CVE-2015-6317
high-risk
Published 2016-01-23
Cisco Identity Services Engine (ISE) before 2.0 allows remote authenticated users to bypass intended web-resource access restrictions via a direct request, aka Bug ID CSCuu45926.
Do I need to act?
-
0.14% chance of exploitation
EPSS score — low exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
6
CVSS 6.5/10
Medium
NETWORK
/ LOW complexity
Affected Products (20)
Identity Services Engine Software
Identity Services Engine Software
Identity Services Engine Software
Identity Services Engine Software
Identity Services Engine Software
Identity Services Engine Software
Identity Services Engine Software
Identity Services Engine Software
Identity Services Engine Software
Identity Services Engine Software
Identity Services Engine Software
Identity Services Engine Software
Identity Services Engine Software
Identity Services Engine Software
Identity Services Engine Software
Identity Services Engine Software
Identity Services Engine Software
Identity Services Engine Software
Identity Services Engine Software
Identity Services Engine Software
Affected Vendors
50
/ 100
high-risk
Severity
24/34 · High
Exploitability
1/34 · Minimal
Exposure
25/34 · High