Improper input validation in Cisco Identity Services Engine (ISE) - CVE-2018-0211
Published: March 10, 2018
Vulnerability identifier: #VU10903
CSH Severity: Low
CVSS v4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2018-0211
CWE-ID: CWE-20
Exploitation vector: Local access
Exploit availability:
No public exploit available
Vendor: Cisco Systems, Inc
Affected software:
Cisco Identity Services Engine (ISE)
Cisco Identity Services Engine (ISE)
Detailed vulnerability description
The vulnerability allows a local attacker with administrative privileges to cause DoS condition on the target system.
The weakness exists in specific CLI commands for the Cisco Identity Services Engine due to lack of proper input validation of the CLI user input for certain CLI commands. A local attacker can authenticate to the device and issue a specially crafted, malicious CLI command and cause a DoS condition.
The weakness exists in specific CLI commands for the Cisco Identity Services Engine due to lack of proper input validation of the CLI user input for certain CLI commands. A local attacker can authenticate to the device and issue a specially crafted, malicious CLI command and cause a DoS condition.
How to mitigate CVE-2018-0211
Install update from vendor's website.