Original release date: November 16, 2022
Cisco has released security updates for vulnerabilities affecting Cisco Identity Services Engine (ISE). A remote attacker could exploit some of these vulnerabilities to bypass authorization and access system files. For updates addressing vulnerabilities, see the Cisco Security Advisories page.
CISA encourages users and administrators to review the following advisories and apply the necessary updates:
- Cisco Identity Services Engine Insufficient Access Control Vulnerability
- Cisco Identity Services Engine Cross-Site Scripting Vulnerability