CVSS: 10.0EPSS: 2%CPEs: 50EXPL: 0CVE-2015-6323
https://notcve.org/view.php?id=CVE-2015-6323
15 Jan 2016 — The Admin portal in Cisco Identity Services Engine (ISE) 1.1.x, 1.2.0 before patch 17, 1.2.1 before patch 8, 1.3 before patch 5, and 1.4 before patch 4 allows remote attackers to obtain administrative access via unspecified vectors, aka Bug ID CSCuw34253. El portal Admin en Cisco Identity Services Engine (ISE) 1.1.x, 1.2.0 en versiones anteriores a patch 17, 1.2.1 en versiones anteriores al patch 8, 1.3 en versiones anteriores al patch 5 y 1.4 en versiones anteriores al patch 4 permite a atacantes remotos o... • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160113-ise •
CVSS: 5.3EPSS: 0%CPEs: 2EXPL: 0CVE-2015-0757
https://notcve.org/view.php?id=CVE-2015-0757
29 May 2015 — The web framework in Cisco Identity Services Engine (ISE) 1.2(1.901) and 1.3(0.722) does not properly implement session handlers, which allows remote attackers to obtain sensitive information by reading web pages, as demonstrated by MnT reports, aka Bug ID CSCuq23140. El Framework web en Cisco Identity Services Engine (ISE) 1.2(1.901) y 1.3(0.722) no implementa correctamente los manejadores de sesiones, lo que permite a atacantes remotos obtener información sensible mediante la lectura de páginas web, tal y... • http://tools.cisco.com/security/center/viewAlert.x?alertId=39042 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •