CVE-2018-0213

CVE-2018-0213

Vendor N/A

Product Cisco Identity Services Engine

Weakness CWE-264

Published March 8, 2018

Last update December 2, 2024

View on NVD All CVEs

CVSS base score

—

What the vulnerability does

01Description

A vulnerability in the credential reset functionality for Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to gain elevated privileges. The vulnerability is due to a lack of proper input validation. An attacker could exploit this vulnerability by authenticating to the device and sending a crafted HTTP request. A successful exploit could allow the attacker to gain elevated privileges to access functionality that should be restricted. The attacker must have valid user credentials to the device to exploit this vulnerability. Cisco Bug IDs: CSCvf69753.

Key dates

02Disclosure timeline

March 8, 2018 CVE published

December 2, 2024 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2018-0213

Related vulnerabilities

01Description

02Disclosure timeline

03References

04Related CVE