Sebastian Radulea

**Name of the Vulnerable Software and Affected Versions** Cisco ISE (affected versions not specified) **Description** A vulnerability in the web-based management interface of Cisco ISE could allow an authenticated, remote attacker to modify parts of the configuration on an affected device. This issue is due to the lack of server-side validation of Administrator permissions. An attacker could exploit this by submitting a crafted HTTP request to an affected system, potentially allowing modification of descriptions of files on a specific page. To exploit this, an attacker would need valid read-only Administrator credentials. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Cisco Identity Services Engine (affected versions not specified) **Description** A vulnerability in an API of Cisco ISE could allow an authenticated, remote attacker to execute arbitrary commands as the root user on an affected device. This issue is due to insecure deserialization of user-supplied Java byte streams by the affected software. An attacker could exploit this vulnerability by sending a crafted serialized Java object to an affected API. A successful exploit could allow the attacker to execute arbitrary commands on the device and elevate privileges. Note that to successfully exploit this vulnerability, the attacker must have valid read-only administrative credentials. It is estimated that over 45,000 organizations worldwide may be affected. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Cisco ISE versions (affected versions not specified) **Description** A lack of authorization in a specific API and improper validation of user-supplied data could allow an authenticated, remote attacker with valid read-only credentials to obtain sensitive information, change node configurations, and restart the node. The attacker could exploit this issue by sending a crafted HTTP request to a specific API on the device. A successful exploit could allow the attacker to obtain information, modify system configuration, and reload the device. This issue could be exploited by an attacker with valid read-only administrative credentials. It is estimated that over 45,000 organizations worldwide could be affected. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Cisco ISE (affected versions not specified) **Description** A vulnerability in the web-based management interface of Cisco ISE could allow an authenticated, remote attacker to bypass the authorization mechanisms for specific file management functions. This is due to a lack of server-side validation of Administrator permissions. An attacker could exploit this vulnerability by submitting a crafted HTTP request to an affected system, potentially allowing them to upload files to restricted locations. The attacker would need valid Read-Only Administrator credentials to exploit this vulnerability. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Cisco ISE (affected versions not specified) **Description** A vulnerability in the web-based management interface of Cisco ISE could allow an authenticated, remote attacker to conduct a stored XSS attack against a user of the interface. This issue is due to insufficient validation of user-supplied input by the web-based management interface of an affected system. An attacker could exploit this vulnerability by injecting malicious code into specific pages of the interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. To exploit this vulnerability, the attacker must have at least a low-privileged account on an affected device. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Unica (affected versions not specified) **Description** The Unica application exposes an API which accepts arbitrary XML input. By manipulating the given XML, an authenticated attacker with certain rights can successfully perform XML External Entity attacks (XXE) against the backend service. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.