, Put, Delete) style permission method allowing them to perform various malicious actions upon server data due to lack of access control mechanisms implemented within the application service accepting HTTP messages.

Vulnerable Configurations

• cpe:2.3:a:cisco:identity_services_engine:-:*:*:*:*:*:*:*
  cpe:2.3:a:cisco:identity_services_engine:-:*:*:*:*:*:*:*
• cpe:2.3:a:cisco:identity_services_engine:1.0:*:*:*:*:*:*:*
  cpe:2.3:a:cisco:identity_services_engine:1.0:*:*:*:*:*:*:*
• cpe:2.3:a:cisco:identity_services_engine:1.0.4:*:*:*:*:*:*:*
  cpe:2.3:a:cisco:identity_services_engine:1.0.4:*:*:*:*:*:*:*
• cpe:2.3:a:cisco:identity_services_engine:1.1:*:*:*:*:*:*:*
  cpe:2.3:a:cisco:identity_services_engine:1.1:*:*:*:*:*:*:*
• cpe:2.3:a:cisco:identity_services_engine:1.1.1:*:*:*:*:*:*:*
  cpe:2.3:a:cisco:identity_services_engine:1.1.1:*:*:*:*:*:*:*
• cpe:2.3:a:cisco:identity_services_engine:1.1.2:*:*:*:*:*:*:*
  cpe:2.3:a:cisco:identity_services_engine:1.1.2:*:*:*:*:*:*:*
• cpe:2.3:a:cisco:identity_services_engine:1.1.3:*:*:*:*:*:*:*
  cpe:2.3:a:cisco:identity_services_engine:1.1.3:*:*:*:*:*:*:*
• cpe:2.3:a:cisco:identity_services_engine:1.1.4:*:*:*:*:*:*:*
  cpe:2.3:a:cisco:identity_services_engine:1.1.4:*:*:*:*:*:*:*
• cpe:2.3:a:cisco:identity_services_engine:1.2:*:*:*:*:*:*:*
  cpe:2.3:a:cisco:identity_services_engine:1.2:*:*:*:*:*:*:*
• cpe:2.3:a:cisco:identity_services_engine:1.2.1:*:*:*:*:*:*:*
  cpe:2.3:a:cisco:identity_services_engine:1.2.1:*:*:*:*:*:*:*
• cpe:2.3:a:cisco:identity_services_engine:1.2\(1.199\):*:*:*:*:*:*:*
  cpe:2.3:a:cisco:identity_services_engine:1.2\(1.199\):*:*:*:*:*:*:*
• cpe:2.3:a:cisco:identity_services_engine:1.3:*:*:*:*:*:*:*
  cpe:2.3:a:cisco:identity_services_engine:1.3:*:*:*:*:*:*:*
• cpe:2.3:a:cisco:identity_services_engine:1.3\(0.722\):*:*:*:*:*:*:*
  cpe:2.3:a:cisco:identity_services_engine:1.3\(0.722\):*:*:*:*:*:*:*
• cpe:2.3:a:cisco:identity_services_engine:1.3\(0.876\):*:*:*:*:*:*:*
  cpe:2.3:a:cisco:identity_services_engine:1.3\(0.876\):*:*:*:*:*:*:*
• cpe:2.3:a:cisco:identity_services_engine:1.3\(0.909\):*:*:*:*:*:*:*
  cpe:2.3:a:cisco:identity_services_engine:1.3\(0.909\):*:*:*:*:*:*:*
• cpe:2.3:a:cisco:identity_services_engine:1.3\(106.146\):*:*:*:*:*:*:*
  cpe:2.3:a:cisco:identity_services_engine:1.3\(106.146\):*:*:*:*:*:*:*
• cpe:2.3:a:cisco:identity_services_engine:1.3\(120.135\):*:*:*:*:*:*:*
  cpe:2.3:a:cisco:identity_services_engine:1.3\(120.135\):*:*:*:*:*:*:*
• cpe:2.3:a:cisco:identity_services_engine:1.4:*:*:*:*:*:*:*
  cpe:2.3:a:cisco:identity_services_engine:1.4:*:*:*:*:*:*:*
• cpe:2.3:a:cisco:identity_services_engine:1.4\(0.109\):*:*:*:*:*:*:*
  cpe:2.3:a:cisco:identity_services_engine:1.4\(0.109\):*:*:*:*:*:*:*
• cpe:2.3:a:cisco:identity_services_engine:1.4\(0.181\):*:*:*:*:*:*:*
  cpe:2.3:a:cisco:identity_services_engine:1.4\(0.181\):*:*:*:*:*:*:*
• cpe:2.3:a:cisco:identity_services_engine:1.4\(0.253\):*:*:*:*:*:*:*
  cpe:2.3:a:cisco:identity_services_engine:1.4\(0.253\):*:*:*:*:*:*:*
• cpe:2.3:a:cisco:identity_services_engine:1.4\(0.908\):*:*:*:*:*:*:*
  cpe:2.3:a:cisco:identity_services_engine:1.4\(0.908\):*:*:*:*:*:*:*
• cpe:2.3:a:cisco:identity_services_engine:2.0:*:*:*:*:*:*:*
  cpe:2.3:a:cisco:identity_services_engine:2.0:*:*:*:*:*:*:*
• cpe:2.3:a:cisco:identity_services_engine:2.0\(0.147\):*:*:*:*:*:*:*
  cpe:2.3:a:cisco:identity_services_engine:2.0\(0.147\):*:*:*:*:*:*:*
