Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2014-8015

Overview

Vulnerability Score 4.0 4.0
CVE Id CVE-2014-8015
Last Modified 23 Dec 2014 09:46:16
Published 22 Dec 2014 02:59:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication SINGLE_INSTANCE

CVE-2014-8015

Summary

The Sponsor Portal in Cisco Identity Services Engine (ISE) allows remote authenticated users to obtain access to an arbitrary sponsor's guest account via a modified HTTP request, aka Bug ID CSCur64400.

Vulnerable Systems

Application

  • Cisco Identity Services Engine Software -


References

CISCO - 20141222 Cisco Identity Services Engine Portal Privilege Elevation Vulnerability


Last Updated: 27 May 2016 11:07:20