Severe vulnerabilities in Cisco Identity Services Engine (ISE) and Cisco ISE Passive Identity Connector (ISE-PIC) could allow an unauthenticated remote attacker to issue commands with root privileges, Cisco said in an advisory on July 17.
Cisco released multiple patches for the issues, including an expanded fix for specific software versions.
The vulnerabilities were reported by Bobby Gould of Trend Micro Zero Day Initiative and Kentaro Kawane of GMO Cybersecurity by Ierae, working with Trend Mi...