CNNVD-202601-2590 Information
CNNVD ID
CNNVD-202601-2590
Related CVE
- CNNVD Published: 2026-01-15
Description (Chinese)
Cisco Identity Services Engine(Cisco ISE)是美国思科(Cisco)公司的一款环境感知平台(ISE身份服务引擎)。该平台通过收集网络、用户和设备中的实时信息,制定并实施相应策略来监管网络。 Cisco Identity Services Engine(Cisco ISE)存在跨站脚本漏洞,该漏洞源于基于Web的管理界面输入验证不足,可能导致经过身份验证的远程攻击者进行存储型跨站脚本攻击。
Description (English)
Cisco Information Services Engineering (Cisco ISE) is an environmental awareness platform for Cisco companies. The platform regulates networks by collecting real-time information from networks, users and equipment and developing and implementing strategies. Cisco Infrastructure Services Engineering (Cisco ISE) has a cross-site script loophole, which stems from the inadequate validation of the Web-based management interface, which may lead to a storage-type cross-site attack by a remote, identified assailant.
Hazard Level
High
Vulnerability Type
跨站脚本
Published
2026-01-15
Last Modified
2026-02-24
References
Patch
https://www.cisco.com/c/en/us/support/security/identity-services-engine/series.html
Share on: