Cisco Security Advisory - Cisco Identity Services Engine RADIUS Service Denial of Service Vulnerability

[Netwörkheäd]

Cisco Identity Services Engine RADIUS Service Denial of Service Vulnerability

<p>A vulnerability in the RADIUS feature of Cisco&nbsp;Identity Services Engine (ISE) could allow an unauthenticated, remote attacker to cause the affected system to stop processing RADIUS packets.</p>
<p>This vulnerability is due to improper handling of certain RADIUS requests. An attacker could exploit this vulnerability by attempting to authenticate to a network or a service where the access server is using Cisco&nbsp;ISE as the RADIUS server. A successful exploit could allow the attacker to cause Cisco&nbsp;ISE to stop processing RADIUS requests, causing authentication/authorization timeouts, which would then result in legitimate requests being denied access.</p>
<p><strong>Note:</strong> To recover the ability to process RADIUS packets, a manual restart of the affected Policy Service Node (PSN) is required. See the <a href="#details">Details</a> section for more information.</p>
<p>Cisco&nbsp;has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.</p>
<p>This advisory is available at the following link:<br><a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-dos-JLh9TxBp" target="_blank" rel="noopener">https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-dos-JLh9TxBp</a></p>

     
         
Security Impact Rating:  High
   
   
       
CVE: CVE-2022-20756
Source: Cisco Identity Services Engine RADIUS Service Denial of Service Vulnerability