CVE-2022-20956
A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to bypass authorization and access system files. This vulnerability is due to improper access control in the web-based management interface of an affected device. An attacker could exploit this vulnerability by sending a crafted HTTP request to the affected device. A successful exploit could allow the attacker to list, download, and delete certain files that they should not have access to. Cisco plans to release software updates that address this vulnerability. https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-access-contol-EeufSUCx ["https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-access-contol-EeufSUCx"]
EPSS 0.27% · 51.0th percentile
Risk Scores
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| cisco | identity_services_engine | 3.2, 3.1, 3.1 |
| Cisco | Cisco Identity Services Engine Software | 3.1.0 p1, 3.1.0 p3, 3.2.0 |
Exploit Intelligence
Timeline
- Nov 3, 2022 CVE Published
- Nov 5, 2022 EPSS Score
- Dec 18, 2022 EPSS Score
- Jan 30, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
- Mar 15, 2023 EPSS Score
- Apr 27, 2023 EPSS Score
- Jun 9, 2023 EPSS Score
- Jul 22, 2023 EPSS Score
- Sep 3, 2023 EPSS Score
- Oct 16, 2023 EPSS Score
- Nov 29, 2023 EPSS Score
References
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-csrf-vgNtTpAs advisory
- cisco-sa-ise-access-contol-EeufSUCx url
- https://nvd.nist.gov/vuln/detail/CVE-2022-20956 advisory
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-access-contol-EeufSUCx url
- https://yoroi.company/en/research/cve-advisory-full-disclosure-cisco-ise-broken-access-control url