cnvd - cnvd-2021-24475

cnvd-2021-24475

Vulnerability from cnvd

Title: Cisco Identity Services Engine信息泄露漏洞（CNVD-2021-24475）

Description:

Cisco Identity Services Engine (ISE)是下一代身份和访问控制策略平台，使企业能够执行合规性、增强基础架构安全性并简化其服务操作。

Cisco Identity Services Engine的管理门户存在信息泄露漏洞。该漏洞源于对敏感数据的管理员权限级别执行不当。攻击者可利用该漏洞收集有关系统配置的敏感信息。

Severity: 中

Patch Name: Cisco Identity Services Engine信息泄露漏洞（CNVD-2021-24475）的补丁

Patch Description:

Cisco Identity Services Engine (ISE)是下一代身份和访问控制策略平台，使企业能够执行合规性、增强基础架构安全性并简化其服务操作。

Cisco Identity Services Engine 2.3 Patch7、2.4 Patch13、2.6 Patch8、2.7 Patch2、3.0 Patch1及更早版本的管理门户存在信息泄露漏洞。该漏洞源于对敏感数据的管理员权限级别执行不当。攻击者可利用该漏洞收集有关系统配置的敏感信息。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description:

厂商已发布了漏洞修复程序，请及时关注更新： https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-info-exp-8RsuEu8S

Reference: https://nvd.nist.gov/vuln/detail/CVE-2021-1416

Impacted products

Name
['Cisco Identity Services Engine 2.6.0', 'Cisco Identity Services Engine（ISE） 2.3.0', 'Cisco Identity Services Engine（ISE） 2.3.0 patch1', 'Cisco Identity Services Engine（ISE） 2.3.0 patch2', 'Cisco Identity Services Engine（ISE） 2.3.0 patch3', 'Cisco Identity Services Engine（ISE） 2.3.0 patch4', 'Cisco Identity Services Engine（ISE） 2.3.0 patch5', 'Cisco Identity Services Engine（ISE） 2.3.0 patch6', 'Cisco Identity Services Engine（ISE） 2.3.0 patch7', 'Cisco Identity Services Engine（ISE） 2.4.0', 'Cisco Identity Services Engine（ISE） 2.4.0 patch1', 'Cisco Identity Services Engine（ISE） 2.4.0 patch10', 'Cisco Identity Services Engine（ISE） 2.4.0 patch11', 'Cisco Identity Services Engine（ISE） 2.4.0 patch12', 'Cisco Identity Services Engine（ISE） 2.4.0 patch13', 'Cisco Identity Services Engine（ISE） 2.6.0 patch1', 'Cisco Identity Services Engine（ISE） 2.6.0 patch2', 'Cisco Identity Services Engine（ISE） 2.6.0 patch3', 'Cisco Identity Services Engine（ISE） 2.6.0 patch4', 'Cisco Identity Services Engine（ISE） 2.6.0 patch5', 'Cisco Identity Services Engine（ISE） 2.6.0 patch6', 'Cisco Identity Services Engine（ISE） 2.6.0 patch7', 'Cisco Identity Services Engine（ISE） 2.6.0 patch8', 'Cisco Identity Services Engine（ISE） 2.7.0', 'Cisco Identity Services Engine（ISE） 2.7.0 patch2', 'Cisco Identity Services Engine（ISE） 3.0.0', 'Cisco Identity Services Engine（ISE） 3.0.0 patch1', 'Cisco Identity Services Engine（ISE） <2.3.0']

Name

['Cisco Identity Services Engine 2.6.0', 'Cisco Identity Services Engine（ISE） 2.3.0', 'Cisco Identity Services Engine（ISE） 2.3.0 patch1', 'Cisco Identity Services Engine（ISE） 2.3.0 patch2', 'Cisco Identity Services Engine（ISE） 2.3.0 patch3', 'Cisco Identity Services Engine（ISE） 2.3.0 patch4', 'Cisco Identity Services Engine（ISE） 2.3.0 patch5', 'Cisco Identity Services Engine（ISE） 2.3.0 patch6', 'Cisco Identity Services Engine（ISE） 2.3.0 patch7', 'Cisco Identity Services Engine（ISE） 2.4.0', 'Cisco Identity Services Engine（ISE） 2.4.0 patch1', 'Cisco Identity Services Engine（ISE） 2.4.0 patch10', 'Cisco Identity Services Engine（ISE） 2.4.0 patch11', 'Cisco Identity Services Engine（ISE） 2.4.0 patch12', 'Cisco Identity Services Engine（ISE） 2.4.0 patch13', 'Cisco Identity Services Engine（ISE） 2.6.0 patch1', 'Cisco Identity Services Engine（ISE） 2.6.0 patch2', 'Cisco Identity Services Engine（ISE） 2.6.0 patch3', 'Cisco Identity Services Engine（ISE） 2.6.0 patch4', 'Cisco Identity Services Engine（ISE） 2.6.0 patch5', 'Cisco Identity Services Engine（ISE） 2.6.0 patch6', 'Cisco Identity Services Engine（ISE） 2.6.0 patch7', 'Cisco Identity Services Engine（ISE） 2.6.0 patch8', 'Cisco Identity Services Engine（ISE） 2.7.0', 'Cisco Identity Services Engine（ISE） 2.7.0 patch2', 'Cisco Identity Services Engine（ISE） 3.0.0', 'Cisco Identity Services Engine（ISE） 3.0.0 patch1', 'Cisco Identity Services Engine（ISE） <2.3.0']

