Johannes Ullrich, dean of analysis on the SANS Institute, mentioned, “Most probably, that is an XML Exterior Entity vulnerability.” Exterior entities, he defined, are an XML characteristic that instructs the parser to both learn native recordsdata or entry exterior URLs. On this case, an attacker may embed an exterior entity within the license file, instructing the XML parser to learn a confidential file and embrace it within the response. It is a frequent vulnerability in XML parsers, he mentioned, sometimes mitigated by disabling exterior entity parsing.
An attacker would have the ability to acquire learn entry to confidential recordsdata like configuration recordsdata, he added, and probably person credentials. Ullrich additionally mentioned an ISE administrator could have entry to plenty of the data, however they need to not have entry to person credentials.
The Cisco advisory says an attacker may exploit this vulnerability by importing a malicious file to the applying: “A profitable exploit may enable the attacker to learn arbitrary recordsdata from the underlying working system that might embrace delicate knowledge that ought to in any other case be inaccessible even to directors. To take advantage of this vulnerability, the attacker will need to have legitimate administrative credentials.”