• cpe:2.3:a:cisco:identity_services_engine:2.0\(0.169\):*:*:*:*:*:*:*
  cpe:2.3:a:cisco:identity_services_engine:2.0\(0.169\):*:*:*:*:*:*:*
• cpe:2.3:a:cisco:identity_services_engine:2.0\(0.222\):*:*:*:*:*:*:*
  cpe:2.3:a:cisco:identity_services_engine:2.0\(0.222\):*:*:*:*:*:*:*
• cpe:2.3:a:cisco:identity_services_engine:2.0\(0.234\):*:*:*:*:*:*:*
  cpe:2.3:a:cisco:identity_services_engine:2.0\(0.234\):*:*:*:*:*:*:*
• cpe:2.3:a:cisco:identity_services_engine:2.0\(0.249\):*:*:*:*:*:*:*
  cpe:2.3:a:cisco:identity_services_engine:2.0\(0.249\):*:*:*:*:*:*:*
• cpe:2.3:a:cisco:identity_services_engine:2.0\(0.306\):*:*:*:*:*:*:*
  cpe:2.3:a:cisco:identity_services_engine:2.0\(0.306\):*:*:*:*:*:*:*
• cpe:2.3:a:cisco:identity_services_engine:2.0.1:*:*:*:*:*:*:*
  cpe:2.3:a:cisco:identity_services_engine:2.0.1:*:*:*:*:*:*:*
• cpe:2.3:a:cisco:identity_services_engine:2.0\(1.130\):*:*:*:*:*:*:*
  cpe:2.3:a:cisco:identity_services_engine:2.0\(1.130\):*:*:*:*:*:*:*
• cpe:2.3:a:cisco:identity_services_engine:2.1:*:*:*:*:*:*:*
  cpe:2.3:a:cisco:identity_services_engine:2.1:*:*:*:*:*:*:*
• cpe:2.3:a:cisco:identity_services_engine:2.1.0:*:*:*:*:*:*:*
  cpe:2.3:a:cisco:identity_services_engine:2.1.0:*:*:*:*:*:*:*
• cpe:2.3:a:cisco:identity_services_engine:2.1\(0.474\):*:*:*:*:*:*:*
  cpe:2.3:a:cisco:identity_services_engine:2.1\(0.474\):*:*:*:*:*:*:*
• cpe:2.3:a:cisco:identity_services_engine:2.1\(0.476\):*:*:*:*:*:*:*
  cpe:2.3:a:cisco:identity_services_engine:2.1\(0.476\):*:*:*:*:*:*:*
• cpe:2.3:a:cisco:identity_services_engine:2.1\(0.800\):*:*:*:*:*:*:*
  cpe:2.3:a:cisco:identity_services_engine:2.1\(0.800\):*:*:*:*:*:*:*
• cpe:2.3:a:cisco:identity_services_engine:2.1\(0.904\):*:*:*:*:*:*:*
  cpe:2.3:a:cisco:identity_services_engine:2.1\(0.904\):*:*:*:*:*:*:*
• cpe:2.3:a:cisco:identity_services_engine:2.1\(0.907\):*:*:*:*:*:*:*
  cpe:2.3:a:cisco:identity_services_engine:2.1\(0.907\):*:*:*:*:*:*:*
• cpe:2.3:a:cisco:identity_services_engine:2.1\(102.101\):*:*:*:*:*:*:*
  cpe:2.3:a:cisco:identity_services_engine:2.1\(102.101\):*:*:*:*:*:*:*
• cpe:2.3:a:cisco:identity_services_engine:2.1\(102.103\):*:*:*:*:*:*:*
  cpe:2.3:a:cisco:identity_services_engine:2.1\(102.103\):*:*:*:*:*:*:*
• cpe:2.3:a:cisco:identity_services_engine:2.2:*:*:*:*:*:*:*
  cpe:2.3:a:cisco:identity_services_engine:2.2:*:*:*:*:*:*:*
• cpe:2.3:a:cisco:identity_services_engine:2.2.0:-:*:*:*:*:*:*
  cpe:2.3:a:cisco:identity_services_engine:2.2.0:-:*:*:*:*:*:*
• cpe:2.3:a:cisco:identity_services_engine:2.2\(0.283\):*:*:*:*:*:*:*
  cpe:2.3:a:cisco:identity_services_engine:2.2\(0.283\):*:*:*:*:*:*:*
• cpe:2.3:a:cisco:identity_services_engine:2.2.0.470:-:*:*:*:*:*:*
  cpe:2.3:a:cisco:identity_services_engine:2.2.0.470:-:*:*:*:*:*:*
• cpe:2.3:a:cisco:identity_services_engine:2.2\(0.470\):*:*:*:*:*:*:*
  cpe:2.3:a:cisco:identity_services_engine:2.2\(0.470\):*:*:*:*:*:*:*
• cpe:2.3:a:cisco:identity_services_engine:2.2.0.470:patch1:*:*:*:*:*:*
  cpe:2.3:a:cisco:identity_services_engine:2.2.0.470:patch1:*:*:*:*:*:*
• cpe:2.3:a:cisco:identity_services_engine:2.2.0.470:patch10:*:*:*:*:*:*
  cpe:2.3:a:cisco:identity_services_engine:2.2.0.470:patch10:*:*:*:*:*:*
• cpe:2.3:a:cisco:identity_services_engine:2.2.0.470:patch11:*:*:*:*:*:*
  cpe:2.3:a:cisco:identity_services_engine:2.2.0.470:patch11:*:*:*:*:*:*
• cpe:2.3:a:cisco:identity_services_engine:2.2.0.470:patch12:*:*:*:*:*:*
