CVE-2017-12316

CVE Database · CVE-2017-12316

CVE-2017-12316

· N/AModified

CVSS v3.1

N/A

EPSS

2.03%

Published

Nov 16, 2017

Modified

May 12, 2026

Public PoC / Exploit

All weaponized →

No public PoC or exploit code indexed for this CVE.

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

A vulnerability in the Guest Portal login page of Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote attacker to perform multiple login attempts in excess of the configured login attempt limit. The vulnerability is due to insufficient server-side login attempt limit enforcement. An attacker could exploit this vulnerability by sending modified login attempts to the Guest Portal login page. An exploit could allow the attacker to perform brute-force password attacks on the ISE Guest Portal. Cisco Bug IDs: CSCve98518.

Weaknesses (CWE)

CWE-287CWE-307

Affected Products (1)

cisco · identity_services_engine_softwarevulnerable

References (6)

http://www.securityfocus.com/bid/101931

Third Party AdvisoryVDB Entry

http://www.securitytracker.com/id/1039830

Third Party AdvisoryVDB Entry

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171115-ise

Vendor Advisory

http://www.securityfocus.com/bid/101931

Third Party AdvisoryVDB Entry

http://www.securitytracker.com/id/1039830

Third Party AdvisoryVDB Entry

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171115-ise

KEV Catalog EPSS Scores Vendors All CVEs