CVE-2021-34738 — Vulnetix

CVE-2021-34738 PUBLISHED CVSS 6.099999904632568 MEDIUM

Multiple vulnerabilities in the web-based management interface of Cisco Identity Services Engine (ISE) Software could allow an attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. For more information about these vulnerabilities, see the Details section of this advisory.

EPSS 0.32% · 55.1th percentile

Risk Scores

CVSS 3.1

6.099999904632568

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

EPSS Score

0.32%

55.1th percentile

Affected Products

Vendor	Product	Versions
Cisco	Cisco Identity Services Engine Software	*
cisco	identity_services_engine	0, 2.6.0, 2.6.0

Exploit Intelligence

20211020 Cisco Identity Services Engine Cross-Site Scripting Vulnerabilities (circl)

Timeline

Oct 21, 2021 EPSS Score
Oct 21, 2021 CVE Published
Dec 16, 2021 EPSS Score
Jan 6, 2022 EPSS Score
Feb 4, 2022 EPSS Score
Apr 1, 2022 EPSS Score
Apr 8, 2022 EPSS Score
Jun 3, 2022 EPSS Score
Jul 30, 2022 EPSS Score
Sep 24, 2022 EPSS Score
Nov 20, 2022 EPSS Score
Jan 15, 2023 EPSS Score

References

20211020 Cisco Identity Services Engine Cross-Site Scripting Vulnerabilities vendor-advisory
https://nvd.nist.gov/vuln/detail/CVE-2021-34738 advisory

Open in Interactive Console →