QwikSec

Security Database

CVE

CWE

Training

CVE Database
/

CVE-2017-12316

Back to search

CVE-2017-12316

Published: Nov 16, 2017

Modified: Aug 5, 2024

PUBLISHED

Description

A vulnerability in the Guest Portal login page of Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote attacker to perform multiple login attempts in excess of the configured login attempt limit. The vulnerability is due to insufficient server-side login attempt limit enforcement. An attacker could exploit this vulnerability by sending modified login attempts to the Guest Portal login page. An exploit could allow the attacker to perform brute-force password attacks on the ISE Guest Portal. Cisco Bug IDs: CSCve98518.

VendorProductVersions

n/a

Cisco Identity Services Engine

affected
Cisco Identity Services Engine

Weaknesses (CWE)

CWE-287

References

1039830
vdb-entry
x_refsource_SECTRACK
101931
vdb-entry
x_refsource_BID

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now