CVE-2017-6733

Name of the Vulnerable Software and Affected Versions Cisco Identity Services Engine (ISE) versions 2.1(102.101) through 2.3(0.151)

Description A stored cross-site scripting (XSS) attack could be conducted by an unauthenticated, remote attacker against a user of the web interface of an affected system, due to a vulnerability in the web-based application interface of the Cisco Identity Services Engine (ISE) portal.

Recommendations For versions 2.1(102.101) through 2.3(0.151), update to a fixed version to resolve the issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.