CVE-2023-20167

Name of the Vulnerable Software and Affected Versions Cisco Identity Services Engine (ISE) (affected versions not specified)

Description The issue is related to deficiencies in directory path checking, allowing an attacker to perform path traversal attacks on the underlying operating system. This could enable an attacker to either elevate privileges to root or read arbitrary files. To exploit this, an attacker must have valid Administrator credentials on the affected device.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.