CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2023-20172

Multiple vulnerabilities in Cisco Identity Services Engine (ISE) could allow an authenticated attacker to delete or read arbitrary files on the underlying operating system. To exploit these vulnerabilities, an attacker must have valid credentials on an affected device. For more information about these vulnerabilities, see the Details section of this advisory.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 31.1%

CVSS Severity

CVSS v3 Score 5.4

References

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-file-delete-read-PK5ghDDd
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-file-delete-read-PK5ghDDd

Products affected by CVE-2023-20172

Cisco » Identity Services Engine » Version: 3.1

cpe:2.3:a:cisco:identity_services_engine:3.1
Cisco » Identity Services Engine » Version: 3.2

cpe:2.3:a:cisco:identity_services_engine:3.2

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-20172

Products

Pricing

Contact Us