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2021-1416",
      "cveUrl": "https://nvd.nist.gov/vuln/detail/CVE-2021-1416"
    }
  },
  "description": "Cisco Identity Services Engine (ISE)\u662f\u4e0b\u4e00\u4ee3\u8eab\u4efd\u548c\u8bbf\u95ee\u63a7\u5236\u7b56\u7565\u5e73\u53f0\uff0c\u4f7f\u4f01\u4e1a\u80fd\u591f\u6267\u884c\u5408\u89c4\u6027\u3001\u589e\u5f3a\u57fa\u7840\u67b6\u6784\u5b89\u5168\u6027\u5e76\u7b80\u5316\u5176\u670d\u52a1\u64cd\u4f5c\u3002\n\nCisco Identity Services Engine\u7684\u7ba1\u7406\u95e8\u6237\u5b58\u5728\u4fe1\u606f\u6cc4\u9732\u6f0f\u6d1e\u3002\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u5bf9\u654f\u611f\u6570\u636e\u7684\u7ba1\u7406\u5458\u6743\u9650\u7ea7\u522b\u6267\u884c\u4e0d\u5f53\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u6536\u96c6\u6709\u5173\u7cfb\u7edf\u914d\u7f6e\u7684\u654f\u611f\u4fe1\u606f\u3002",
  "formalWay": "\u5382\u5546\u5df2\u53d1\u5e03\u4e86\u6f0f\u6d1e\u4fee\u590d\u7a0b\u5e8f\uff0c\u8bf7\u53ca\u65f6\u5173\u6ce8\u66f4\u65b0\uff1a\r\nhttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-info-exp-8RsuEu8S",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2021-24475",
  "openTime": "2021-04-02",
  "patchDescription": "Cisco Identity Services Engine (ISE)\u662f\u4e0b\u4e00\u4ee3\u8eab\u4efd\u548c\u8bbf\u95ee\u63a7\u5236\u7b56\u7565\u5e73\u53f0\uff0c\u4f7f\u4f01\u4e1a\u80fd\u591f\u6267\u884c\u5408\u89c4\u6027\u3001\u589e\u5f3a\u57fa\u7840\u67b6\u6784\u5b89\u5168\u6027\u5e76\u7b80\u5316\u5176\u670d\u52a1\u64cd\u4f5c\u3002\r\n\r\nCisco Identity Services Engine 2.3 Patch7\u30012.4 Patch13\u30012.6 Patch8\u30012.7 Patch2\u30013.0 Patch1\u53ca\u66f4\u65e9\u7248\u672c\u7684\u7ba1\u7406\u95e8\u6237\u5b58\u5728\u4fe1\u606f\u6cc4\u9732\u6f0f\u6d1e\u3002\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u5bf9\u654f\u611f\u6570\u636e\u7684\u7ba1\u7406\u5458\u6743\u9650\u7ea7\u522b\u6267\u884c\u4e0d\u5f53\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u6536\u96c6\u6709\u5173\u7cfb\u7edf\u914d\u7f6e\u7684\u654f\u611f\u4fe1\u606f\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Cisco Identity Services Engine\u4fe1\u606f\u6cc4\u9732\u6f0f\u6d1e\uff08CNVD-2021-24475\uff09\u7684\u8865\u4e01",
  "products": {
    "product": [
      "Cisco Identity Services Engine 2.6.0",
      "Cisco Identity Services Engine\uff08ISE\uff09 2.3.0",
      "Cisco Identity Services Engine\uff08ISE\uff09 2.3.0 patch1",
      "Cisco Identity Services Engine\uff08ISE\uff09 2.3.0 patch2",
      "Cisco Identity Services Engine\uff08ISE\uff09 2.3.0 patch3",
      "Cisco Identity Services Engine\uff08ISE\uff09 2.3.0 patch4",
      "Cisco Identity Services Engine\uff08ISE\uff09 2.3.0 patch5",
      "Cisco Identity Services Engine\uff08ISE\uff09 2.3.0 patch6",
      "Cisco Identity Services Engine\uff08ISE\uff09 2.3.0 patch7",
      "Cisco Identity Services Engine\uff08ISE\uff09 2.4.0",
      "Cisco Identity Services Engine\uff08ISE\uff09 2.4.0 patch1",
      "Cisco Identity Services Engine\uff08ISE\uff09 2.4.0 patch10",
      "Cisco Identity Services Engine\uff08ISE\uff09 2.4.0 patch11",
      "Cisco Identity Services Engine\uff08ISE\uff09 2.4.0 patch12",
      "Cisco Identity Services Engine\uff08ISE\uff09 2.4.0 patch13",
      "Cisco Identity Services Engine\uff08ISE\uff09 2.6.0 patch1",
      "Cisco Identity Services Engine\uff08ISE\uff09 2.6.0 patch2",
      "Cisco Identity Services Engine\uff08ISE\uff09 2.6.0 patch3",
      "Cisco Identity Services Engine\uff08ISE\uff09 2.6.0 patch4",
      "Cisco Identity Services Engine\uff08ISE\uff09 2.6.0 patch5",
      "Cisco Identity Services Engine\uff08ISE\uff09 2.6.0 patch6",
      "Cisco Identity Services Engine\uff08ISE\uff09 2.6.0 patch7",
      "Cisco Identity Services Engine\uff08ISE\uff09 2.6.0 patch8",
      "Cisco Identity Services Engine\uff08ISE\uff09 2.7.0",
      "Cisco Identity Services Engine\uff08ISE\uff09 2.7.0 patch2",
      "Cisco Identity Services Engine\uff08ISE\uff09 3.0.0",
      "Cisco Identity Services Engine\uff08ISE\uff09 3.0.0 patch1",
      "Cisco Identity Services Engine\uff08ISE\uff09 \u003c2.3.0"
    ]
  },
  "referenceLink": "https://nvd.nist.gov/vuln/detail/CVE-2021-1416",
  "serverity": "\u4e2d",
  "submitTime": "2021-02-18",
  "title": "Cisco Identity Services Engine\u4fe1\u606f\u6cc4\u9732\u6f0f\u6d1e\uff08CNVD-2021-24475\uff09"
}

CVE-2021-1416 (GCVE-0-2021-1416)

Vulnerability from cvelistv5

Published

2021-02-17 16:55

Modified

2024-11-08 23:41

Severity ?

