cancel
Showing results for 
Search instead for 
Did you mean: 
cancel

Who Me Too'd this topic

CSCwh70696 - Cisco ISE Stored Cross-Site Scripting Vulnerability

adeelshahzad
Level 1
Level 1

Dear All,

Recently, there is a vulnerability found called cross-site scripting(CVE-2024-20251) in ISE and as per cisco article fixed release is mentioned below which is little confusing about the fixed version. For instance, who has 2.7 version so which version has vulnerability fix that is not clearly mentioned in below table.

Can someone address the same and mentioned the version which has the vulnerability fix for version 2.7.  Since in below table simply mentioned "Migrate to a fixed release" for 2.7 and 3.0 but which version has to migrate its no mentioned.

May be, I have missed something. Appreciate if someone can elaborate. Thanks.

Cisco ISE Release First Fixed Release

2.7 and earlier

Migrate to a fixed release.

3.0

Migrate to a fixed release.

3.1

3.1P8

3.2

3.2P5 (Mar 2024)

3.3

3.3P1

Who Me Too'd this topic