Vulnerability Bulletins

Cisco Identity Services Engine Server-Side Request Forgery Vulnerability

System information

Affected software Cisco


A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to conduct a server-side request forgery (SSRF) attack through an affected device. This vulnerability is due to improper input validation for specific HTTP requests. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected device. A successful exploit could allow the attacker to send arbitrary network requests that are

More info:

Standar resources

Property Value
CVE CVE-2024-20332.

Version history

Version Comments Date
Ministerio de Defensa