Skip to main content

Identity Services Engine CVE-2024-20332

MEDIUM
Server-Side Request Forgery (SSRF) (CWE-918)
2024-04-03 psirt@cisco.com
5.5
CVSS 3.1 · Vendor: cisco
Share

Severity by source

Vendor (cisco) PRIMARY
5.5 MEDIUM
AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N

Primary rating from Vendor (cisco) · only source for this CVE.

CVSS VectorVendor: cisco

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N
Attack Vector
Network
Attack Complexity
Low
Privileges Required
High
User Interaction
None
Scope
Changed
Confidentiality
Low
Integrity
Low
Availability
None

Lifecycle Timeline

1
CVE Published
Apr 03, 2024 - 17:15 cve.org
MEDIUM 5.5

DescriptionCVE.org

A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to conduct a server-side request forgery (SSRF) attack through an affected device. This vulnerability is due to improper input validation for specific HTTP requests. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected device. A successful exploit could allow the attacker to send arbitrary network requests that are sourced from the affected device. To successfully exploit this vulnerability, the attacker would need valid Super Admin credentials.

AnalysisAI

A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to conduct a server-side request forgery (SSRF) attack. Rated medium severity (CVSS 5.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Technical ContextAI

This vulnerability is classified as Server-Side Request Forgery (SSRF) (CWE-918), which allows attackers to make the server perform requests to unintended internal or external resources. A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to conduct a server-side request forgery (SSRF) attack through an affected device. This vulnerability is due to improper input validation for specific HTTP requests. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected device. A successful exploit could allow the attacker to send arbitrary network requests that are sourced from the affected device. To successfully exploit this vulnerability, the attacker would need valid Super Admin credentials. Affected products include: Cisco Identity Services Engine.

RemediationAI

No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Validate and allowlist destination URLs, block requests to internal networks, use network segmentation.

CVE-2025-20281 CRITICAL POC
10.0 Jun 25

Cisco ISE and ISE-PIC contain a critical input injection vulnerability (CVE-2025-20281, CVSS 10.0) that allows unauthent

CVE-2025-20125 CRITICAL POC
9.1 Feb 05

A vulnerability in an API of Cisco ISE could allow an authenticated, remote attacker with valid read-only credentials to

CVE-2017-6747 CRITICAL
9.8 Aug 07

A vulnerability in the authentication module of Cisco Identity Services Engine (ISE) could allow an unauthenticated, rem

CVE-2025-20282 CRITICAL
10.0 Jun 25

CVE-2025-20282 is a critical remote code execution vulnerability in Cisco ISE and ISE-PIC that allows unauthenticated at

CVE-2025-20286 CRITICAL
9.9 Jun 04

Default credentials in Cisco ISE cloud deployments on AWS/Azure/OCI. CVSS 9.9.

CVE-2022-20733 CRITICAL
9.8 Jun 15

A vulnerability in the login page of Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote attacke

CVE-2024-20486 HIGH
8.8 Aug 21

A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an unauthentic

CVE-2024-20368 HIGH
8.8 Apr 03

A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an unauthentic

CVE-2023-20272 HIGH
8.8 Nov 21

A vulnerability in the web-based management interface of Cisco Identity Services Engine could allow an authenticated, re

CVE-2023-20175 HIGH
8.8 Nov 01

A vulnerability in a specific Cisco ISE CLI command could allow an authenticated, local attacker to perform command inje

CVE-2022-20962 HIGH
8.8 Nov 04

A vulnerability in the Localdisk Management feature of Cisco Identity Services Engine (ISE) could allow an authenticated

CVE-2022-20961 HIGH
8.8 Nov 04

A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an unauthentic

Share

CVE-2024-20332 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy