CVE-2024-20515

Published Oct 2, 2024

Last updated a month ago

CVSS medium 6.5

Overview

Description: A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to obtain sensitive information from an affected device. This vulnerability is due to a lack of proper data protection mechanisms for certain configuration settings. An attacker with Read-Only Administrator privileges could exploit this vulnerability by browsing to a page that contains sensitive data. A successful exploit could allow the attacker to view device credentials that are normally not visible to Read-Only Administrators.
Source: ykramarz@cisco.com
NVD status: Analyzed

Risk scores

CVSS 3.1

Type: Primary
Base score: 6.5
Impact score: 3.6
Exploitability score: 2.8
Vector string: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Severity: MEDIUM

Weaknesses

nvd@nist.gov: CWE-311
ykramarz@cisco.com: CWE-311

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:cisco:identity_services_engine:2.7.0:p8:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "77FB0B23-93CC-406D-A5A1-2D64B70DD2A0"
          },
          {
            "criteria": "cpe:2.3:a:cisco:identity_services_engine:3.0.0:-:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A1063044-BCD7-487F-9880-141C30547E36"
          },
          {
            "criteria": "cpe:2.3:a:cisco:identity_services_engine:3.0.0:p1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "919F03E1-3C26-4AD5-A4D4-0A9FC12F2DA4"
          },
          {
            "criteria": "cpe:2.3:a:cisco:identity_services_engine:3.0.0:p2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "AFF28D10-F46D-4A72-9CD7-E90C72AC5163"
          },
          {
            "criteria": "cpe:2.3:a:cisco:identity_services_engine:3.0.0:p3:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9B66744D-B23C-496F-AD88-BC108D529B7E"
          },
          {
            "criteria": "cpe:2.3:a:cisco:identity_services_engine:3.0.0:p4:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BFDA4C27-F756-412E-A656-C4BAD2593BC0"
          },
          {
            "criteria": "cpe:2.3:a:cisco:identity_services_engine:3.0.0:p5:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5BF45B59-85A3-436D-AB64-D4196B993491"
          },
          {
            "criteria": "cpe:2.3:a:cisco:identity_services_engine:3.0.0:p6:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "22ECD75E-AA16-4E42-8B3F-1DE8876ED7C1"
          },
          {
            "criteria": "cpe:2.3:a:cisco:identity_services_engine:3.0.0:p7:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EF68E608-E310-4834-97CD-E241539B83D8"
          },
          {
            "criteria": "cpe:2.3:a:cisco:identity_services_engine:3.0.0:p8:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A703F19F-DA6F-451D-BB96-BF3AAABA294C"
          },
          {
            "criteria": "cpe:2.3:a:cisco:identity_services_engine:3.1.0:-:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7A789B44-7E6C-4FE9-BD40-702A871AB8AC"
          },
          {
            "criteria": "cpe:2.3:a:cisco:identity_services_engine:3.1.0:p1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "AD40F3C5-2ABE-4CF0-84A1-D3FC8A23EC15"
          },
          {
            "criteria": "cpe:2.3:a:cisco:identity_services_engine:3.1.0:p2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4B5E1B4B-E80D-4D0B-85A9-4DB451D6905D"
          },
          {
            "criteria": "cpe:2.3:a:cisco:identity_services_engine:3.1.0:p3:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "09214999-25AE-4DFF-86E3-111103A67796"
          },
          {
            "criteria": "cpe:2.3:a:cisco:identity_services_engine:3.1.0:p4:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9410E94D-BE64-49E7-9F0E-E0526EAE579D"
          },
          {
            "criteria": "cpe:2.3:a:cisco:identity_services_engine:3.1.0:p5:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F0DE77E8-223F-4391-ADDC-D0D612FAF606"
          },
          {
            "criteria": "cpe:2.3:a:cisco:identity_services_engine:3.1.0:p6:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6E039CEA-687E-42FB-B121-10C33C8A5065"
          },
          {
            "criteria": "cpe:2.3:a:cisco:identity_services_engine:3.1.0:p7:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DABCC131-0E81-4D99-8D93-3BEE4C03F62F"
          },
          {
            "criteria": "cpe:2.3:a:cisco:identity_services_engine:3.1.0:p8:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "43478D6C-C818-4CB0-9530-4CE255162B16"
          },
          {
            "criteria": "cpe:2.3:a:cisco:identity_services_engine:3.2.0:-:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7932D5D5-83E1-4BEF-845A-D0783D4BB750"
          },
          {
            "criteria": "cpe:2.3:a:cisco:identity_services_engine:3.2.0:p1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6B067F31-F079-44B7-A5ED-AEE1F7AEC557"
          },
          {
            "criteria": "cpe:2.3:a:cisco:identity_services_engine:3.2.0:p2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CC88D7D8-E3E5-44A4-97FB-48205B9321E9"
          },
          {
            "criteria": "cpe:2.3:a:cisco:identity_services_engine:3.2.0:p3:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1BCAC7DA-7A02-47BC-BF10-8D1155509859"
          },
          {
            "criteria": "cpe:2.3:a:cisco:identity_services_engine:3.2.0:p4:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CD4AC674-4CD2-4811-A5B3-AC2315D5F87F"
          },
          {
            "criteria": "cpe:2.3:a:cisco:identity_services_engine:3.2.0:p5:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9E8B8992-B62E-4B32-B5E4-C6052F0B2903"
          },
          {
            "criteria": "cpe:2.3:a:cisco:identity_services_engine:3.2.0:p6:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "614EE402-01B5-4A46-BDBF-06F7E1BAC91E"
          },
          {
            "criteria": "cpe:2.3:a:cisco:identity_services_engine:3.3.0:-:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F1B9C2C1-59A4-49A0-9B74-83CCB063E55D"
          },
          {
            "criteria": "cpe:2.3:a:cisco:identity_services_engine:3.3.0:p1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "16F1D103-C12C-4D18-92FD-6D47114D8A80"
          },
          {
            "criteria": "cpe:2.3:a:cisco:identity_services_engine:3.3.0:p2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F9479A46-5B98-4AF5-A6B7-9A46D1DFD043"
          },
          {
            "criteria": "cpe:2.3:a:cisco:identity_services_engine:3.3.0:p3:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9D05EF91-229E-4C2F-9669-1D1EF756386E"
          },
          {
            "criteria": "cpe:2.3:a:cisco:identity_services_engine:3.4.0:-:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D23905E0-E525-49B1-8E5F-4EB42D186768"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 3.1

Weaknesses

Social media

Configurations

References