CVE-2018-0275

Name of the Vulnerable Software and Affected Versions: Cisco Identity Services Engine (ISE) versions prior to 2.2.0.470

Description: A vulnerability in the support tunnel feature could allow an authenticated, local attacker to access the device's shell due to improper configuration. An attacker could exploit this by tricking the device into unlocking the support user account, accessing the tunnel password and device serial number, and then running any system command with root access.

Recommendations: For versions prior to 2.2.0.470, update to version 2.2.0.470 or later to resolve the issue. As a temporary workaround, consider restricting access to the support tunnel feature until a patch is applied.