  cpe:2.3:a:cisco:identity_services_engine:2.2.0.470:patch12:*:*:*:*:*:*
• cpe:2.3:a:cisco:identity_services_engine:2.2.0.470:patch13:*:*:*:*:*:*
  cpe:2.3:a:cisco:identity_services_engine:2.2.0.470:patch13:*:*:*:*:*:*
• cpe:2.3:a:cisco:identity_services_engine:2.2.0.470:patch14:*:*:*:*:*:*
  cpe:2.3:a:cisco:identity_services_engine:2.2.0.470:patch14:*:*:*:*:*:*
• cpe:2.3:a:cisco:identity_services_engine:2.2.0.470:patch15:*:*:*:*:*:*
  cpe:2.3:a:cisco:identity_services_engine:2.2.0.470:patch15:*:*:*:*:*:*
• cpe:2.3:a:cisco:identity_services_engine:2.2.0.470:patch16:*:*:*:*:*:*
  cpe:2.3:a:cisco:identity_services_engine:2.2.0.470:patch16:*:*:*:*:*:*
• cpe:2.3:a:cisco:identity_services_engine:2.2.0.470:patch2:*:*:*:*:*:*
  cpe:2.3:a:cisco:identity_services_engine:2.2.0.470:patch2:*:*:*:*:*:*
• cpe:2.3:a:cisco:identity_services_engine:2.2.0.470:patch3:*:*:*:*:*:*
  cpe:2.3:a:cisco:identity_services_engine:2.2.0.470:patch3:*:*:*:*:*:*
• cpe:2.3:a:cisco:identity_services_engine:2.2.0.470:patch4:*:*:*:*:*:*
  cpe:2.3:a:cisco:identity_services_engine:2.2.0.470:patch4:*:*:*:*:*:*
• cpe:2.3:a:cisco:identity_services_engine:2.2.0.470:patch5:*:*:*:*:*:*
  cpe:2.3:a:cisco:identity_services_engine:2.2.0.470:patch5:*:*:*:*:*:*
• cpe:2.3:a:cisco:identity_services_engine:2.2.0.470:patch6:*:*:*:*:*:*
  cpe:2.3:a:cisco:identity_services_engine:2.2.0.470:patch6:*:*:*:*:*:*
• cpe:2.3:a:cisco:identity_services_engine:2.2.0.470:patch7:*:*:*:*:*:*
  cpe:2.3:a:cisco:identity_services_engine:2.2.0.470:patch7:*:*:*:*:*:*
• cpe:2.3:a:cisco:identity_services_engine:2.2.0.470:patch8:*:*:*:*:*:*
  cpe:2.3:a:cisco:identity_services_engine:2.2.0.470:patch8:*:*:*:*:*:*
• cpe:2.3:a:cisco:identity_services_engine:2.2.0.470:patch9:*:*:*:*:*:*
  cpe:2.3:a:cisco:identity_services_engine:2.2.0.470:patch9:*:*:*:*:*:*
• cpe:2.3:a:cisco:identity_services_engine:2.2\(0.471\):*:*:*:*:*:*:*
  cpe:2.3:a:cisco:identity_services_engine:2.2\(0.471\):*:*:*:*:*:*:*
• cpe:2.3:a:cisco:identity_services_engine:2.2\(0.903\):*:*:*:*:*:*:*
  cpe:2.3:a:cisco:identity_services_engine:2.2\(0.903\):*:*:*:*:*:*:*
• cpe:2.3:a:cisco:identity_services_engine:2.2\(0.909\):*:*:*:*:*:*:*
  cpe:2.3:a:cisco:identity_services_engine:2.2\(0.909\):*:*:*:*:*:*:*
• cpe:2.3:a:cisco:identity_services_engine:2.2\(0.910\):*:*:*:*:*:*:*
  cpe:2.3:a:cisco:identity_services_engine:2.2\(0.910\):*:*:*:*:*:*:*
• cpe:2.3:a:cisco:identity_services_engine:2.2.0:patch1:*:*:*:*:*:*
  cpe:2.3:a:cisco:identity_services_engine:2.2.0:patch1:*:*:*:*:*:*
• cpe:2.3:a:cisco:identity_services_engine:2.2.0:patch10:*:*:*:*:*:*
  cpe:2.3:a:cisco:identity_services_engine:2.2.0:patch10:*:*:*:*:*:*
• cpe:2.3:a:cisco:identity_services_engine:2.2.0:patch12:*:*:*:*:*:*
  cpe:2.3:a:cisco:identity_services_engine:2.2.0:patch12:*:*:*:*:*:*
• cpe:2.3:a:cisco:identity_services_engine:2.2.0:patch13:*:*:*:*:*:*
  cpe:2.3:a:cisco:identity_services_engine:2.2.0:patch13:*:*:*:*:*:*
• cpe:2.3:a:cisco:identity_services_engine:2.2.0:patch14:*:*:*:*:*:*
  cpe:2.3:a:cisco:identity_services_engine:2.2.0:patch14:*:*:*:*:*:*
• cpe:2.3:a:cisco:identity_services_engine:2.2.0:patch15:*:*:*:*:*:*
  cpe:2.3:a:cisco:identity_services_engine:2.2.0:patch15:*:*:*:*:*:*
• cpe:2.3:a:cisco:identity_services_engine:2.2.0:patch16:*:*:*:*:*:*
  cpe:2.3:a:cisco:identity_services_engine:2.2.0:patch16:*:*:*:*:*:*
• cpe:2.3:a:cisco:identity_services_engine:2.2.0:patch17:*:*:*:*:*:*
  cpe:2.3:a:cisco:identity_services_engine:2.2.0:patch17:*:*:*:*:*:*
• cpe:2.3:a:cisco:identity_services_engine:2.2.0:patch2:*:*:*:*:*:*
  cpe:2.3:a:cisco:identity_services_engine:2.2.0:patch2:*:*:*:*:*:*
• cpe:2.3:a:cisco:identity_services_engine:2.2.0:patch3:*:*:*:*:*:*
  cpe:2.3:a:cisco:identity_services_engine:2.2.0:patch3:*:*:*:*:*:*
• cpe:2.3:a:cisco:identity_services_engine:2.2.0:patch4:*:*:*:*:*:*
  cpe:2.3:a:cisco:identity_services_engine:2.2.0:patch4:*:*:*:*:*:*
• cpe:2.3:a:cisco:identity_services_engine:2.2.0:patch5:*:*:*:*:*:*
  cpe:2.3:a:cisco:identity_services_engine:2.2.0:patch5:*:*:*:*:*:*
• cpe:2.3:a:cisco:identity_services_engine:2.2.0:patch6:*:*:*:*:*:*
  cpe:2.3:a:cisco:identity_services_engine:2.2.0:patch6:*:*:*:*:*:*
• cpe:2.3:a:cisco:identity_services_engine:2.2.0:patch7:*:*:*:*:*:*
  cpe:2.3:a:cisco:identity_services_engine:2.2.0:patch7:*:*:*:*:*:*
• cpe:2.3:a:cisco:identity_services_engine:2.2.0:patch8:*:*:*:*:*:*
  cpe:2.3:a:cisco:identity_services_engine:2.2.0:patch8:*:*:*:*:*:*
• cpe:2.3:a:cisco:identity_services_engine:2.2.0:patch9:*:*:*:*:*:*
  cpe:2.3:a:cisco:identity_services_engine:2.2.0:patch9:*:*:*:*:*:*
• cpe:2.3:a:cisco:identity_services_engine:2.2\(1.145\):*:*:*:*:*:*:*
  cpe:2.3:a:cisco:identity_services_engine:2.2\(1.145\):*:*:*:*:*:*:*
• cpe:2.3:a:cisco:identity_services_engine:2.3:*:*:*:*:*:*:*
  cpe:2.3:a:cisco:identity_services_engine:2.3:*:*:*:*:*:*:*
• cpe:2.3:a:cisco:identity_services_engine:2.3.0:-:*:*:*:*:*:*
  cpe:2.3:a:cisco:identity_services_engine:2.3.0:-:*:*:*:*:*:*
• cpe:2.3:a:cisco:identity_services_engine:2.3\(0.151\):*:*:*:*:*:*:*
  cpe:2.3:a:cisco:identity_services_engine:2.3\(0.151\):*:*:*:*:*:*:*
• cpe:2.3:a:cisco:identity_services_engine:2.3.0.298:-:*:*:*:*:*:*
  cpe:2.3:a:cisco:identity_services_engine:2.3.0.298:-:*:*:*:*:*:*
• cpe:2.3:a:cisco:identity_services_engine:2.3\(0.298\):*:*:*:*:*:*:*
  cpe:2.3:a:cisco:identity_services_engine:2.3\(0.298\):*:*:*:*:*:*:*
• cpe:2.3:a:cisco:identity_services_engine:2.3.0.298:patch1:*:*:*:*:*:*
  cpe:2.3:a:cisco:identity_services_engine:2.3.0.298:patch1:*:*:*:*:*:*
• cpe:2.3:a:cisco:identity_services_engine:2.3.0.298:patch2:*:*:*:*:*:*
  cpe:2.3:a:cisco:identity_services_engine:2.3.0.298:patch2:*:*:*:*:*:*
• cpe:2.3:a:cisco:identity_services_engine:2.3.0.298:patch3:*:*:*:*:*:*
  cpe:2.3:a:cisco:identity_services_engine:2.3.0.298:patch3:*:*:*:*:*:*
• cpe:2.3:a:cisco:identity_services_engine:2.3.0.298:patch4:*:*:*:*:*:*
  cpe:2.3:a:cisco:identity_services_engine:2.3.0.298:patch4:*:*:*:*:*:*
• cpe:2.3:a:cisco:identity_services_engine:2.3.0.298:patch5:*:*:*:*:*:*
  cpe:2.3:a:cisco:identity_services_engine:2.3.0.298:patch5:*:*:*:*:*:*
• cpe:2.3:a:cisco:identity_services_engine:2.3.0.298:patch6:*:*:*:*:*:*
  cpe:2.3:a:cisco:identity_services_engine:2.3.0.298:patch6:*:*:*:*:*:*
• cpe:2.3:a:cisco:identity_services_engine:2.3.0.298:patch7:*:*:*:*:*:*
  cpe:2.3:a:cisco:identity_services_engine:2.3.0.298:patch7:*:*:*:*:*:*
• cpe:2.3:a:cisco:identity_services_engine:2.3\(0.904\):*:*:*:*:*:*:*
  cpe:2.3:a:cisco:identity_services_engine:2.3\(0.904\):*:*:*:*:*:*:*
• cpe:2.3:a:cisco:identity_services_engine:2.3\(0.905\):*:*:*:*:*:*:*
  cpe:2.3:a:cisco:identity_services_engine:2.3\(0.905\):*:*:*:*:*:*:*
• cpe:2.3:a:cisco:identity_services_engine:2.3.0:patch1:*:*:*:*:*:*
  cpe:2.3:a:cisco:identity_services_engine:2.3.0:patch1:*:*:*:*:*:*
• cpe:2.3:a:cisco:identity_services_engine:2.3.0:patch2:*:*:*:*:*:*
  cpe:2.3:a:cisco:identity_services_engine:2.3.0:patch2:*:*:*:*:*:*
• cpe:2.3:a:cisco:identity_services_engine:2.3.0:patch3:*:*:*:*:*:*
  cpe:2.3:a:cisco:identity_services_engine:2.3.0:patch3:*:*:*:*:*:*
• cpe:2.3:a:cisco:identity_services_engine:2.3.0:patch4:*:*:*:*:*:*
  cpe:2.3:a:cisco:identity_services_engine:2.3.0:patch4:*:*:*:*:*:*
• cpe:2.3:a:cisco:identity_services_engine:2.3.0:patch5:*:*:*:*:*:*
  cpe:2.3:a:cisco:identity_services_engine:2.3.0:patch5:*:*:*:*:*:*
• cpe:2.3:a:cisco:identity_services_engine:2.3.0:patch6:*:*:*:*:*:*
  cpe:2.3:a:cisco:identity_services_engine:2.3.0:patch6:*:*:*:*:*:*
• cpe:2.3:a:cisco:identity_services_engine:2.3.0:patch7:*:*:*:*:*:*
  cpe:2.3:a:cisco:identity_services_engine:2.3.0:patch7:*:*:*:*:*:*
• cpe:2.3:a:cisco:identity_services_engine:2.4:*:*:*:*:*:*:*
  cpe:2.3:a:cisco:identity_services_engine:2.4:*:*:*:*:*:*:*
• cpe:2.3:a:cisco:identity_services_engine:2.4.0:-:*:*:*:*:*:*
  cpe:2.3:a:cisco:identity_services_engine:2.4.0:-:*:*:*:*:*:*
• cpe:2.3:a:cisco:identity_services_engine:2.4\(0.192\):*:*:*:*:*:*:*
  cpe:2.3:a:cisco:identity_services_engine:2.4\(0.192\):*:*:*:*:*:*:*
• cpe:2.3:a:cisco:identity_services_engine:2.4\(0.247\):*:*:*:*:*:*:*
  cpe:2.3:a:cisco:identity_services_engine:2.4\(0.247\):*:*:*:*:*:*:*
• cpe:2.3:a:cisco:identity_services_engine:2.4.0.357:-:*:*:*:*:*:*
  cpe:2.3:a:cisco:identity_services_engine:2.4.0.357:-:*:*:*:*:*:*
• cpe:2.3:a:cisco:identity_services_engine:2.4\(0.357\):*:*:*:*:*:*:*
  cpe:2.3:a:cisco:identity_services_engine:2.4\(0.357\):*:*:*:*:*:*:*
• cpe:2.3:a:cisco:identity_services_engine:2.4.0.357:patch1:*:*:*:*:*:*
  cpe:2.3:a:cisco:identity_services_engine:2.4.0.357:patch1:*:*:*:*:*:*
• cpe:2.3:a:cisco:identity_services_engine:2.4.0.357:patch10:*:*:*:*:*:*
  cpe:2.3:a:cisco:identity_services_engine:2.4.0.357:patch10:*:*:*:*:*:*
• cpe:2.3:a:cisco:identity_services_engine:2.4.0.357:patch11:*:*:*:*:*:*
  cpe:2.3:a:cisco:identity_services_engine:2.4.0.357:patch11:*:*:*:*:*:*
• cpe:2.3:a:cisco:identity_services_engine:2.4.0.357:patch12:*:*:*:*:*:*
  cpe:2.3:a:cisco:identity_services_engine:2.4.0.357:patch12:*:*:*:*:*:*
• cpe:2.3:a:cisco:identity_services_engine:2.4.0.357:patch2:*:*:*:*:*:*
  cpe:2.3:a:cisco:identity_services_engine:2.4.0.357:patch2:*:*:*:*:*:*
• cpe:2.3:a:cisco:identity_services_engine:2.4.0.357:patch3:*:*:*:*:*:*
  cpe:2.3:a:cisco:identity_services_engine:2.4.0.357:patch3:*:*:*:*:*:*
• cpe:2.3:a:cisco:identity_services_engine:2.4.0.357:patch4:*:*:*:*:*:*
  cpe:2.3:a:cisco:identity_services_engine:2.4.0.357:patch4:*:*:*:*:*:*
• cpe:2.3:a:cisco:identity_services_engine:2.4.0.357:patch5:*:*:*:*:*:*
  cpe:2.3:a:cisco:identity_services_engine:2.4.0.357:patch5:*:*:*:*:*:*
• cpe:2.3:a:cisco:identity_services_engine:2.4.0.357:patch6:*:*:*:*:*:*
  cpe:2.3:a:cisco:identity_services_engine:2.4.0.357:patch6:*:*:*:*:*:*
• cpe:2.3:a:cisco:identity_services_engine:2.4.0.357:patch7:*:*:*:*:*:*
  cpe:2.3:a:cisco:identity_services_engine:2.4.0.357:patch7:*:*:*:*:*:*
• cpe:2.3:a:cisco:identity_services_engine:2.4.0.357:patch8:*:*:*:*:*:*
  cpe:2.3:a:cisco:identity_services_engine:2.4.0.357:patch8:*:*:*:*:*:*
• cpe:2.3:a:cisco:identity_services_engine:2.4.0.357:patch9:*:*:*:*:*:*
