Jan Kadijk

**Name of the Vulnerable Software and Affected Versions** Xangati XSR versions prior to 11 Xangati XNR versions prior to 7 **Description** The issue allows remote attackers to read arbitrary files via a .. (dot dot) in various parameters. This can be achieved through several API endpoints, including: "getUpgradeStatus" action to "servlet/MGConfigData" using the `file` parameter, "download" action to "servlet/MGConfigData" using the `download` parameter, "port svc" action to "servlet/MGConfigData" using the `download` parameter, "getfile" action to "servlet/Installer" using the `file` parameter, and "servlet/MGConfigData" using the `binfile` parameter. **Recommendations** For Xangati XSR versions prior to 11, update to version 11 or later. For Xangati XNR versions prior to 7, update to version 7 or later. As a temporary workaround, consider restricting access to the affected servlets and parameters until a patch is available.

**Name of the Vulnerable Software and Affected Versions** Xangati XSR versions prior to 11 Xangati XNR versions prior to 7 **Description** The issue allows remote attackers to execute arbitrary commands. This is achieved by using shell metacharacters in a `gui input test.pl` `params` parameter to the "servlet/Installer" endpoint. **Recommendations** For Xangati XSR versions prior to 11, update to version 11 or later. For Xangati XNR versions prior to 7, update to version 7 or later.

**Name of the Vulnerable Software and Affected Versions** Cisco Identity Services Engine (ISE) versions 1.0 through 1.1.0 before 1.1.0.665-5 Cisco Identity Services Engine (ISE) version 1.1.1 before 1.1.1.268-7 Cisco Identity Services Engine (ISE) version 1.1.2 before 1.1.2.145-10 Cisco Identity Services Engine (ISE) version 1.1.3 before 1.1.3.124-7 Cisco Identity Services Engine (ISE) version 1.1.4 before 1.1.4.218-7 Cisco Identity Services Engine (ISE) version 1.2 before 1.2.0.899-2 **Description** The web framework in Cisco Identity Services Engine (ISE) allows remote authenticated users to execute arbitrary commands via a crafted session on TCP port 443. **Recommendations** For version 1.0, update to a version after 1.1.0.665-5. For version 1.1.0, update to 1.1.0.665-5 or later. For version 1.1.1, update to 1.1.1.268-7 or later. For version 1.1.2, update to 1.1.2.145-10 or later. For version 1.1.3, update to 1.1.3.124-7 or later. For version 1.1.4, update to 1.1.4.218-7 or later. For version 1.2, update to 1.2.0.899-2 or later.