Cisco ISE is a software-defined networking (SDN) solution that provides centralized management and control of network access across an enterprise. Cisco ISE provides centralized policy inclusion and enforcement across a wide range of access technologies and business use cases.

Cisco ISE has a feature called RADIUS that is used to authorize and/or authenticate users to/from different networks/services. Cisco ISE has been discovered to have a vulnerability in its implementation of the RADIUS protocol. This could allow an unauthenticated, remote attacker to cause Cisco ISE to stop processing RADIUS requests, resulting in authentication/authorization timeouts. Cisco has released software updates that address this vulnerability. The following table lists the Software versions that correct this vulnerability.



To determine what Software release you are running, consult the following table:

. To determine what Software release you are running, consult the following table: Cisco has received reports that when RADIUS requests are sent to Cisco ISE, the following occurs: An authentication request is received, but no response is received.

An authorization request is received, but no response is received.

An authentication request is received, but no response is received.

An authorization request is received, but no response is received

How to Become Confirmed of a Vulnerability

To receive a CVE identifier for this vulnerability, you need to provide Cisco with details of the vulnerability through one of the following methods:

Cisco Security Vulnerability Policy (CVSP)

Cisco Security Vulnerability Reporting Process (CSVRP)

Timeline

Published on: 04/06/2022 19:15:00 UTC
Last modified on: 04/14/2022 15:32:00 UTC

References