A vulnerability in the Cisco Identity Services Engine (ISE) guest portal could allow an unauthenticated, remote attacker to view a customized page on the guest portal.

The vulnerability is due to lack of access control for the uploaded HTML files. An attacker could exploit this vulnerability by crafting an HTTP request that points to the filename of the customized page.

Cisco has confirmed the vulnerability; however, software updates are not available.

To exploit this vulnerability, the attacker must send a crafted HTTP request to the filename of the customized page on the guest portal. The Cisco ISE guest portal is configured to use customized uploaded HTML files, making an exploit easier to accomplish. Environments that restrict access from untrusted sources could make successful exploitation more difficult.

Cisco indicates through the CVSS score that functional exploit code exists; however, the code is not known to be publicly available.

Leave a Reply