Johannes Ullrich, dean of analysis on the SANS Institute, stated, “Most definitely, that is an XML Exterior Entity vulnerability.” Exterior entities, he defined, are an XML function that instructs the parser to both learn native recordsdata or entry exterior URLs. On this case, an attacker might embed an exterior entity within the license file, instructing the XML parser to learn a confidential file and embody it within the response. It is a frequent vulnerability in XML parsers, he stated, sometimes mitigated by disabling exterior entity parsing.
An attacker would be capable to acquire learn entry to confidential recordsdata like configuration recordsdata, he added, and probably consumer credentials. Ullrich additionally stated an ISE administrator could have entry to quite a lot of the data, however they need to not have entry to consumer credentials.
The Cisco advisory says an attacker might exploit this vulnerability by importing a malicious file to the applying: “A profitable exploit might enable the attacker to learn arbitrary recordsdata from the underlying working system that might embody delicate information that ought to in any other case be inaccessible even to directors. To use this vulnerability, the attacker should have legitimate administrative credentials.”
