How severe is CVE-2023-20111?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 6.5 out of 10.

What type of vulnerability is CVE-2023-20111?

This is classified as CWE-497, which is a common weakness in software security.

CVE-2023-20111 - MEDIUM Severity | CVSS 6.5

Vulnerability Description

A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to access sensitive information. This vulnerability is due to the improper storage of sensitive information within the web-based management interface. An attacker could exploit this vulnerability by logging in to the web-based management interface and viewing hidden fields within the application. A successful exploit could allow the attacker to access sensitive information, including device entry credentials, that could aid the attacker in further attacks.

Related Vulnerabilities

CVE-2021-0291

MEDIUM

CVSS:6.5(Medium)

An Exposure of System Data vulnerability in Juniper Networks Junos OS and Junos OS Evolved, where a sensitive system-level resource is not being sufficiently protected, allows a network-based unauthen...

CWE-4972021

CVE-2022-2403

MEDIUM

CVSS:6.5(Medium)

A credentials leak was found in the OpenShift Container Platform. The private key for the external cluster certificate was stored incorrectly in the oauth-serving-cert ConfigMaps, and accessible to an...

CWE-4972022

CVE-2022-4968

MEDIUM

CVSS:6.5(Medium)

netplan leaks the private key of wireguard to local users. Versions after 1.0 are not affected.

CWE-4972022

CVE-2023-23472

MEDIUM

CVSS:6.5(Medium)

IBM InfoSphere DataStage Flow Designer (InfoSphere Information Server 11.7) could allow an authenticated user to obtain sensitive information that could aid in further attacks against the system.

CWE-4972023

CVE-2023-4605

MEDIUM

CVSS:6.5(Medium)

A valid authenticated Lenovo XClarity Administrator (LXCA) user can potentially leverage an unauthenticated API endpoint to retrieve system event information.

CWE-4972023

CVE-2023-50959

MEDIUM

CVSS:6.5(Medium)

IBM Cloud Pak for Business Automation 18.0.0, 18.0.1, 18.0.2,19.0.1, 19.0.2, 19.0.3,20.0.1, 20.0.2, 20.0.3, 21.0.1, 21.0.2, 21.0.3, 22.0.1,2 2.0.2, 23.0.1, and 23.0.2 may allow end users to query more...

CWE-4972023