  cpe:2.3:a:cisco:identity_services_engine:2.4.0.357:patch9:*:*:*:*:*:*
• cpe:2.3:a:cisco:identity_services_engine:2.4\(0.901\):*:*:*:*:*:*:*
  cpe:2.3:a:cisco:identity_services_engine:2.4\(0.901\):*:*:*:*:*:*:*
• cpe:2.3:a:cisco:identity_services_engine:2.4\(0.901.1\):*:*:*:*:*:*:*
  cpe:2.3:a:cisco:identity_services_engine:2.4\(0.901.1\):*:*:*:*:*:*:*
• cpe:2.3:a:cisco:identity_services_engine:2.4\(0.902\):*:*:*:*:*:*:*
  cpe:2.3:a:cisco:identity_services_engine:2.4\(0.902\):*:*:*:*:*:*:*
• cpe:2.3:a:cisco:identity_services_engine:2.4\(0.903\):*:*:*:*:*:*:*
  cpe:2.3:a:cisco:identity_services_engine:2.4\(0.903\):*:*:*:*:*:*:*
• cpe:2.3:a:cisco:identity_services_engine:2.4\(0.904\):*:*:*:*:*:*:*
  cpe:2.3:a:cisco:identity_services_engine:2.4\(0.904\):*:*:*:*:*:*:*
• cpe:2.3:a:cisco:identity_services_engine:002.004\(000.914\):-:*:*:*:*:*:*
  cpe:2.3:a:cisco:identity_services_engine:002.004\(000.914\):-:*:*:*:*:*:*
• cpe:2.3:a:cisco:identity_services_engine:2.4.0:patch1:*:*:*:*:*:*
  cpe:2.3:a:cisco:identity_services_engine:2.4.0:patch1:*:*:*:*:*:*
• cpe:2.3:a:cisco:identity_services_engine:2.4.0:patch10:*:*:*:*:*:*
  cpe:2.3:a:cisco:identity_services_engine:2.4.0:patch10:*:*:*:*:*:*
• cpe:2.3:a:cisco:identity_services_engine:2.4.0:patch11:*:*:*:*:*:*
  cpe:2.3:a:cisco:identity_services_engine:2.4.0:patch11:*:*:*:*:*:*
• cpe:2.3:a:cisco:identity_services_engine:2.4.0:patch12:*:*:*:*:*:*
  cpe:2.3:a:cisco:identity_services_engine:2.4.0:patch12:*:*:*:*:*:*
• cpe:2.3:a:cisco:identity_services_engine:2.4.0:patch13:*:*:*:*:*:*
  cpe:2.3:a:cisco:identity_services_engine:2.4.0:patch13:*:*:*:*:*:*
• cpe:2.3:a:cisco:identity_services_engine:2.4.0:patch14:*:*:*:*:*:*
  cpe:2.3:a:cisco:identity_services_engine:2.4.0:patch14:*:*:*:*:*:*
• cpe:2.3:a:cisco:identity_services_engine:2.4.0:patch2:*:*:*:*:*:*
  cpe:2.3:a:cisco:identity_services_engine:2.4.0:patch2:*:*:*:*:*:*
• cpe:2.3:a:cisco:identity_services_engine:2.4.0:patch3:*:*:*:*:*:*
  cpe:2.3:a:cisco:identity_services_engine:2.4.0:patch3:*:*:*:*:*:*
• cpe:2.3:a:cisco:identity_services_engine:2.4.0:patch4:*:*:*:*:*:*
  cpe:2.3:a:cisco:identity_services_engine:2.4.0:patch4:*:*:*:*:*:*
• cpe:2.3:a:cisco:identity_services_engine:2.4.0:patch5:*:*:*:*:*:*
  cpe:2.3:a:cisco:identity_services_engine:2.4.0:patch5:*:*:*:*:*:*
• cpe:2.3:a:cisco:identity_services_engine:2.4.0:patch6:*:*:*:*:*:*
  cpe:2.3:a:cisco:identity_services_engine:2.4.0:patch6:*:*:*:*:*:*
• cpe:2.3:a:cisco:identity_services_engine:2.4.0:patch7:*:*:*:*:*:*
  cpe:2.3:a:cisco:identity_services_engine:2.4.0:patch7:*:*:*:*:*:*
• cpe:2.3:a:cisco:identity_services_engine:2.4.0:patch8:*:*:*:*:*:*
  cpe:2.3:a:cisco:identity_services_engine:2.4.0:patch8:*:*:*:*:*:*
• cpe:2.3:a:cisco:identity_services_engine:2.4.0:patch9:*:*:*:*:*:*
  cpe:2.3:a:cisco:identity_services_engine:2.4.0:patch9:*:*:*:*:*:*
• cpe:2.3:a:cisco:identity_services_engine:2.4.0:patch_11:*:*:*:*:*:*
  cpe:2.3:a:cisco:identity_services_engine:2.4.0:patch_11:*:*:*:*:*:*
• cpe:2.3:a:cisco:identity_services_engine:2.4\(100.159\):*:*:*:*:*:*:*
  cpe:2.3:a:cisco:identity_services_engine:2.4\(100.159\):*:*:*:*:*:*:*
• cpe:2.3:a:cisco:identity_services_engine:2.5:*:*:*:*:*:*:*
  cpe:2.3:a:cisco:identity_services_engine:2.5:*:*:*:*:*:*:*
• cpe:2.3:a:cisco:identity_services_engine:2.5\(0.1\):*:*:*:*:*:*:*
  cpe:2.3:a:cisco:identity_services_engine:2.5\(0.1\):*:*:*:*:*:*:*
• cpe:2.3:a:cisco:identity_services_engine:2.5\(0.225\):*:*:*:*:*:*:*
  cpe:2.3:a:cisco:identity_services_engine:2.5\(0.225\):*:*:*:*:*:*:*
• cpe:2.3:a:cisco:identity_services_engine:2.5\(0.353\):*:*:*:*:*:*:*
  cpe:2.3:a:cisco:identity_services_engine:2.5\(0.353\):*:*:*:*:*:*:*
• cpe:2.3:a:cisco:identity_services_engine:2.6:*:*:*:*:*:*:*
  cpe:2.3:a:cisco:identity_services_engine:2.6:*:*:*:*:*:*:*
• cpe:2.3:a:cisco:identity_services_engine:2.6.0:-:*:*:*:*:*:*
  cpe:2.3:a:cisco:identity_services_engine:2.6.0:-:*:*:*:*:*:*
• cpe:2.3:a:cisco:identity_services_engine:2.6\(0.156\):*:*:*:*:*:*:*
  cpe:2.3:a:cisco:identity_services_engine:2.6\(0.156\):*:*:*:*:*:*:*
• cpe:2.3:a:cisco:identity_services_engine:002.006\(000.156\):-:*:*:*:*:*:*
  cpe:2.3:a:cisco:identity_services_engine:002.006\(000.156\):-:*:*:*:*:*:*
• cpe:2.3:a:cisco:identity_services_engine:2.6.0.156:patch1:*:*:*:*:*:*
  cpe:2.3:a:cisco:identity_services_engine:2.6.0.156:patch1:*:*:*:*:*:*
• cpe:2.3:a:cisco:identity_services_engine:2.6.0.156:patch2:*:*:*:*:*:*
  cpe:2.3:a:cisco:identity_services_engine:2.6.0.156:patch2:*:*:*:*:*:*
• cpe:2.3:a:cisco:identity_services_engine:2.6.0.156:patch3:*:*:*:*:*:*
  cpe:2.3:a:cisco:identity_services_engine:2.6.0.156:patch3:*:*:*:*:*:*
• cpe:2.3:a:cisco:identity_services_engine:2.6.0.156:patch5:*:*:*:*:*:*
  cpe:2.3:a:cisco:identity_services_engine:2.6.0.156:patch5:*:*:*:*:*:*
• cpe:2.3:a:cisco:identity_services_engine:2.6.0.156:patch6:*:*:*:*:*:*
  cpe:2.3:a:cisco:identity_services_engine:2.6.0.156:patch6:*:*:*:*:*:*
• cpe:2.3:a:cisco:identity_services_engine:2.6.0.156:patch7:*:*:*:*:*:*
  cpe:2.3:a:cisco:identity_services_engine:2.6.0.156:patch7:*:*:*:*:*:*
• cpe:2.3:a:cisco:identity_services_engine:2.6\(0.999\):-:*:*:*:*:*:*
  cpe:2.3:a:cisco:identity_services_engine:2.6\(0.999\):-:*:*:*:*:*:*
• cpe:2.3:a:cisco:identity_services_engine:2.6.0:patch1:*:*:*:*:*:*
  cpe:2.3:a:cisco:identity_services_engine:2.6.0:patch1:*:*:*:*:*:*
• cpe:2.3:a:cisco:identity_services_engine:2.6.0:patch10:*:*:*:*:*:*
  cpe:2.3:a:cisco:identity_services_engine:2.6.0:patch10:*:*:*:*:*:*
• cpe:2.3:a:cisco:identity_services_engine:2.6.0:patch11:*:*:*:*:*:*
  cpe:2.3:a:cisco:identity_services_engine:2.6.0:patch11:*:*:*:*:*:*
• cpe:2.3:a:cisco:identity_services_engine:2.6.0:patch12:*:*:*:*:*:*
  cpe:2.3:a:cisco:identity_services_engine:2.6.0:patch12:*:*:*:*:*:*
• cpe:2.3:a:cisco:identity_services_engine:2.6.0:patch2:*:*:*:*:*:*
  cpe:2.3:a:cisco:identity_services_engine:2.6.0:patch2:*:*:*:*:*:*
• cpe:2.3:a:cisco:identity_services_engine:2.6.0:patch3:*:*:*:*:*:*
  cpe:2.3:a:cisco:identity_services_engine:2.6.0:patch3:*:*:*:*:*:*
• cpe:2.3:a:cisco:identity_services_engine:2.6.0:patch4:*:*:*:*:*:*
  cpe:2.3:a:cisco:identity_services_engine:2.6.0:patch4:*:*:*:*:*:*
• cpe:2.3:a:cisco:identity_services_engine:2.6.0:patch5:*:*:*:*:*:*
  cpe:2.3:a:cisco:identity_services_engine:2.6.0:patch5:*:*:*:*:*:*
• cpe:2.3:a:cisco:identity_services_engine:2.6.0:patch6:*:*:*:*:*:*
  cpe:2.3:a:cisco:identity_services_engine:2.6.0:patch6:*:*:*:*:*:*
• cpe:2.3:a:cisco:identity_services_engine:2.6.0:patch7:*:*:*:*:*:*
  cpe:2.3:a:cisco:identity_services_engine:2.6.0:patch7:*:*:*:*:*:*
• cpe:2.3:a:cisco:identity_services_engine:2.6.0:patch8:*:*:*:*:*:*
  cpe:2.3:a:cisco:identity_services_engine:2.6.0:patch8:*:*:*:*:*:*
• cpe:2.3:a:cisco:identity_services_engine:2.6.0:patch9:*:*:*:*:*:*
  cpe:2.3:a:cisco:identity_services_engine:2.6.0:patch9:*:*:*:*:*:*
• cpe:2.3:a:cisco:identity_services_engine:2.7:*:*:*:*:*:*:*
  cpe:2.3:a:cisco:identity_services_engine:2.7:*:*:*:*:*:*:*
• cpe:2.3:a:cisco:identity_services_engine:3.0.0:-:*:*:*:*:*:*
  cpe:2.3:a:cisco:identity_services_engine:3.0.0:-:*:*:*:*:*:*
• cpe:2.3:a:cisco:identity_services_engine:3.0.0:patch1:*:*:*:*:*:*
  cpe:2.3:a:cisco:identity_services_engine:3.0.0:patch1:*:*:*:*:*:*
• cpe:2.3:a:cisco:identity_services_engine:3.0.0:patch2:*:*:*:*:*:*
  cpe:2.3:a:cisco:identity_services_engine:3.0.0:patch2:*:*:*:*:*:*
• cpe:2.3:a:cisco:identity_services_engine:3.0.0:patch3:*:*:*:*:*:*
  cpe:2.3:a:cisco:identity_services_engine:3.0.0:patch3:*:*:*:*:*:*
• cpe:2.3:a:cisco:identity_services_engine:3.0.0:patch4:*:*:*:*:*:*
  cpe:2.3:a:cisco:identity_services_engine:3.0.0:patch4:*:*:*:*:*:*
• cpe:2.3:a:cisco:identity_services_engine:3.0.0:patch5:*:*:*:*:*:*
  cpe:2.3:a:cisco:identity_services_engine:3.0.0:patch5:*:*:*:*:*:*
• cpe:2.3:a:cisco:identity_services_engine:3.0.0:patch6:*:*:*:*:*:*
  cpe:2.3:a:cisco:identity_services_engine:3.0.0:patch6:*:*:*:*:*:*
• cpe:2.3:a:cisco:identity_services_engine:3.0.0:patch7:*:*:*:*:*:*
  cpe:2.3:a:cisco:identity_services_engine:3.0.0:patch7:*:*:*:*:*:*
• cpe:2.3:a:cisco:identity_services_engine:3.1:-:*:*:*:*:*:*
  cpe:2.3:a:cisco:identity_services_engine:3.1:-:*:*:*:*:*:*
• cpe:2.3:a:cisco:identity_services_engine:3.1:patch1:*:*:*:*:*:*
  cpe:2.3:a:cisco:identity_services_engine:3.1:patch1:*:*:*:*:*:*
• cpe:2.3:a:cisco:identity_services_engine:3.1:patch3:*:*:*:*:*:*
  cpe:2.3:a:cisco:identity_services_engine:3.1:patch3:*:*:*:*:*:*
• cpe:2.3:a:cisco:identity_services_engine:3.1:patch4:*:*:*:*:*:*
  cpe:2.3:a:cisco:identity_services_engine:3.1:patch4:*:*:*:*:*:*
• cpe:2.3:a:cisco:identity_services_engine:3.1:patch5:*:*:*:*:*:*
  cpe:2.3:a:cisco:identity_services_engine:3.1:patch5:*:*:*:*:*:*
• cpe:2.3:a:cisco:identity_services_engine:3.1:patch6:*:*:*:*:*:*
  cpe:2.3:a:cisco:identity_services_engine:3.1:patch6:*:*:*:*:*:*
• cpe:2.3:a:cisco:identity_services_engine:3.1:patch7:*:*:*:*:*:*
  cpe:2.3:a:cisco:identity_services_engine:3.1:patch7:*:*:*:*:*:*
• cpe:2.3:a:cisco:identity_services_engine:3.2:-:*:*:*:*:*:*
  cpe:2.3:a:cisco:identity_services_engine:3.2:-:*:*:*:*:*:*
• cpe:2.3:a:cisco:identity_services_engine:3.2:patch1:*:*:*:*:*:*
  cpe:2.3:a:cisco:identity_services_engine:3.2:patch1:*:*:*:*:*:*
• cpe:2.3:a:cisco:identity_services_engine:3.2:patch2:*:*:*:*:*:*
  cpe:2.3:a:cisco:identity_services_engine:3.2:patch2:*:*:*:*:*:*

Other 5 Recently Published CVEs Vulnerabilities

• CVE-2025-3799 – A vulnerability, which was classified as critical, was found in WCMS 11. Affected is an unknown function of the file app/controllers/AnonymousContr...
• CVE-2025-3798 – A vulnerability, which was classified as critical, has been found in WCMS 11. This issue affects the function sub of the file app/admin/AdvadminCon...
• CVE-2025-3661 – The SB Chart block plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘className’ parameter in all versions up to, and inclu...
• CVE-2025-3404 – The Download Manager plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the savePackage func...
• CVE-2021-4455 – The Wordpress Plugin Smart Product Review plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in all v...