Cisco is warning users of a critical vulnerability (CVE-2011-3290) in its Identity Services Engine (ISE) The underlying database used by ISE contains three sets of default credentials that could be exploited by a remote attacker without end-user interaction. The company says that it will release a free update to the software to address the vulnerability on 30 September 2011; no temporary workaround is available. All hardware appliance and software-only versions of Cisco ISE prior to 1.0.4.MR2 are affected.
Source: https://thehackernews.com/2011/09/vulnerability-in-its-identity-services.html