CVE-2024-20417 | Cisco Identity Services Engine Software up to 3.3.0 REST API sql injection (cisco-sa-ise-rest-5bPKrNtZ)

Posted by Angelo Barbosa | Aug 21, 2024 | CVE

A vulnerability classified as critical has been found in Cisco Identity Services Engine Software. This affects an unknown part of the component REST API. The manipulation leads to sql injection.

This vulnerability is uniquely identified as CVE-2024-20417. It is possible to initiate the attack remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-20417 | Cisco Identity Services Engine Software up to 3.3.0 REST API sql injection (cisco-sa-ise-rest-5bPKrNtZ)

Related Posts

CVE-2024-38495 | Broadcom Symantec Privileged Access Management up to 3.4.6/4.1.7 PAM information disclosure

CVE-2023-7190 | S-CMS up to 2.0_build20220529-20231006 /member/ad.php A_text/A_url/A_contact sql injection

CVE-2024-22212 | NextCloud Global Site Selector up to 1.4.0/2.1.1/2.3.3/2.4.4 authentication bypass (GHSA-vj5q-f63m-wp77)

CVE-2023-42957 | Apple macOS permission