Miembros de
Boletines de Vulnerabilidades |
Cisco Identity Services Engine Guest Portal Unauthorized Access Vulnerability |
|
Información sobre el sistema |
|
| Software afectado | Cisco |
Descripción |
|
|
A vulnerability in the Cisco Identity Services Engine (ISE) guest portal could allow an unauthenticated, remote attacker to view a customized page on the guest portal.The vulnerability is due to lack of access control for the uploaded HTML files. An attacker could exploit this vulnerability by crafting an HTTP request that points to the filename of the customized page.Cisco has confirmed the vulnerability; however, software updates are not available.To exploit this vulnerability, the attacker More info: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/Cisco-SA-20150827-CVE-2015-6266?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20Identity%20Services%20Engine%20Guest%20Portal%20Unauthorized |
|
Identificadores estándar |
|
| Propiedad | Valor |
| CVE | |
Histórico de versiones |
||
| Versión | Comentario | Fecha |
| 1.0 | Advisory issued | 2015-10-07 |