CVE-2022-20819

Name of the Vulnerable Software and Affected Versions Cisco Identity Services Engine (ISE) (affected versions not specified)

Description A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to obtain sensitive information from an affected device. This issue exists due to improper enforcement of administrative privilege levels for sensitive data. An attacker with read-only privileges for the web-based management interface could exploit this by browsing to a page containing sensitive data, potentially allowing them to collect sensitive system configuration information.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.