Cisco · Cisco Identity Services Engine · CVE-2012-3908
**Name of the Vulnerable Software and Affected Versions**
Cisco Identity Services Engine (ISE) versions prior to 1.1.0.665 Cumulative Patch 1
**Description**
The issue affects the ISE Administrator user interface, also known as the Apache Tomcat interface, on Cisco Identity Services Engine (ISE) 3300 series appliances. It involves multiple cross-site request forgery (CSRF) vulnerabilities that allow remote attackers to hijack the authentication of administrators.
**Recommendations**
For versions prior to 1.1.0.665 Cumulative Patch 1, apply Cumulative Patch 1 to resolve the issue.