{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-24T17:07:38.100","vulnerabilities":[{"cve":{"id":"CVE-2021-34702","sourceIdentifier":"psirt@cisco.com","published":"2021-10-06T20:15:08.777","lastModified":"2024-11-21T06:10:59.317","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to obtain sensitive information. This vulnerability is due to improper enforcement of administrator privilege levels for low-value sensitive data. An attacker with read-only administrator access to the web-based management interface could exploit this vulnerability by browsing to the page that contains the sensitive data. A successful exploit could allow the attacker to collect sensitive information regarding the configuration of the system."},{"lang":"es","value":"Una vulnerabilidad en la interfaz de administración basada en web de Cisco Identity Services Engine (ISE) podría permitir a un atacante remoto autenticado conseguir información confidencial. Esta vulnerabilidad es debido a una aplicación inapropiada de los niveles de privilegio de administrador para los datos confidenciales de bajo valor. Un atacante con acceso de administrador de sólo lectura a la interfaz de administración basada en web podría explotar esta vulnerabilidad al navegar a la página que contiene los datos confidenciales. Una explotación con éxito podría permitir al atacante recoger información confidencial sobre la configuración del sistema"}],"metrics":{"cvssMetricV31":[{"source":"psirt@cisco.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N","baseScore":4.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":1.4},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N","baseScore":4.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":1.4}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:S/C:P/I:N/A:N","baseScore":4.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"SINGLE","confidentialityImpact":"PARTIAL","integrityImpact":"NONE","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":8.0,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"psirt@cisco.com","type":"Secondary","description":[{"lang":"en","value":"CWE-200"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-Other"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine:*:*:*:*:*:*:*:*","versionStartIncluding":"2.2.0","versionEndExcluding":"2.6.0","matchCriteriaId":"81CD2CC9-C89D-493B-815E-77308CFD28A4"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine:2.6.0:-:*:*:*:*:*:*","matchCriteriaId":"8B45856E-6BE4-40A7-AE2F-4F9DC9315875"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine:2.6.0:patch1:*:*:*:*:*:*","matchCriteriaId":"1F6D1780-3306-4481-A3CD-8F7732D955CC"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine:2.6.0:patch10:*:*:*:*:*:*","matchCriteriaId":"00756651-F667-4E4A-8024-3EAF003A9B92"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine:2.6.0:patch2:*:*:*:*:*:*","matchCriteriaId":"07BF9702-0607-49A1-A82A-E4ADF1A4135F"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine:2.6.0:patch3:*:*:*:*:*:*","matchCriteriaId":"11AA4EC0-6F3C-45A9-9AA4-0D81876F44B5"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine:2.6.0:patch5:*:*:*:*:*:*","matchCriteriaId":"1B4B88F0-3229-4B07-9308-C37C794595A0"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine:2.6.0:patch6:*:*:*:*:*:*","matchCriteriaId":"E02F0E61-FBFF-4C6D-9132-E266FF67802B"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine:2.6.0:patch7:*:*:*:*:*:*","matchCriteriaId":"541EC483-540A-4080-AA69-82A0F30EE3D6"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine:2.6.0:patch8:*:*:*:*:*:*","matchCriteriaId":"66CAFE97-295F-48F7-A92C-A90D3B837483"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine:2.6.0:patch9:*:*:*:*:*:*","matchCriteriaId":"68E172B4-867E-4413-9D45-F04B52270D41"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine:2.7.0:-:*:*:*:*:*:*","matchCriteriaId":"1F22FABF-2831-4895-B0A9-283B98398F43"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine:2.7.0:patch1:*:*:*:*:*:*","matchCriteriaId":"B83D0F20-5A43-4583-AFAF-CD9D20352437"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine:2.7.0:patch2:*:*:*:*:*:*","matchCriteriaId":"2887A2C0-BADA-41D3-AA6A-F10BC58AA7F9"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine:2.7.0:patch3:*:*:*:*:*:*","matchCriteriaId":"5ADE32BD-C500-47D8-86D6-B08F55F1BBDF"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine:2.7.0:patch4:*:*:*:*:*:*","matchCriteriaId":"22F23314-96BE-42F6-AE07-CC13F8856029"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine:3.0.0:-:*:*:*:*:*:*","matchCriteriaId":"A1063044-BCD7-487F-9880-141C30547E36"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine:3.0.0:patch1:*:*:*:*:*:*","matchCriteriaId":"DA42E65A-7207-48B8-BE1B-0B352201BC09"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine:3.0.0:patch2:*:*:*:*:*:*","matchCriteriaId":"75DDAF38-4D5F-4EE4-A428-68D28FC0DA96"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine:3.0.0:patch3:*:*:*:*:*:*","matchCriteriaId":"C5FB6AA6-F8C9-48A6-BDDA-1D25C43564EB"}]}]}],"references":[{"url":"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-info-disc-pNXtLhdp","source":"psirt@cisco.com","tags":["Vendor Advisory"]},{"url":"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-info-disc-pNXtLhdp","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}}]}