CVE-2011-3290

critical Cisco
CVSS v3 Base Score
10.0
AV:N/AC:L/Au:N/C:C/I:C/A:C
EPSS Score
1.5%
Exploitation probability in 30 days
Top 19% most likely to be exploited
Attack Characteristics
Attack Vector
Network
Attack Complexity
Low
Confidentiality
C
Integrity
C
Availability
C
Published: September 21, 2011 (5348 days ago)
Last Modified: April 29, 2026
Vendor: Cisco
Source: NVD

Description

Cisco Identity Services Engine (ISE) before 1.0.4.MR2 has default Oracle database credentials, which allows remote attackers to modify settings or perform unspecified other administrative actions via unknown vectors, aka Bug ID CSCts59135.

CWE

CWE-255

Affected Products

cisco identity services enginecisco identity services engine software

References

🔗 secunia.com 🔗 www.cisco.com 🔗 www.securityfocus.com 🔗 www.securitytracker.com 🔗 exchange.xforce.ibmcloud.com