CVE-2024-20417

Name of the Vulnerable Software and Affected Versions Cisco Identity Services Engine (ISE) (affected versions not specified)

Description The issue is related to insufficient validation of user-supplied input in REST API calls, allowing an authenticated, remote attacker to conduct blind SQL injection attacks. This could enable the attacker to view or modify data on the affected device. The vulnerabilities are due to a lack of protection against SQL query structure exploitation.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.