CVE-2014-8017

Cisco Identity Services Engine Software - Exposure of Sensitive Information via Periodic Backup Feature

Title source: llm
STIX 2.1

Description

The periodic-backup feature in Cisco Identity Services Engine (ISE) allows remote attackers to discover backup-encryption passwords via a crafted request that triggers inclusion of a password in a reply, aka Bug ID CSCur41673.

References (3)

Core 3
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/71767
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://www.securitytracker.com/id/1031425

Scores

EPSS 0.0125
EPSS Percentile 65.8%

Details

CWE
CWE-200
Status published
Products (1)
cisco/identity_services_engine_software
Published Dec 22, 2014
Tracked Since Feb 18, 2026