CVE-2023-20272

Name of the Vulnerable Software and Affected Versions Cisco Identity Services Engine (affected versions not specified)

Description The issue is related to insufficient file input validation in the web-based management interface, allowing an authenticated, remote attacker to upload malicious files to the web root of the application. This could enable the attacker to replace files and gain access to sensitive server-side information. The vulnerability can be exploited by uploading a malicious file to the web interface.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.