PT-2016-3705 · Cisco · Cisco Identity Services Engine

Publicado

2016-01-23

Atualizado

2016-12-07

CVE-2015-6317

CVSS v2.0

6.8

Média

Vetor

AV:N/AC:L/Au:S/C:N/I:C/A:N

Name of the Vulnerable Software and Affected Versions Cisco Identity Services Engine (ISE) versions prior to 2.0

Description The issue allows remote authenticated users to bypass intended web-resource access restrictions via a direct request.

Recommendations For versions prior to 2.0, update to version 2.0 or later to resolve the issue.

Correção

Improper Access Control

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

CVE-2015-6317

Cisco Identity Services Engine