Skip to main content

Cisco Identity Services Engine Database Default Credentials Vulnerability

Last Update Date: 22 Sep 2011 10:41 Release Date: 22 Sep 2011 6168 Views

RISK: Medium Risk

TYPE: Servers - Network Management

TYPE: Network Management

A vulnerability has been identified in Cisco Identity Services Engine, which can be exploited by malicious people to bypass certain security restrictions.

 

The security issue is caused due to the appliance including an undocumented database account with default credentials. This can be exploited to modify the configuration and settings of a device.


Impact

  • Security Restriction Bypass

System / Technologies affected

  • Cisco Identity Services Engine (ISE) versions prior to 1.0.4.MR2

Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.


Vulnerability Identifier


Source


Related Link