PT-2011-4372 · Cisco+1 · Cisco Identity Services Engine+1

Published

2011-09-21

Updated

2017-08-29

CVE-2011-3290

CVSS v2.0

High

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Cisco Identity Services Engine (ISE) versions prior to 1.0.4.MR2

Description The issue allows remote attackers to modify settings or perform other administrative actions due to default Oracle database credentials.

Recommendations For versions prior to 1.0.4.MR2, update to version 1.0.4.MR2 or later to resolve the issue.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-255

Related Identifiers

CVE-2011-3290

Affected Products

Cisco Identity Services Engine

Oracle Database

PT-2011-4372 · Cisco+1 · Cisco Identity Services Engine+1

CVE-2011-3290

Weakness Enumeration

Related Identifiers

Affected Products

References · 6