← Back to CVE List

CVE-2024-20515

Published: 2024-10-02T17:15Z
Last Modified: 2024-10-08T16:11Z
Source: MITRE CVE List
License: MITRE-CVE-TOS
A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to obtain sensitive information from an affected device. This vulnerability is due to a lack of proper data protection mechanisms for certain configuration settings. An attacker with Read-Only Administrator privileges could exploit this vulnerability by browsing to a page that contains sensitive data. A successful exploit could allow the attacker to view device credentials that are normally not visible to Read-Only Administrators. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt