Vulnerability Details CVE-2024-20476
A vulnerability in the web-based management interface of Cisco ISE could allow an authenticated, remote attacker to bypass the authorization mechanisms for specific file management functions.
This vulnerability is due to lack of server-side validation of Administrator permissions. An attacker could exploit this vulnerability by submitting a crafted HTTP request to an affected system. A successful exploit could allow the attacker to upload files to a location that should be restricted. To exploit this vulnerability, an attacker would need valid Read-Only Administrator credentials.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 5.5%
CVSS Severity
CVSS v3 Score 4.3
Products affected by CVE-2024-20476
-
cpe:2.3:a:cisco:identity_services_engine:-
-
cpe:2.3:a:cisco:identity_services_engine:002.002(000.916)
-
cpe:2.3:a:cisco:identity_services_engine:002.003(000.906)
-
cpe:2.3:a:cisco:identity_services_engine:002.004(000.911)
-
cpe:2.3:a:cisco:identity_services_engine:002.004(000.914)
-
cpe:2.3:a:cisco:identity_services_engine:002.006(000.156)
-
cpe:2.3:a:cisco:identity_services_engine:002.006(000.902)
-
cpe:2.3:a:cisco:identity_services_engine:002.007(000.356)
-
cpe:2.3:a:cisco:identity_services_engine:003.000(000.458)
-
cpe:2.3:a:cisco:identity_services_engine:1.0
-
cpe:2.3:a:cisco:identity_services_engine:1.0.4
-
cpe:2.3:a:cisco:identity_services_engine:1.1
-
cpe:2.3:a:cisco:identity_services_engine:1.1.1
-
cpe:2.3:a:cisco:identity_services_engine:1.1.2
-
cpe:2.3:a:cisco:identity_services_engine:1.1.3
-
cpe:2.3:a:cisco:identity_services_engine:1.1.4
-
cpe:2.3:a:cisco:identity_services_engine:1.2
-
cpe:2.3:a:cisco:identity_services_engine:1.2(1.199)
-
cpe:2.3:a:cisco:identity_services_engine:1.2.1
-
cpe:2.3:a:cisco:identity_services_engine:1.3
-
cpe:2.3:a:cisco:identity_services_engine:1.3(0.722)
-
cpe:2.3:a:cisco:identity_services_engine:1.3(0.876)
-
cpe:2.3:a:cisco:identity_services_engine:1.3(0.909)
-
cpe:2.3:a:cisco:identity_services_engine:1.3(106.146)
-
cpe:2.3:a:cisco:identity_services_engine:1.3(120.135)
-
cpe:2.3:a:cisco:identity_services_engine:1.4
-
cpe:2.3:a:cisco:identity_services_engine:1.4(0.109)
-
cpe:2.3:a:cisco:identity_services_engine:1.4(0.181)
-
cpe:2.3:a:cisco:identity_services_engine:1.4(0.253)
-
cpe:2.3:a:cisco:identity_services_engine:1.4(0.908)
-
cpe:2.3:a:cisco:identity_services_engine:2.0
-
cpe:2.3:a:cisco:identity_services_engine:2.0(0.147)
-
cpe:2.3:a:cisco:identity_services_engine:2.0(0.169)
-
cpe:2.3:a:cisco:identity_services_engine:2.0(0.222)
-
cpe:2.3:a:cisco:identity_services_engine:2.0(0.234)
-
cpe:2.3:a:cisco:identity_services_engine:2.0(0.249)
-
cpe:2.3:a:cisco:identity_services_engine:2.0(0.306)
-
cpe:2.3:a:cisco:identity_services_engine:2.0(1.130)
-
cpe:2.3:a:cisco:identity_services_engine:2.0.1
-
cpe:2.3:a:cisco:identity_services_engine:2.1
-
cpe:2.3:a:cisco:identity_services_engine:2.1(0.474)
-
cpe:2.3:a:cisco:identity_services_engine:2.1(0.476)
-
cpe:2.3:a:cisco:identity_services_engine:2.1(0.800)
-
cpe:2.3:a:cisco:identity_services_engine:2.1(0.904)
-
cpe:2.3:a:cisco:identity_services_engine:2.1(0.907)
-
cpe:2.3:a:cisco:identity_services_engine:2.1(102.101)
-
cpe:2.3:a:cisco:identity_services_engine:2.1(102.103)
-
cpe:2.3:a:cisco:identity_services_engine:2.1.0
-
cpe:2.3:a:cisco:identity_services_engine:2.1_base
-
cpe:2.3:a:cisco:identity_services_engine:2.2
-
cpe:2.3:a:cisco:identity_services_engine:2.2(0.283)
-
cpe:2.3:a:cisco:identity_services_engine:2.2(0.470)
-
cpe:2.3:a:cisco:identity_services_engine:2.2(0.471)
-
cpe:2.3:a:cisco:identity_services_engine:2.2(0.903)
-
cpe:2.3:a:cisco:identity_services_engine:2.2(0.909)
-
cpe:2.3:a:cisco:identity_services_engine:2.2(0.910)
-
cpe:2.3:a:cisco:identity_services_engine:2.2(1.145)
-
cpe:2.3:a:cisco:identity_services_engine:2.2.0
-
cpe:2.3:a:cisco:identity_services_engine:2.2.0.470
-
cpe:2.3:a:cisco:identity_services_engine:2.3
-
cpe:2.3:a:cisco:identity_services_engine:2.3(0.151)
-
cpe:2.3:a:cisco:identity_services_engine:2.3(0.298)
-
cpe:2.3:a:cisco:identity_services_engine:2.3(0.904)
-
cpe:2.3:a:cisco:identity_services_engine:2.3(0.905)
-
cpe:2.3:a:cisco:identity_services_engine:2.3.0
-
cpe:2.3:a:cisco:identity_services_engine:2.3.0.298
-
cpe:2.3:a:cisco:identity_services_engine:2.4
-
cpe:2.3:a:cisco:identity_services_engine:2.4(0.192)
-
cpe:2.3:a:cisco:identity_services_engine:2.4(0.247)
-
cpe:2.3:a:cisco:identity_services_engine:2.4(0.357)
-
cpe:2.3:a:cisco:identity_services_engine:2.4(0.901)
-
cpe:2.3:a:cisco:identity_services_engine:2.4(0.901.1)
-
cpe:2.3:a:cisco:identity_services_engine:2.4(0.902)
-
cpe:2.3:a:cisco:identity_services_engine:2.4(0.903)
-
cpe:2.3:a:cisco:identity_services_engine:2.4(0.904)
-
cpe:2.3:a:cisco:identity_services_engine:2.4(100.159)
-
cpe:2.3:a:cisco:identity_services_engine:2.4.0
-
cpe:2.3:a:cisco:identity_services_engine:2.4.0.357
-
cpe:2.3:a:cisco:identity_services_engine:2.5
-
cpe:2.3:a:cisco:identity_services_engine:2.5(0.1)
-
cpe:2.3:a:cisco:identity_services_engine:2.5(0.225)
-
cpe:2.3:a:cisco:identity_services_engine:2.5(0.353)
-
cpe:2.3:a:cisco:identity_services_engine:2.6
-
cpe:2.3:a:cisco:identity_services_engine:2.6(0.156)
-
cpe:2.3:a:cisco:identity_services_engine:2.6(0.999)
-
cpe:2.3:a:cisco:identity_services_engine:2.6.0
-
cpe:2.3:a:cisco:identity_services_engine:2.6.0.156
-
cpe:2.3:a:cisco:identity_services_engine:2.7
-
cpe:2.3:a:cisco:identity_services_engine:2.7(0.207)
-
cpe:2.3:a:cisco:identity_services_engine:2.7(0.356)
-
cpe:2.3:a:cisco:identity_services_engine:2.7(0.903)
-
cpe:2.3:a:cisco:identity_services_engine:2.7.0
-
cpe:2.3:a:cisco:identity_services_engine:2.7.0.356
-
cpe:2.3:a:cisco:identity_services_engine:3.0(0.458)
-
cpe:2.3:a:cisco:identity_services_engine:3.0.0
-
cpe:2.3:a:cisco:identity_services_engine:3.1.0
-
cpe:2.3:a:cisco:identity_services_engine:3.2.0
-
cpe:2.3:a:cisco:identity_services_engine:3.3.0