6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

CWE

CWE-266

Summary

Multiple vulnerabilities in the Admin portal of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to obtain sensitive information. These vulnerabilities are due to improper enforcement of administrator privilege levels for sensitive data. An attacker with read-only administrator access to the Admin portal could exploit these vulnerabilities by browsing to one of the pages that contains sensitive data. A successful exploit could allow the attacker to collect sensitive information regarding the configuration of the system. For more information about these vulnerabilities, see the Details section of this advisory.

References

▼	URL	Tags
	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-info-exp-8RsuEu8S	vendor-advisory, x_refsource_CISCO

Impacted products

	Vendor	Product	Version
	Cisco	Cisco Identity Services Engine Software	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T16:11:16.875Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20210217 Cisco Identity Services Engine Sensitive Information Disclosure Vulnerabilities",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-info-exp-8RsuEu8S"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-1416",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-08T20:49:20.885681Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-08T23:41:36.032Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Identity Services Engine Software",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2021-02-17T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Multiple vulnerabilities in the Admin portal of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to obtain sensitive information. These vulnerabilities are due to improper enforcement of administrator privilege levels for sensitive data. An attacker with read-only administrator access to the Admin portal could exploit these vulnerabilities by browsing to one of the pages that contains sensitive data. A successful exploit could allow the attacker to collect sensitive information regarding the configuration of the system. For more information about these vulnerabilities, see the Details section of this advisory."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-266",
              "description": "CWE-266",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-02-17T16:55:12",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "20210217 Cisco Identity Services Engine Sensitive Information Disclosure Vulnerabilities",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-info-exp-8RsuEu8S"
        }
      ],
      "source": {
        "advisory": "cisco-sa-ise-info-exp-8RsuEu8S",
        "defect": [
          [
            "CSCvw81454",
            "CSCvw82927",
            "CSCvw83296",
            "CSCvw83334",
            "CSCvw89818"
          ]
        ],
        "discovery": "INTERNAL"
      },
      "title": "Cisco Identity Services Engine Sensitive Information Disclosure Vulnerabilities",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "DATE_PUBLIC": "2021-02-17T16:00:00",
          "ID": "CVE-2021-1416",
          "STATE": "PUBLIC",
          "TITLE": "Cisco Identity Services Engine Sensitive Information Disclosure Vulnerabilities"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco Identity Services Engine Software",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Cisco"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Multiple vulnerabilities in the Admin portal of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to obtain sensitive information. These vulnerabilities are due to improper enforcement of administrator privilege levels for sensitive data. An attacker with read-only administrator access to the Admin portal could exploit these vulnerabilities by browsing to one of the pages that contains sensitive data. A successful exploit could allow the attacker to collect sensitive information regarding the configuration of the system. For more information about these vulnerabilities, see the Details section of this advisory."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
          }
        ],
        "impact": {
          "cvss": {
            "baseScore": "6.5",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-266"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20210217 Cisco Identity Services Engine Sensitive Information Disclosure Vulnerabilities",
              "refsource": "CISCO",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-info-exp-8RsuEu8S"
            }
          ]
        },
        "source": {
          "advisory": "cisco-sa-ise-info-exp-8RsuEu8S",
          "defect": [
            [
              "CSCvw81454",
              "CSCvw82927",
              "CSCvw83296",
              "CSCvw83334",
              "CSCvw89818"
            ]
          ],
          "discovery": "INTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2021-1416",
    "datePublished": "2021-02-17T16:55:12.277317Z",
    "dateReserved": "2020-11-13T00:00:00",
    "dateUpdated": "2024-11-08T23:41:36.032Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted