The web framework in Cisco Identity Services Engine (ISE) 1.2(1.901) and 1.3(0.722) does not properly implement session handlers, which allows remote attackers to obtain sensitive information by reading web pages, as demonstrated by MnT reports, aka Bug ID CSCuq23140.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: cisco
Published: 2015-05-29T15:00:00
Updated: 2024-08-06T04:17:32.825Z
Reserved: 2015-01-07T00:00:00
Link: CVE-2015-0757
Vulnrichment
No data.
NVD
Status : Modified
Published: 2015-05-29T15:59:11.170
Modified: 2024-11-21T02:23:39.743
Link: CVE-2015-0757
Redhat
No data.