Arbitrary SQL Command Execution Vulnerability in Cisco Identity Services Engine (ISE)

Arbitrary SQL Command Execution Vulnerability in Cisco Identity Services Engine (ISE)

CVE-2016-6453 · MEDIUM Severity

AV:N/AC:M/AU:S/C:P/I:P/A:N

A vulnerability in the web framework code of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to execute arbitrary SQL commands on the database. More Information: CSCva46542. Known Affected Releases: 1.3(0.876).

Learn more about our Cis Benchmark Audit For Cisco.