CVE-2018-0213

Name of the Vulnerable Software and Affected Versions: Cisco Identity Services Engine (ISE) (affected versions not specified)

Description: A issue in the credential reset functionality could allow an authenticated, remote attacker to gain elevated privileges due to a lack of proper input validation. The attacker must have valid user credentials to exploit this. By sending a crafted HTTP request after authenticating to the device, a successful exploit could allow the attacker to access restricted functionality.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this issue.