BugZero | Cisco BugID CSCwi66126 - ISE ERS API - Updating DACL does not modify last u...

OPERATIONAL DEFECT DATABASE

...

BugZero | Cisco BugID CSCwi66126 - ISE ERS API - Updating DACL does not modify last u...

Cisco - Defect ID: CSCwi66126

ISE ERS API - Updating DACL does not modify last update timestamp

Cisco - Defect ID: CSCwi66126

ISE ERS API - Updating DACL does not modify last update timestamp

Last updated on August 13th, 2024

BugZero Risk Score
6.1 Medium

Overall: 6.1

Severity: 6.4

Lifecycle: 9.1

Popularity: 4.6

What is the BugZero Risk Score?

Cisco Integration

Learn more about where this data comes from

Cisco Integration

Learn more

Bug Scrub Advisor

Streamline upgrades with automated vendor bug scrubs

Bug Scrub Advisor

Learn more

BugZero Enterprise

Wish you caught this bug sooner? Get proactive today.

BugZero Enterprise

Learn more

Bug Details

Description

Symptom

After modifying DACL contents via ERS API you do not observe the updated DACL on subsequent authentication attempts.

Conditions

- DACL updated via ERS API - At least one user remains connected with the original DACL contents applied.

Workaround

After modifying the DACL via ERS API log into ISE GUI and manually save the DACL again.

Further Problem Description

PSIRT Evaluation: The Cisco PSIRT has evaluated this issue and determined it does not meet the criteria for PSIRT ownership or involvement. This issue will be addressed via normal resolution channels. If you believe that there is new information that would cause a change in the severity of this issue, please contact psirt@cisco.com for another evaluation. Additional information on Cisco's security vulnerability policy can be found at the following URL: http://www.cisco.com/en/US/products/products_security_vulnerability_policy.html

Change history

2024-08-13 Added: 003.001(000.907)

Top Cisco Defects

9.7Defect ID: CSCwj74769
After [non]pairwise key enabling and reboot, bfd ip and port mismatch on device.
9.7Defect ID: CSCwq31287
Cisco IOS and IOS XE Software SNMP Denial of Service and Remote Code Execution Vulnerability
9.7Defect ID: CSCwc94466
Cisco ASA/FTD Firepower 2100 SSL/TLS Denial of Service Vulnerability
9.7Defect ID: CSCvq56135
C9200 stack member switches reset with reset reason as stack merge
9.7Defect ID: CSCvg76186
Cisco Smart Install Remote Code Execution and Denial of Service Vulnerability

Cisco Integration

Learn more about where this data comes from

Cisco Integration

Learn more

Bug Scrub Advisor

Streamline upgrades with automated vendor bug scrubs

Bug Scrub Advisor

Learn more

BugZero Enterprise

Wish you caught this bug sooner? Get proactive today.

BugZero Enterprise

Learn more

Ready to prevent the next vendor outage?

Get a demo

OPERATIONAL DEFECT DATABASE

Cisco - Defect ID: CSCwi66126

ISE ERS API - Updating DACL does not modify last update timestamp

Cisco - Defect ID: CSCwi66126

ISE ERS API - Updating DACL does not modify last update timestamp

Last updated on August 13th, 2024

BugZero Risk Score6.1 Medium

Bug Details

Symptom

Conditions

Workaround

Further Problem Description

Links

Top Cisco Defects

Ready to prevent the next vendor outage?

BugZero Risk Score
6.1 Medium