CVE-2015-0757
N/A
N/A
Summary
The web framework in Cisco Identity Services Engine (ISE) 1.2(1.901) and 1.3(0.722) does not properly implement session handlers, which allows remote attackers to obtain sensitive information by reading web pages, as demonstrated by MnT reports, aka Bug ID CSCuq23140.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | n/a | n/a | affected |
Weaknesses
- n/a
ADP Enrichment
CVE Program Container
Additional References
- http://tools.cisco.com/security/center/viewAlert.x?alertId=39042
- http://www.securityfocus.com/bid/74864
- http://www.securitytracker.com/id/1032420
References
- http://tools.cisco.com/security/center/viewAlert.x?alertId=39042
- http://www.securityfocus.com/bid/74864
- http://www.securitytracker.com/id/1032420
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.