CyberSec.Space Logo
Back to CVE Browser

CVE-2011-3290

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.1210%
EPSS Percentile41.03th
PublishedSep 21, 2011
Last ModifiedApr 29, 2026

Vulnerability Description

Cisco Identity Services Engine (ISE) before 1.0.4.MR2 has default Oracle database credentials, which allows remote attackers to modify settings or perform unspecified other administrative actions via unknown vectors, aka Bug ID CSCts59135.

Affected Platforms (CPE)

πŸ”Œ
Cisco

Identity Services Engine

All versions
πŸ“¦
Cisco

Identity Services Engine Software

<= 1.0.4
πŸ“¦
Cisco

Identity Services Engine Software

= 1.0
πŸ“¦
Cisco

Identity Services Engine Software

= 1.0mr

References & Advisories

πŸ”— http://secunia.com/advisories/46061
πŸ”— http://www.cisco.com/en/US/products/products_security_advisory09186a0080b95105.shtml
πŸ”— http://www.securityfocus.com/bid/49703
πŸ”— http://www.securitytracker.com/id?1026075
πŸ”— https://exchange.xforce.ibmcloud.com/vulnerabilities/69945
πŸ”— http://secunia.com/advisories/46061
πŸ”— http://www.cisco.com/en/US/products/products_security_advisory09186a0080b95105.shtml
πŸ”— http://www.securityfocus.com/bid/49703

Related Vulnerabilities

CVE-2017-67479.8

A vulnerability in the authentication module of Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote attack...

CVE-2015-63239.8

The Admin portal in Cisco Identity Services Engine (ISE) 1.1.x, 1.2.0 before patch 17, 1.2.1 before patch 8, 1.3 before patch 5, a...

CVE-2013-55309.0

The web framework in Cisco Identity Services Engine (ISE) 1.0 and 1.1.0 before 1.1.0.665-5, 1.1.1 before 1.1.1.268-7, 1.1.2 before...

CVE-2016-06358.8

Unspecified vulnerability in the Enterprise Manager Ops Center component in Oracle Enterprise Manager Grid Control 12.1.4, 12.2.2,...