{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-20T21:09:00.044","vulnerabilities":[{"cve":{"id":"CVE-2020-3589","sourceIdentifier":"psirt@cisco.com","published":"2020-10-08T05:15:15.477","lastModified":"2024-11-21T05:31:22.103","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) Software could allow an authenticated, remote attacker with administrative credentials to conduct a cross-site scripting (XSS) attack against a user of the interface. The vulnerability exists because the web-based management interface does not properly validate user-supplied input. An attacker could exploit this vulnerability by injecting malicious code into specific pages of the interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or access sensitive, browser-based information. To exploit this vulnerability, an attacker would need to have valid administrative credentials."},{"lang":"es","value":"Una vulnerabilidad en la interfaz de administración basada en web de Cisco Identity Services Engine (ISE) Software, podría permitir a un atacante remoto autenticado con credenciales administrativas conducir un ataque de tipo cross-site scripting (XSS) contra un usuario de la interfaz.&#xa0;La vulnerabilidad se presenta porque la interfaz de administración basada en web no comprueba apropiadamente la entrada suministrada por el usuario.&#xa0;Un atacante podría explotar esta vulnerabilidad al inyectar código malicioso en páginas específicas de la interfaz.&#xa0;Una explotación con éxito podría permitir al atacante ejecutar un código script arbitrario en el contexto de la interfaz o acceder a información confidencial basada en navegador.&#xa0;Para explotar esta vulnerabilidad, un atacante necesitaría tener credenciales administrativas válidas"}],"metrics":{"cvssMetricV31":[{"source":"psirt@cisco.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N","baseScore":4.8,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":1.7,"impactScore":2.7},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N","baseScore":4.8,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":1.7,"impactScore":2.7}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:S/C:N/I:P/A:N","baseScore":3.5,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"SINGLE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"LOW","exploitabilityScore":6.8,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"psirt@cisco.com","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine:2.2.0:patch16:*:*:*:*:*:*","matchCriteriaId":"B1EEFEB1-10A2-4959-A2D7-2BE3012BEF6B"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine:2.2.0.470:patch1:*:*:*:*:*:*","matchCriteriaId":"8114A0B4-F81C-4EB8-AC17-AF4781F6CAB2"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine:2.2.0.470:patch10:*:*:*:*:*:*","matchCriteriaId":"70B293D8-207E-43BD-BAA3-E79ED562B52D"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine:2.2.0.470:patch11:*:*:*:*:*:*","matchCriteriaId":"25B5B012-A6FD-4B53-8116-AEA7A932F376"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine:2.2.0.470:patch12:*:*:*:*:*:*","matchCriteriaId":"8260B1A1-3D16-46DA-90EC-42A546CE564F"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine:2.2.0.470:patch13:*:*:*:*:*:*","matchCriteriaId":"70C00EEF-C119-41B5-8140-77BEEF639CA2"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine:2.2.0.470:patch14:*:*:*:*:*:*","matchCriteriaId":"423BD5AD-C8E1-47DC-BF61-D285B29442BD"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine:2.2.0.470:patch15:*:*:*:*:*:*","matchCriteriaId":"F88D615F-F9EE-4282-A476-85B5B2078F78"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine:2.2.0.470:patch16:*:*:*:*:*:*","matchCriteriaId":"732FDC75-C3C5-4FD0-93B7-1A3CE4DEA507"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine:2.2.0.470:patch2:*:*:*:*:*:*","matchCriteriaId":"BF38434A-060E-42C2-A622-8E1ED51CAC7F"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine:2.2.0.470:patch3:*:*:*:*:*:*","matchCriteriaId":"81300E10-0BDD-490D-BBE9-CA75803426C1"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine:2.2.0.470:patch4:*:*:*:*:*:*","matchCriteriaId":"3BC7044A-6FB4-457F-808F-FA1F8B85469A"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine:2.2.0.470:patch5:*:*:*:*:*:*","matchCriteriaId":"4C0BE493-4EE9-404E-B7BA-3525CA7AE9D7"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine:2.2.0.470:patch6:*:*:*:*:*:*","matchCriteriaId":"7EFC7A75-B2FA-4F36-91A0-E32B5D7ECD93"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine:2.2.0.470:patch7:*:*:*:*:*:*","matchCriteriaId":"8A7009F6-4418-4CAD-B489-DC104CDC050C"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine:2.2.0.470:patch8:*:*:*:*:*:*","matchCriteriaId":"88970AD1-07E3-4A67-A20F-AB0FE13E1B2A"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine:2.2.0.470:patch9:*:*:*:*:*:*","matchCriteriaId":"7605EBFC-6810-46A9-960D-816412E6DD23"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine:2.3.0:patch7:*:*:*:*:*:*","matchCriteriaId":"1F4F2F0A-6525-4C41-B67F-989BD67AF376"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine:2.3.0.298:-:*:*:*:*:*:*","matchCriteriaId":"2C9676EF-DDF4-46E3-A8B4-9AD51881E4DA"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine:2.3.0.298:patch1:*:*:*:*:*:*","matchCriteriaId":"4EE51B0E-75A2-4BCF-848C-0EEEDFE3C41A"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine:2.3.0.298:patch2:*:*:*:*:*:*","matchCriteriaId":"60A8BF35-41D2-4985-B5CB-721FF433B7CB"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine:2.3.0.298:patch3:*:*:*:*:*:*","matchCriteriaId":"B633B472-923C-4527-9D2C-F1971FDAB314"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine:2.3.0.298:patch4:*:*:*:*:*:*","matchCriteriaId":"F6A45D74-4CD6-4941-AB15-3DB3BAFF1467"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine:2.3.0.298:patch5:*:*:*:*:*:*","matchCriteriaId":"A8E90D56-22D4-433F-9325-D6C7F544E034"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine:2.3.0.298:patch6:*:*:*:*:*:*","matchCriteriaId":"C07A60F0-BE4D-41F1-B433-433B3883AA30"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine:2.3.0.298:patch7:*:*:*:*:*:*","matchCriteriaId":"314F6A42-D983-4FC1-8793-81011992B7A6"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine:2.4.0:patch12:*:*:*:*:*:*","matchCriteriaId":"E5D220CF-8178-4F26-B1C3-175A10EBD65B"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine:2.4.0.357:-:*:*:*:*:*:*","matchCriteriaId":"ED00A491-8BEA-4A21-B2CA-6E17183563E6"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine:2.4.0.357:patch1:*:*:*:*:*:*","matchCriteriaId":"B2E49C7A-802D-4807-AF48-94112B821ABA"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine:2.4.0.357:patch10:*:*:*:*:*:*","matchCriteriaId":"87B967FC-3CAA-4DD0-A936-16F9F1EA5E6A"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine:2.4.0.357:patch2:*:*:*:*:*:*","matchCriteriaId":"1A2E55FE-562A-45F9-9859-33CF0FE31F13"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine:2.4.0.357:patch3:*:*:*:*:*:*","matchCriteriaId":"CAF04BC3-18CC-4C02-AEDC-82785B5EEC5E"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine:2.4.0.357:patch4:*:*:*:*:*:*","matchCriteriaId":"5435128C-88C9-4C29-908A-F9765A79B73B"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine:2.4.0.357:patch5:*:*:*:*:*:*","matchCriteriaId":"311241C1-8E29-4A80-8559-39D120A37A0E"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine:2.4.0.357:patch6:*:*:*:*:*:*","matchCriteriaId":"A9C80434-077A-4B9B-9EA6-8B44A7B86557"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine:2.4.0.357:patch7:*:*:*:*:*:*","matchCriteriaId":"058977FE-0FBF-4C66-B961-0698A127EF2A"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine:2.4.0.357:patch8:*:*:*:*:*:*","matchCriteriaId":"F0341C1F-6F30-4CAC-8D31-58359067DD5E"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine:2.4.0.357:patch9:*:*:*:*:*:*","matchCriteriaId":"9BE8D28E-1F21-4C90-8A7A-C237B2F4C2C0"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine:2.6.0:-:*:*:*:*:*:*","matchCriteriaId":"8B45856E-6BE4-40A7-AE2F-4F9DC9315875"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine:2.6.0:patch1:*:*:*:*:*:*","matchCriteriaId":"1F6D1780-3306-4481-A3CD-8F7732D955CC"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine:2.6.0:patch2:*:*:*:*:*:*","matchCriteriaId":"07BF9702-0607-49A1-A82A-E4ADF1A4135F"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine:2.6.0:patch3:*:*:*:*:*:*","matchCriteriaId":"11AA4EC0-6F3C-45A9-9AA4-0D81876F44B5"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine:2.6.0:patch5:*:*:*:*:*:*","matchCriteriaId":"1B4B88F0-3229-4B07-9308-C37C794595A0"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine:2.6.0:patch6:*:*:*:*:*:*","matchCriteriaId":"E02F0E61-FBFF-4C6D-9132-E266FF67802B"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine:2.6.0:patch7:*:*:*:*:*:*","matchCriteriaId":"541EC483-540A-4080-AA69-82A0F30EE3D6"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine:2.6.0.156:patch1:*:*:*:*:*:*","matchCriteriaId":"B0B59AE5-F1C6-40A4-B912-00A8CAF67D3B"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine:2.6.0.156:patch2:*:*:*:*:*:*","matchCriteriaId":"220D24D8-D454-4173-A78C-F9EF4B1864E3"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine:2.6.0.156:patch3:*:*:*:*:*:*","matchCriteriaId":"2AA62908-125C-4696-88F0-CDBED70DD2C4"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine:2.6.0.156:patch5:*:*:*:*:*:*","matchCriteriaId":"59306404-2D46-4E2B-9609-4DCB69D612DD"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine:2.6.0.156:patch6:*:*:*:*:*:*","matchCriteriaId":"3EE5A0AB-8BD4-436E-B2C5-818081444B95"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine:2.6.0.156:patch7:*:*:*:*:*:*","matchCriteriaId":"0B29D933-1505-45E3-B5A2-8955F1D9E397"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine:2.7.0:patch2:*:*:*:*:*:*","matchCriteriaId":"2887A2C0-BADA-41D3-AA6A-F10BC58AA7F9"}]}]}],"references":[{"url":"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-xxs-mf5cbYx5","source":"psirt@cisco.com","tags":["Vendor Advisory"]},{"url":"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-xxs-mf5cbYx5","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}}]}