Skip to main content

Identity Services Engine CVE-2018-0221

MEDIUM
OS Command Injection (CWE-78)
2018-03-08 psirt@cisco.com
6.7
CVSS 3.0 · NVD
Share

Severity by source

NVD PRIMARY
6.7 MEDIUM
AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Local
Attack Complexity
Low
Privileges Required
High
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

1
CVE Published
Mar 08, 2018 - 07:29 nvd
MEDIUM 6.7

DescriptionNVD

A vulnerability in specific CLI commands for the Cisco Identity Services Engine (ISE) could allow an authenticated, local attacker to perform command injection to the underlying operating system or cause a hang or disconnect of the user session. The attacker needs valid administrator credentials for the device. The vulnerability is due to incomplete input validation of user input for certain CLI ISE configuration commands. An attacker could exploit this vulnerability by authenticating as an administrative user, issuing a specific CLI command, and entering crafted, malicious user input for the command parameters. An exploit could allow the attacker to perform command injection to the lower-level Linux operating system. It is also possible the attacker could cause the ISE user interface for this management session to hang or disconnect. Cisco Bug IDs: CSCvg95479.

AnalysisAI

A vulnerability in specific CLI commands for the Cisco Identity Services Engine (ISE) could allow an authenticated, local attacker to perform command injection to the underlying operating system or. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Technical ContextAI

This vulnerability is classified as OS Command Injection (CWE-78), which allows attackers to execute arbitrary operating system commands on the host. A vulnerability in specific CLI commands for the Cisco Identity Services Engine (ISE) could allow an authenticated, local attacker to perform command injection to the underlying operating system or cause a hang or disconnect of the user session. The attacker needs valid administrator credentials for the device. The vulnerability is due to incomplete input validation of user input for certain CLI ISE configuration commands. An attacker could exploit this vulnerability by authenticating as an administrative user, issuing a specific CLI command, and entering crafted, malicious user input for the command parameters. An exploit could allow the attacker to perform command injection to the lower-level Linux operating system. It is also possible the attacker could cause the ISE user interface for this management session to hang or disconnect. Cisco Bug IDs: CSCvg95479. Affected products include: Cisco Identity Services Engine.

RemediationAI

No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Avoid passing user input to shell commands. Use language-specific APIs instead of shell execution. Apply strict input validation with allowlists.

CVE-2025-20281 CRITICAL POC
10.0 Jun 25

Cisco ISE and ISE-PIC contain a critical input injection vulnerability (CVE-2025-20281, CVSS 10.0) that allows unauthent

CVE-2025-20125 CRITICAL POC
9.1 Feb 05

A vulnerability in an API of Cisco ISE could allow an authenticated, remote attacker with valid read-only credentials to

CVE-2017-6747 CRITICAL
9.8 Aug 07

A vulnerability in the authentication module of Cisco Identity Services Engine (ISE) could allow an unauthenticated, rem

CVE-2025-20282 CRITICAL
10.0 Jun 25

CVE-2025-20282 is a critical remote code execution vulnerability in Cisco ISE and ISE-PIC that allows unauthenticated at

CVE-2025-20286 CRITICAL
9.9 Jun 04

Default credentials in Cisco ISE cloud deployments on AWS/Azure/OCI. CVSS 9.9.

CVE-2022-20733 CRITICAL
9.8 Jun 15

A vulnerability in the login page of Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote attacke

CVE-2024-20486 HIGH
8.8 Aug 21

A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an unauthentic

CVE-2024-20368 HIGH
8.8 Apr 03

A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an unauthentic

CVE-2023-20272 HIGH
8.8 Nov 21

A vulnerability in the web-based management interface of Cisco Identity Services Engine could allow an authenticated, re

CVE-2023-20175 HIGH
8.8 Nov 01

A vulnerability in a specific Cisco ISE CLI command could allow an authenticated, local attacker to perform command inje

CVE-2022-20962 HIGH
8.8 Nov 04

A vulnerability in the Localdisk Management feature of Cisco Identity Services Engine (ISE) could allow an authenticated

CVE-2022-20961 HIGH
8.8 Nov 04

A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an unauthentic

Share

CVE-2018-0221 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy