Search

Find a vulnerability

Search criteria

    18 vulnerabilities found for identity_services_engine_passive_identity_connector by cisco

    CVE-2026-20190 (GCVE-0-2026-20190)

    Vulnerability from nvd – Published: 2026-06-17 16:17 – Updated: 2026-06-17 17:16
    VLAI
    Title
    Cisco Identity Services Engine Information Disclosure Vulnerability
    Summary
    A vulnerability in Cisco ISE and ISE-PIC could allow an unauthenticated, remote attacker to view sensitive information on an affected device. This vulnerability is due to improper authorization checks when a resource is accessed. An attacker could exploit this vulnerability by sending crafted traffic to an affected device. A successful exploit could allow the attacker to gain access to sensitive information, including hashed credentials that could be used in future attacks.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    Cisco Cisco Identity Services Engine Software Affected: 3.4.0
    Affected: 3.4 Patch 1
    Affected: 3.4 Patch 2
    Affected: 3.4 Patch 3
    Affected: 3.5.0
    Affected: 3.4 Patch 4
    Affected: 3.5 Patch 1
    Affected: 3.4 Patch 5
    Affected: 3.5 Patch 2
    Create a notification for this product.
    Cisco Cisco ISE Passive Identity Connector Affected: 3.4.0
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-20190",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-17T17:14:11.061077Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-17T17:16:45.425Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unknown",
              "product": "Cisco Identity Services Engine Software",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "3.4.0"
                },
                {
                  "status": "affected",
                  "version": "3.4 Patch 1"
                },
                {
                  "status": "affected",
                  "version": "3.4 Patch 2"
                },
                {
                  "status": "affected",
                  "version": "3.4 Patch 3"
                },
                {
                  "status": "affected",
                  "version": "3.5.0"
                },
                {
                  "status": "affected",
                  "version": "3.4 Patch 4"
                },
                {
                  "status": "affected",
                  "version": "3.5 Patch 1"
                },
                {
                  "status": "affected",
                  "version": "3.4 Patch 5"
                },
                {
                  "status": "affected",
                  "version": "3.5 Patch 2"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Cisco ISE Passive Identity Connector",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "3.4.0"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability in Cisco ISE and ISE-PIC could allow an unauthenticated, remote attacker to view sensitive information on an affected device.\r\n\r\nThis vulnerability is due to improper authorization checks when a resource is accessed. An attacker could exploit this vulnerability by sending crafted traffic to an affected device. A successful exploit could allow the attacker to gain access to sensitive information, including hashed credentials that could be used in future attacks."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
                "version": "3.1"
              },
              "format": "cvssV3_1"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-285",
                  "description": "Improper Authorization",
                  "lang": "en",
                  "type": "cwe"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-17T16:17:04.911Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "cisco-sa-ise-multi-G5WP8vv",
              "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-multi-G5WP8vv"
            }
          ],
          "source": {
            "advisory": "cisco-sa-ise-multi-G5WP8vv",
            "defects": [
              "CSCwt22936"
            ],
            "discovery": "EXTERNAL"
          },
          "title": "Cisco Identity Services Engine Information Disclosure Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2026-20190",
        "datePublished": "2026-06-17T16:17:04.911Z",
        "dateReserved": "2025-10-08T11:59:15.395Z",
        "dateUpdated": "2026-06-17T17:16:45.425Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-20181 (GCVE-0-2026-20181)

    Vulnerability from nvd – Published: 2026-06-17 16:16 – Updated: 2026-06-18 03:56
    VLAI
    Title
    Cisco Identity Services Engine Remote Code Execution Vulnerability
    Summary
    A vulnerability in Cisco ISE and ISE-PIC could allow an authenticated, remote attacker to execute arbitrary commands on the underlying operating system of an affected device. To exploit this vulnerability, the attacker must have valid administrative credentials. This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected device. A successful exploit could allow the attacker to obtain user-level access to the underlying operating system and then elevate privileges to root. In single-node deployments, successful exploitation of this vulnerability could cause the affected ISE node to become unavailable, resulting in a denial of service (DoS) condition. In that condition, endpoints that have not already authenticated would be unable to access the network until the node is restored.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
    Assigner
    Impacted products
    Vendor Product Version
    Cisco Cisco Identity Services Engine Software Affected: 3.1.0
    Affected: 3.1.0 p1
    Affected: 3.1.0 p3
    Affected: 3.1.0 p2
    Affected: 3.2.0
    Affected: 3.1.0 p4
    Affected: 3.1.0 p5
    Affected: 3.2.0 p1
    Affected: 3.1.0 p6
    Affected: 3.2.0 p2
    Affected: 3.1.0 p7
    Affected: 3.3.0
    Affected: 3.2.0 p3
    Affected: 3.2.0 p4
    Affected: 3.1.0 p8
    Affected: 3.2.0 p5
    Affected: 3.2.0 p6
    Affected: 3.1.0 p9
    Affected: 3.3 Patch 2
    Affected: 3.3 Patch 1
    Affected: 3.3 Patch 3
    Affected: 3.4.0
    Affected: 3.2.0 p7
    Affected: 3.3 Patch 4
    Affected: 3.4 Patch 1
    Affected: 3.1.0 p10
    Affected: 3.3 Patch 5
    Affected: 3.3 Patch 6
    Affected: 3.4 Patch 2
    Affected: 3.3 Patch 7
    Affected: 3.4 Patch 3
    Affected: 3.5.0
    Affected: 3.4 Patch 4
    Affected: 3.3 Patch 8
    Affected: 3.2 Patch 8
    Affected: 3.5 Patch 1
    Affected: 3.3 Patch 9
    Affected: 3.2 Patch 9
    Affected: 3.4 Patch 5
    Affected: 3.5 Patch 3
    Affected: 3.5 Patch 2
    Affected: 3.3 Patch 10
    Affected: 3.2 Patch 10
    Affected: 3.1.0 p11
    Create a notification for this product.
    Cisco Cisco ISE Passive Identity Connector Affected: 3.2.0
    Affected: 3.1.0
    Affected: 3.3.0
    Affected: 3.4.0
    Affected: 3.5.0
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-20181",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-17T00:00:00+00:00",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-18T03:56:44.983Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unknown",
              "product": "Cisco Identity Services Engine Software",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "3.1.0"
                },
                {
                  "status": "affected",
                  "version": "3.1.0 p1"
                },
                {
                  "status": "affected",
                  "version": "3.1.0 p3"
                },
                {
                  "status": "affected",
                  "version": "3.1.0 p2"
                },
                {
                  "status": "affected",
                  "version": "3.2.0"
                },
                {
                  "status": "affected",
                  "version": "3.1.0 p4"
                },
                {
                  "status": "affected",
                  "version": "3.1.0 p5"
                },
                {
                  "status": "affected",
                  "version": "3.2.0 p1"
                },
                {
                  "status": "affected",
                  "version": "3.1.0 p6"
                },
                {
                  "status": "affected",
                  "version": "3.2.0 p2"
                },
                {
                  "status": "affected",
                  "version": "3.1.0 p7"
                },
                {
                  "status": "affected",
                  "version": "3.3.0"
                },
                {
                  "status": "affected",
                  "version": "3.2.0 p3"
                },
                {
                  "status": "affected",
                  "version": "3.2.0 p4"
                },
                {
                  "status": "affected",
                  "version": "3.1.0 p8"
                },
                {
                  "status": "affected",
                  "version": "3.2.0 p5"
                },
                {
                  "status": "affected",
                  "version": "3.2.0 p6"
                },
                {
                  "status": "affected",
                  "version": "3.1.0 p9"
                },
                {
                  "status": "affected",
                  "version": "3.3 Patch 2"
                },
                {
                  "status": "affected",
                  "version": "3.3 Patch 1"
                },
                {
                  "status": "affected",
                  "version": "3.3 Patch 3"
                },
                {
                  "status": "affected",
                  "version": "3.4.0"
                },
                {
                  "status": "affected",
                  "version": "3.2.0 p7"
                },
                {
                  "status": "affected",
                  "version": "3.3 Patch 4"
                },
                {
                  "status": "affected",
                  "version": "3.4 Patch 1"
                },
                {
                  "status": "affected",
                  "version": "3.1.0 p10"
                },
                {
                  "status": "affected",
                  "version": "3.3 Patch 5"
                },
                {
                  "status": "affected",
                  "version": "3.3 Patch 6"
                },
                {
                  "status": "affected",
                  "version": "3.4 Patch 2"
                },
                {
                  "status": "affected",
                  "version": "3.3 Patch 7"
                },
                {
                  "status": "affected",
                  "version": "3.4 Patch 3"
                },
                {
                  "status": "affected",
                  "version": "3.5.0"
                },
                {
                  "status": "affected",
                  "version": "3.4 Patch 4"
                },
                {
                  "status": "affected",
                  "version": "3.3 Patch 8"
                },
                {
                  "status": "affected",
                  "version": "3.2 Patch 8"
                },
                {
                  "status": "affected",
                  "version": "3.5 Patch 1"
                },
                {
                  "status": "affected",
                  "version": "3.3 Patch 9"
                },
                {
                  "status": "affected",
                  "version": "3.2 Patch 9"
                },
                {
                  "status": "affected",
                  "version": "3.4 Patch 5"
                },
                {
                  "status": "affected",
                  "version": "3.5 Patch 3"
                },
                {
                  "status": "affected",
                  "version": "3.5 Patch 2"
                },
                {
                  "status": "affected",
                  "version": "3.3 Patch 10"
                },
                {
                  "status": "affected",
                  "version": "3.2 Patch 10"
                },
                {
                  "status": "affected",
                  "version": "3.1.0 p11"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Cisco ISE Passive Identity Connector",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "3.2.0"
                },
                {
                  "status": "affected",
                  "version": "3.1.0"
                },
                {
                  "status": "affected",
                  "version": "3.3.0"
                },
                {
                  "status": "affected",
                  "version": "3.4.0"
                },
                {
                  "status": "affected",
                  "version": "3.5.0"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability in Cisco ISE and ISE-PIC could allow an authenticated, remote attacker to execute arbitrary commands on the underlying operating system of an affected device. To exploit this vulnerability, the attacker must have valid administrative credentials.\r\n\r\nThis vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected device. A successful exploit could allow the attacker to obtain user-level access to the underlying operating system and then elevate privileges to root. In single-node deployments, successful exploitation of this vulnerability could cause the affected ISE node to become unavailable, resulting in a denial of service (DoS) condition. In that condition, endpoints that have not already authenticated would be unable to access the network until the node is restored."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 9.1,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "cvssV3_1"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-22",
                  "description": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
                  "lang": "en",
                  "type": "cwe"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-17T16:16:56.706Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "cisco-sa-ise-multi-G5WP8vv",
              "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-multi-G5WP8vv"
            }
          ],
          "source": {
            "advisory": "cisco-sa-ise-multi-G5WP8vv",
            "defects": [
              "CSCwt22913"
            ],
            "discovery": "EXTERNAL"
          },
          "title": "Cisco Identity Services Engine Remote Code Execution Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2026-20181",
        "datePublished": "2026-06-17T16:16:56.706Z",
        "dateReserved": "2025-10-08T11:59:15.393Z",
        "dateUpdated": "2026-06-18T03:56:44.983Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-20337 (GCVE-0-2025-20337)

    Vulnerability from nvd – Published: 2025-07-16 16:17 – Updated: 2026-02-26 17:50
    VLAI CISA KEVIntel
    Title
    Cisco ISE API Unauthenticated Remote Code Execution Vulnerability
    Summary
    A vulnerability in a specific API of Cisco ISE and Cisco ISE-PIC could allow an unauthenticated, remote attacker to execute arbitrary code on the underlying operating system as root. The attacker does not require any valid credentials to exploit this vulnerability. This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by submitting a crafted API request. A successful exploit could allow the attacker to obtain root privileges on an affected device.
    SSVC
    Exploitation: active Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-74 - Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
    Assigner
    Impacted products
    Vendor Product Version
    Cisco Cisco Identity Services Engine Software Affected: 3.3.0
    Affected: 3.3 Patch 2
    Affected: 3.3 Patch 1
    Affected: 3.3 Patch 3
    Affected: 3.4.0
    Affected: 3.3 Patch 4
    Affected: 3.4 Patch 1
    Affected: 3.3 Patch 5
    Affected: 3.3 Patch 6
    Create a notification for this product.
    Cisco Cisco ISE Passive Identity Connector Affected: 3.2.0
    Affected: 3.1.0
    Affected: 3.3.0
    Affected: 3.4.0
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-20337",
                    "options": [
                      {
                        "Exploitation": "active"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-07-26T03:55:52.398837Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              },
              {
                "other": {
                  "content": {
                    "dateAdded": "2025-07-28",
                    "reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-20337"
                  },
                  "type": "kev"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-02-26T17:50:30.400Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "references": [
              {
                "tags": [
                  "government-resource"
                ],
                "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-20337"
              }
            ],
            "timeline": [
              {
                "lang": "en",
                "time": "2025-07-28T00:00:00.000Z",
                "value": "CVE-2025-20337 added to CISA KEV"
              }
            ],
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unknown",
              "product": "Cisco Identity Services Engine Software",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "3.3.0"
                },
                {
                  "status": "affected",
                  "version": "3.3 Patch 2"
                },
                {
                  "status": "affected",
                  "version": "3.3 Patch 1"
                },
                {
                  "status": "affected",
                  "version": "3.3 Patch 3"
                },
                {
                  "status": "affected",
                  "version": "3.4.0"
                },
                {
                  "status": "affected",
                  "version": "3.3 Patch 4"
                },
                {
                  "status": "affected",
                  "version": "3.4 Patch 1"
                },
                {
                  "status": "affected",
                  "version": "3.3 Patch 5"
                },
                {
                  "status": "affected",
                  "version": "3.3 Patch 6"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Cisco ISE Passive Identity Connector",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "3.2.0"
                },
                {
                  "status": "affected",
                  "version": "3.1.0"
                },
                {
                  "status": "affected",
                  "version": "3.3.0"
                },
                {
                  "status": "affected",
                  "version": "3.4.0"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability in a specific API of Cisco ISE and Cisco ISE-PIC could allow an unauthenticated, remote attacker to execute arbitrary code on the underlying operating system as root. The attacker does not require any valid credentials to exploit this vulnerability.\r\n\r\nThis vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by submitting a crafted API request. A successful exploit could allow the attacker to obtain root privileges on an affected device."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "In July 2025, the Cisco PSIRT became aware of attempted exploitation of this vulnerability in the wild. Cisco continues to strongly recommend that customers upgrade to a fixed software release to remediate these vulnerabilities."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 10,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "cvssV3_1"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-74",
                  "description": "Improper Neutralization of Special Elements in Output Used by a Downstream Component (\u0027Injection\u0027)",
                  "lang": "en",
                  "type": "cwe"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-07-25T12:26:22.077Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "cisco-sa-ise-unauth-rce-ZAd2GnJ6",
              "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-unauth-rce-ZAd2GnJ6"
            }
          ],
          "source": {
            "advisory": "cisco-sa-ise-unauth-rce-ZAd2GnJ6",
            "defects": [
              "CSCwo99449"
            ],
            "discovery": "EXTERNAL"
          },
          "title": "Cisco ISE API Unauthenticated Remote Code Execution Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2025-20337",
        "datePublished": "2025-07-16T16:17:04.664Z",
        "dateReserved": "2024-10-10T19:15:13.255Z",
        "dateUpdated": "2026-02-26T17:50:30.400Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-20285 (GCVE-0-2025-20285)

    Vulnerability from nvd – Published: 2025-07-16 16:16 – Updated: 2026-02-26 17:50
    VLAI
    Title
    Cisco Identity Services Engine IP Filter Access Restriction for Admin Access Configuration Bypass Vulnerability
    Summary
    A vulnerability in the IP Access Restriction feature of Cisco ISE and Cisco ISE-PIC could allow an authenticated, remote attacker to bypass configured IP access restrictions and log in to the device from a disallowed IP address. This vulnerability is due to improper enforcement of access controls that are configured using the IP Access Restriction feature. An attacker could exploit this vulnerability by logging in to the API from an unauthorized source IP address. A successful exploit could allow the attacker to gain access to the targeted device from an IP address that should have been restricted. To exploit this vulnerability, the attacker must have valid administrative credentials.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-302 - Authentication Bypass by Assumed-Immutable Data
    Assigner
    Impacted products
    Vendor Product Version
    Cisco Cisco Identity Services Engine Software Affected: 3.1.0
    Affected: 3.1.0 p1
    Affected: 3.1.0 p3
    Affected: 3.1.0 p2
    Affected: 3.2.0
    Affected: 3.1.0 p4
    Affected: 3.1.0 p5
    Affected: 3.2.0 p1
    Affected: 3.1.0 p6
    Affected: 3.2.0 p2
    Affected: 3.1.0 p7
    Affected: 3.3.0
    Affected: 3.2.0 p3
    Affected: 3.2.0 p4
    Affected: 3.1.0 p8
    Affected: 3.2.0 p5
    Affected: 3.2.0 p6
    Affected: 3.1.0 p9
    Affected: 3.3 Patch 2
    Affected: 3.3 Patch 1
    Affected: 3.3 Patch 3
    Affected: 3.4.0
    Affected: 3.2.0 p7
    Affected: 3.3 Patch 4
    Affected: 3.4 Patch 1
    Affected: 3.1.0 p10
    Affected: 3.3 Patch 5
    Affected: 3.3 Patch 6
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-20285",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-07-17T03:55:53.094512Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-02-26T17:50:30.825Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unknown",
              "product": "Cisco Identity Services Engine Software",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "3.1.0"
                },
                {
                  "status": "affected",
                  "version": "3.1.0 p1"
                },
                {
                  "status": "affected",
                  "version": "3.1.0 p3"
                },
                {
                  "status": "affected",
                  "version": "3.1.0 p2"
                },
                {
                  "status": "affected",
                  "version": "3.2.0"
                },
                {
                  "status": "affected",
                  "version": "3.1.0 p4"
                },
                {
                  "status": "affected",
                  "version": "3.1.0 p5"
                },
                {
                  "status": "affected",
                  "version": "3.2.0 p1"
                },
                {
                  "status": "affected",
                  "version": "3.1.0 p6"
                },
                {
                  "status": "affected",
                  "version": "3.2.0 p2"
                },
                {
                  "status": "affected",
                  "version": "3.1.0 p7"
                },
                {
                  "status": "affected",
                  "version": "3.3.0"
                },
                {
                  "status": "affected",
                  "version": "3.2.0 p3"
                },
                {
                  "status": "affected",
                  "version": "3.2.0 p4"
                },
                {
                  "status": "affected",
                  "version": "3.1.0 p8"
                },
                {
                  "status": "affected",
                  "version": "3.2.0 p5"
                },
                {
                  "status": "affected",
                  "version": "3.2.0 p6"
                },
                {
                  "status": "affected",
                  "version": "3.1.0 p9"
                },
                {
                  "status": "affected",
                  "version": "3.3 Patch 2"
                },
                {
                  "status": "affected",
                  "version": "3.3 Patch 1"
                },
                {
                  "status": "affected",
                  "version": "3.3 Patch 3"
                },
                {
                  "status": "affected",
                  "version": "3.4.0"
                },
                {
                  "status": "affected",
                  "version": "3.2.0 p7"
                },
                {
                  "status": "affected",
                  "version": "3.3 Patch 4"
                },
                {
                  "status": "affected",
                  "version": "3.4 Patch 1"
                },
                {
                  "status": "affected",
                  "version": "3.1.0 p10"
                },
                {
                  "status": "affected",
                  "version": "3.3 Patch 5"
                },
                {
                  "status": "affected",
                  "version": "3.3 Patch 6"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability in the IP Access Restriction feature of Cisco ISE and Cisco ISE-PIC could allow an authenticated, remote attacker to bypass configured IP access restrictions and log in to the device from a disallowed IP address.\r\n\r\nThis vulnerability is due to improper enforcement of access controls that are configured using the IP Access Restriction feature. An attacker could exploit this vulnerability by logging in to the API from an unauthorized source IP address. A successful exploit could allow the attacker to gain access to the targeted device from an IP address that should have been restricted. To exploit this vulnerability, the attacker must have valid administrative credentials."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 4.1,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "LOW",
                "privilegesRequired": "HIGH",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:L/A:N",
                "version": "3.1"
              },
              "format": "cvssV3_1"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-302",
                  "description": "Authentication Bypass by Assumed-Immutable Data",
                  "lang": "en",
                  "type": "cwe"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-07-16T16:16:56.155Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "cisco-sa-ise-multi-3VpsXOxO",
              "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-multi-3VpsXOxO"
            }
          ],
          "source": {
            "advisory": "cisco-sa-ise-multi-3VpsXOxO",
            "defects": [
              "CSCwp02811"
            ],
            "discovery": "EXTERNAL"
          },
          "title": "Cisco Identity Services Engine IP Filter Access Restriction for Admin Access Configuration Bypass Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2025-20285",
        "datePublished": "2025-07-16T16:16:56.155Z",
        "dateReserved": "2024-10-10T19:15:13.249Z",
        "dateUpdated": "2026-02-26T17:50:30.825Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-20284 (GCVE-0-2025-20284)

    Vulnerability from nvd – Published: 2025-07-16 16:16 – Updated: 2026-02-26 17:50
    VLAI
    Title
    Cisco Identity Services Engine Authenticated Remote Code Execution Vulnerability
    Summary
    A vulnerability in a specific API of Cisco ISE and Cisco ISE-PIC could allow an authenticated, remote attacker to execute arbitrary code on the underlying operating system as root. This vulnerability is due to insufficient validation of user-supplied input. An attacker with valid credentials could exploit this vulnerability by submitting a crafted API request. A successful exploit could allow the attacker to execute commands as the root user. To exploit this vulnerability, the attacker must have valid high-privileged credentials.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-74 - Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
    Assigner
    Impacted products
    Vendor Product Version
    Cisco Cisco Identity Services Engine Software Affected: 3.3.0
    Affected: 3.3 Patch 2
    Affected: 3.3 Patch 1
    Affected: 3.3 Patch 3
    Affected: 3.4.0
    Affected: 3.3 Patch 4
    Affected: 3.4 Patch 1
    Affected: 3.3 Patch 5
    Affected: 3.3 Patch 6
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-20284",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-07-17T03:55:50.843551Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-02-26T17:50:31.157Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unknown",
              "product": "Cisco Identity Services Engine Software",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "3.3.0"
                },
                {
                  "status": "affected",
                  "version": "3.3 Patch 2"
                },
                {
                  "status": "affected",
                  "version": "3.3 Patch 1"
                },
                {
                  "status": "affected",
                  "version": "3.3 Patch 3"
                },
                {
                  "status": "affected",
                  "version": "3.4.0"
                },
                {
                  "status": "affected",
                  "version": "3.3 Patch 4"
                },
                {
                  "status": "affected",
                  "version": "3.4 Patch 1"
                },
                {
                  "status": "affected",
                  "version": "3.3 Patch 5"
                },
                {
                  "status": "affected",
                  "version": "3.3 Patch 6"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability in a specific API of Cisco ISE and Cisco ISE-PIC could allow an authenticated, remote attacker to execute arbitrary code on the underlying operating system as root.\r\n\r\nThis vulnerability is due to insufficient validation of user-supplied input. An attacker with valid credentials could exploit this vulnerability by submitting a crafted API request. A successful exploit could allow the attacker to execute commands as the root user. To exploit this vulnerability, the attacker must have valid high-privileged credentials."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 6.5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N",
                "version": "3.1"
              },
              "format": "cvssV3_1"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-74",
                  "description": "Improper Neutralization of Special Elements in Output Used by a Downstream Component (\u0027Injection\u0027)",
                  "lang": "en",
                  "type": "cwe"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-07-16T16:16:46.479Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "cisco-sa-ise-multi-3VpsXOxO",
              "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-multi-3VpsXOxO"
            }
          ],
          "source": {
            "advisory": "cisco-sa-ise-multi-3VpsXOxO",
            "defects": [
              "CSCwp02819"
            ],
            "discovery": "EXTERNAL"
          },
          "title": "Cisco Identity Services Engine Authenticated Remote Code Execution Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2025-20284",
        "datePublished": "2025-07-16T16:16:46.479Z",
        "dateReserved": "2024-10-10T19:15:13.249Z",
        "dateUpdated": "2026-02-26T17:50:31.157Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-20283 (GCVE-0-2025-20283)

    Vulnerability from nvd – Published: 2025-07-16 16:16 – Updated: 2026-02-26 17:50
    VLAI
    Title
    Cisco Identity Services Engine Authenticated Remote Code Execution Vulnerability
    Summary
    A vulnerability in a specific API of Cisco ISE and Cisco ISE-PIC could allow an authenticated, remote attacker to execute arbitrary code on the underlying operating system as root. This vulnerability is due to insufficient validation of user-supplied input. An attacker with valid credentials could exploit this vulnerability by submitting a crafted API request. A successful exploit could allow the attacker to execute commands as the root user. To exploit this vulnerability, the attacker must have valid high-privileged credentials.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-74 - Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
    Assigner
    Impacted products
    Vendor Product Version
    Cisco Cisco Identity Services Engine Software Affected: 3.3.0
    Affected: 3.3 Patch 2
    Affected: 3.3 Patch 1
    Affected: 3.3 Patch 3
    Affected: 3.4.0
    Affected: 3.3 Patch 4
    Affected: 3.4 Patch 1
    Affected: 3.3 Patch 5
    Affected: 3.3 Patch 6
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-20283",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-07-17T03:55:52.031348Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-02-26T17:50:31.510Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unknown",
              "product": "Cisco Identity Services Engine Software",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "3.3.0"
                },
                {
                  "status": "affected",
                  "version": "3.3 Patch 2"
                },
                {
                  "status": "affected",
                  "version": "3.3 Patch 1"
                },
                {
                  "status": "affected",
                  "version": "3.3 Patch 3"
                },
                {
                  "status": "affected",
                  "version": "3.4.0"
                },
                {
                  "status": "affected",
                  "version": "3.3 Patch 4"
                },
                {
                  "status": "affected",
                  "version": "3.4 Patch 1"
                },
                {
                  "status": "affected",
                  "version": "3.3 Patch 5"
                },
                {
                  "status": "affected",
                  "version": "3.3 Patch 6"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability in a specific API of Cisco ISE and Cisco ISE-PIC could allow an authenticated, remote attacker to execute arbitrary code on the underlying operating system as root.\r\n\r\nThis vulnerability is due to insufficient validation of user-supplied input. An attacker with valid credentials could exploit this vulnerability by submitting a crafted API request. A successful exploit could allow the attacker to execute commands as the root user. To exploit this vulnerability, the attacker must have valid high-privileged credentials."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 6.5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N",
                "version": "3.1"
              },
              "format": "cvssV3_1"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-74",
                  "description": "Improper Neutralization of Special Elements in Output Used by a Downstream Component (\u0027Injection\u0027)",
                  "lang": "en",
                  "type": "cwe"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-07-16T16:16:37.827Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "cisco-sa-ise-multi-3VpsXOxO",
              "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-multi-3VpsXOxO"
            }
          ],
          "source": {
            "advisory": "cisco-sa-ise-multi-3VpsXOxO",
            "defects": [
              "CSCwp02806"
            ],
            "discovery": "EXTERNAL"
          },
          "title": "Cisco Identity Services Engine Authenticated Remote Code Execution Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2025-20283",
        "datePublished": "2025-07-16T16:16:37.827Z",
        "dateReserved": "2024-10-10T19:15:13.249Z",
        "dateUpdated": "2026-02-26T17:50:31.510Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-20282 (GCVE-0-2025-20282)

    Vulnerability from nvd – Published: 2025-06-25 16:29 – Updated: 2026-02-26 17:50
    VLAI KEVIntel
    Title
    Cisco ISE API Unauthenticated Remote Code Execution Vulnerability
    Summary
    A vulnerability in an internal API of Cisco ISE and Cisco ISE-PIC could allow an unauthenticated, remote attacker to upload arbitrary files to an affected device and then execute those files on the underlying operating system as root. This vulnerability is due a lack of file validation checks that would prevent uploaded files from being placed in privileged directories on an affected system. An attacker could exploit this vulnerability by uploading a crafted file to the affected device. A successful exploit could allow the attacker to store malicious files on the affected system and then execute arbitrary code or obtain root privileges on the system.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-269 - Improper Privilege Management
    Assigner
    Impacted products
    Vendor Product Version
    Cisco Cisco Identity Services Engine Software Affected: 3.4.0
    Affected: 3.4 Patch 1
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-20282",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-06-26T03:55:26.461128Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-02-26T17:50:23.927Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unknown",
              "product": "Cisco Identity Services Engine Software",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "3.4.0"
                },
                {
                  "status": "affected",
                  "version": "3.4 Patch 1"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability in an internal API of Cisco ISE and Cisco ISE-PIC could allow an unauthenticated, remote attacker to upload arbitrary files to an affected device and then execute those files on the underlying operating system as root.\r\n\r\nThis vulnerability is due a lack of file validation checks that would prevent uploaded files from being placed in privileged directories on an affected system. An attacker could exploit this vulnerability by uploading a crafted file to the affected device. A successful exploit could allow the attacker to store malicious files on the affected system and then execute arbitrary code or obtain root privileges on the system."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of this vulnerability."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 10,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "cvssV3_1"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-269",
                  "description": "Improper Privilege Management",
                  "lang": "en",
                  "type": "cwe"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-07-25T12:26:24.545Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "cisco-sa-ise-unauth-rce-ZAd2GnJ6",
              "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-unauth-rce-ZAd2GnJ6"
            }
          ],
          "source": {
            "advisory": "cisco-sa-ise-unauth-rce-ZAd2GnJ6",
            "defects": [
              "CSCwp02821"
            ],
            "discovery": "EXTERNAL"
          },
          "title": "Cisco ISE API Unauthenticated Remote Code Execution Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2025-20282",
        "datePublished": "2025-06-25T16:29:12.357Z",
        "dateReserved": "2024-10-10T19:15:13.248Z",
        "dateUpdated": "2026-02-26T17:50:23.927Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-20281 (GCVE-0-2025-20281)

    Vulnerability from nvd – Published: 2025-06-25 16:11 – Updated: 2026-02-26 17:50
    Title
    Cisco ISE API Unauthenticated Remote Code Execution Vulnerability
    Summary
    A vulnerability in a specific API of Cisco ISE and Cisco ISE-PIC could allow an unauthenticated, remote attacker to execute arbitrary code on the underlying operating system as root. The attacker does not require any valid credentials to exploit this vulnerability. This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by submitting a crafted API request. A successful exploit could allow the attacker to obtain root privileges on an affected device.
    SSVC
    Exploitation: active Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-74 - Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
    Assigner
    Impacted products
    Vendor Product Version
    Cisco Cisco Identity Services Engine Software Affected: 3.3.0
    Affected: 3.3 Patch 2
    Affected: 3.3 Patch 1
    Affected: 3.3 Patch 3
    Affected: 3.4.0
    Affected: 3.3 Patch 4
    Affected: 3.4 Patch 1
    Affected: 3.3 Patch 5
    Affected: 3.3 Patch 6
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-20281",
                    "options": [
                      {
                        "Exploitation": "active"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-07-26T03:55:51.221716Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              },
              {
                "other": {
                  "content": {
                    "dateAdded": "2025-07-28",
                    "reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-20281"
                  },
                  "type": "kev"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-02-26T17:50:24.202Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "references": [
              {
                "tags": [
                  "exploit",
                  "technical-description"
                ],
                "url": "https://www.zerodayinitiative.com/blog/2025/7/24/cve-2025-20281-cisco-ise-api-unauthenticated-remote-code-execution-vulnerability"
              },
              {
                "tags": [
                  "government-resource"
                ],
                "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-20281"
              }
            ],
            "timeline": [
              {
                "lang": "en",
                "time": "2025-07-28T00:00:00.000Z",
                "value": "CVE-2025-20281 added to CISA KEV"
              }
            ],
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unknown",
              "product": "Cisco Identity Services Engine Software",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "3.3.0"
                },
                {
                  "status": "affected",
                  "version": "3.3 Patch 2"
                },
                {
                  "status": "affected",
                  "version": "3.3 Patch 1"
                },
                {
                  "status": "affected",
                  "version": "3.3 Patch 3"
                },
                {
                  "status": "affected",
                  "version": "3.4.0"
                },
                {
                  "status": "affected",
                  "version": "3.3 Patch 4"
                },
                {
                  "status": "affected",
                  "version": "3.4 Patch 1"
                },
                {
                  "status": "affected",
                  "version": "3.3 Patch 5"
                },
                {
                  "status": "affected",
                  "version": "3.3 Patch 6"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability in a specific API of Cisco ISE and Cisco ISE-PIC could allow an unauthenticated, remote attacker to execute arbitrary code on the underlying operating system as root. The attacker does not require any valid credentials to exploit this vulnerability.\r\n\r\nThis vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by submitting a crafted API request. A successful exploit could allow the attacker to obtain root privileges on an affected device."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "In July 2025, the Cisco PSIRT became aware of attempted exploitation of this vulnerability in the wild. Cisco continues to strongly recommend that customers upgrade to a fixed software release to remediate these vulnerabilities."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 10,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "cvssV3_1"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-74",
                  "description": "Improper Neutralization of Special Elements in Output Used by a Downstream Component (\u0027Injection\u0027)",
                  "lang": "en",
                  "type": "cwe"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-07-25T12:26:24.542Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "cisco-sa-ise-unauth-rce-ZAd2GnJ6",
              "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-unauth-rce-ZAd2GnJ6"
            }
          ],
          "source": {
            "advisory": "cisco-sa-ise-unauth-rce-ZAd2GnJ6",
            "defects": [
              "CSCwo99449"
            ],
            "discovery": "EXTERNAL"
          },
          "title": "Cisco ISE API Unauthenticated Remote Code Execution Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2025-20281",
        "datePublished": "2025-06-25T16:11:42.285Z",
        "dateReserved": "2024-10-10T19:15:13.247Z",
        "dateUpdated": "2026-02-26T17:50:24.202Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-20130 (GCVE-0-2025-20130)

    Vulnerability from nvd – Published: 2025-06-04 16:17 – Updated: 2025-06-23 20:27
    VLAI
    Title
    Cisco Identity Services Engine Access Control Bypass Vulnerability
    Summary
    A vulnerability in the API of Cisco Identity Services Engine (ISE) and Cisco ISE Passive Identity Connector (ISE-PIC) could allow an authenticated, remote attacker with administrative privileges to upload files to an affected device. This vulnerability is due to improper validation of the file copy function. An attacker could exploit this vulnerability by sending a crafted file upload request to a specific API endpoint. A successful exploit could allow the attacker to upload arbitrary files to an affected system.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-284 - Improper Access Control
    Assigner
    Impacted products
    Vendor Product Version
    Cisco Cisco Identity Services Engine Software Affected: 3.0.0
    Affected: 3.0.0 p1
    Affected: 3.0.0 p2
    Affected: 3.0.0 p3
    Affected: 3.1.0
    Affected: 3.0.0 p4
    Affected: 3.1.0 p1
    Affected: 3.0.0 p5
    Affected: 3.1.0 p3
    Affected: 3.1.0 p2
    Affected: 3.0.0 p6
    Affected: 3.2.0
    Affected: 3.1.0 p4
    Affected: 2.7.0 p8
    Affected: 3.1.0 p5
    Affected: 3.2.0 p1
    Affected: 3.0.0 p7
    Affected: 3.1.0 p6
    Affected: 3.2.0 p2
    Affected: 3.1.0 p7
    Affected: 3.3.0
    Affected: 3.2.0 p3
    Affected: 3.0.0 p8
    Affected: 3.2.0 p4
    Affected: 3.1.0 p8
    Affected: 3.2.0 p5
    Affected: 3.2.0 p6
    Affected: 3.1.0 p9
    Affected: 3.3 Patch 2
    Affected: 3.3 Patch 1
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-20130",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-06-04T18:13:24.858171Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-06-04T18:20:23.800Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unknown",
              "product": "Cisco Identity Services Engine Software",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "3.0.0"
                },
                {
                  "status": "affected",
                  "version": "3.0.0 p1"
                },
                {
                  "status": "affected",
                  "version": "3.0.0 p2"
                },
                {
                  "status": "affected",
                  "version": "3.0.0 p3"
                },
                {
                  "status": "affected",
                  "version": "3.1.0"
                },
                {
                  "status": "affected",
                  "version": "3.0.0 p4"
                },
                {
                  "status": "affected",
                  "version": "3.1.0 p1"
                },
                {
                  "status": "affected",
                  "version": "3.0.0 p5"
                },
                {
                  "status": "affected",
                  "version": "3.1.0 p3"
                },
                {
                  "status": "affected",
                  "version": "3.1.0 p2"
                },
                {
                  "status": "affected",
                  "version": "3.0.0 p6"
                },
                {
                  "status": "affected",
                  "version": "3.2.0"
                },
                {
                  "status": "affected",
                  "version": "3.1.0 p4"
                },
                {
                  "status": "affected",
                  "version": "2.7.0 p8"
                },
                {
                  "status": "affected",
                  "version": "3.1.0 p5"
                },
                {
                  "status": "affected",
                  "version": "3.2.0 p1"
                },
                {
                  "status": "affected",
                  "version": "3.0.0 p7"
                },
                {
                  "status": "affected",
                  "version": "3.1.0 p6"
                },
                {
                  "status": "affected",
                  "version": "3.2.0 p2"
                },
                {
                  "status": "affected",
                  "version": "3.1.0 p7"
                },
                {
                  "status": "affected",
                  "version": "3.3.0"
                },
                {
                  "status": "affected",
                  "version": "3.2.0 p3"
                },
                {
                  "status": "affected",
                  "version": "3.0.0 p8"
                },
                {
                  "status": "affected",
                  "version": "3.2.0 p4"
                },
                {
                  "status": "affected",
                  "version": "3.1.0 p8"
                },
                {
                  "status": "affected",
                  "version": "3.2.0 p5"
                },
                {
                  "status": "affected",
                  "version": "3.2.0 p6"
                },
                {
                  "status": "affected",
                  "version": "3.1.0 p9"
                },
                {
                  "status": "affected",
                  "version": "3.3 Patch 2"
                },
                {
                  "status": "affected",
                  "version": "3.3 Patch 1"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability in the API of Cisco Identity Services Engine (ISE) and Cisco ISE Passive Identity Connector (ISE-PIC) could allow an authenticated, remote attacker with administrative privileges to upload files to an affected device.\r\n\r\nThis vulnerability is due to improper validation of the file copy function. An attacker could exploit this vulnerability by sending a crafted file upload request to a specific API endpoint. A successful exploit could allow the attacker to upload arbitrary files to an affected system."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "The Cisco PSIRT is aware that proof-of-concept exploit code is available for the vulnerability described in this advisory.\r\n\r\nThe Cisco PSIRT is not aware of any malicious use of the vulnerability that is described in this advisory."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 4.9,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N",
                "version": "3.1"
              },
              "format": "cvssV3_1"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-284",
                  "description": "Improper Access Control",
                  "lang": "en",
                  "type": "cwe"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-06-23T20:27:53.961Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "cisco-sa-ise-file-upload-P4M8vwXY",
              "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-file-upload-P4M8vwXY"
            }
          ],
          "source": {
            "advisory": "cisco-sa-ise-file-upload-P4M8vwXY",
            "defects": [
              "CSCwj33565"
            ],
            "discovery": "EXTERNAL"
          },
          "title": "Cisco Identity Services Engine Access Control Bypass Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2025-20130",
        "datePublished": "2025-06-04T16:17:27.311Z",
        "dateReserved": "2024-10-10T19:15:13.212Z",
        "dateUpdated": "2025-06-23T20:27:53.961Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2026-20190 (GCVE-0-2026-20190)

    Vulnerability from cvelistv5 – Published: 2026-06-17 16:17 – Updated: 2026-06-17 17:16
    VLAI
    Title
    Cisco Identity Services Engine Information Disclosure Vulnerability
    Summary
    A vulnerability in Cisco ISE and ISE-PIC could allow an unauthenticated, remote attacker to view sensitive information on an affected device. This vulnerability is due to improper authorization checks when a resource is accessed. An attacker could exploit this vulnerability by sending crafted traffic to an affected device. A successful exploit could allow the attacker to gain access to sensitive information, including hashed credentials that could be used in future attacks.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    Cisco Cisco Identity Services Engine Software Affected: 3.4.0
    Affected: 3.4 Patch 1
    Affected: 3.4 Patch 2
    Affected: 3.4 Patch 3
    Affected: 3.5.0
    Affected: 3.4 Patch 4
    Affected: 3.5 Patch 1
    Affected: 3.4 Patch 5
    Affected: 3.5 Patch 2
    Create a notification for this product.
    Cisco Cisco ISE Passive Identity Connector Affected: 3.4.0
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-20190",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-17T17:14:11.061077Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-17T17:16:45.425Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unknown",
              "product": "Cisco Identity Services Engine Software",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "3.4.0"
                },
                {
                  "status": "affected",
                  "version": "3.4 Patch 1"
                },
                {
                  "status": "affected",
                  "version": "3.4 Patch 2"
                },
                {
                  "status": "affected",
                  "version": "3.4 Patch 3"
                },
                {
                  "status": "affected",
                  "version": "3.5.0"
                },
                {
                  "status": "affected",
                  "version": "3.4 Patch 4"
                },
                {
                  "status": "affected",
                  "version": "3.5 Patch 1"
                },
                {
                  "status": "affected",
                  "version": "3.4 Patch 5"
                },
                {
                  "status": "affected",
                  "version": "3.5 Patch 2"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Cisco ISE Passive Identity Connector",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "3.4.0"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability in Cisco ISE and ISE-PIC could allow an unauthenticated, remote attacker to view sensitive information on an affected device.\r\n\r\nThis vulnerability is due to improper authorization checks when a resource is accessed. An attacker could exploit this vulnerability by sending crafted traffic to an affected device. A successful exploit could allow the attacker to gain access to sensitive information, including hashed credentials that could be used in future attacks."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
                "version": "3.1"
              },
              "format": "cvssV3_1"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-285",
                  "description": "Improper Authorization",
                  "lang": "en",
                  "type": "cwe"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-17T16:17:04.911Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "cisco-sa-ise-multi-G5WP8vv",
              "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-multi-G5WP8vv"
            }
          ],
          "source": {
            "advisory": "cisco-sa-ise-multi-G5WP8vv",
            "defects": [
              "CSCwt22936"
            ],
            "discovery": "EXTERNAL"
          },
          "title": "Cisco Identity Services Engine Information Disclosure Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2026-20190",
        "datePublished": "2026-06-17T16:17:04.911Z",
        "dateReserved": "2025-10-08T11:59:15.395Z",
        "dateUpdated": "2026-06-17T17:16:45.425Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-20181 (GCVE-0-2026-20181)

    Vulnerability from cvelistv5 – Published: 2026-06-17 16:16 – Updated: 2026-06-18 03:56
    VLAI
    Title
    Cisco Identity Services Engine Remote Code Execution Vulnerability
    Summary
    A vulnerability in Cisco ISE and ISE-PIC could allow an authenticated, remote attacker to execute arbitrary commands on the underlying operating system of an affected device. To exploit this vulnerability, the attacker must have valid administrative credentials. This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected device. A successful exploit could allow the attacker to obtain user-level access to the underlying operating system and then elevate privileges to root. In single-node deployments, successful exploitation of this vulnerability could cause the affected ISE node to become unavailable, resulting in a denial of service (DoS) condition. In that condition, endpoints that have not already authenticated would be unable to access the network until the node is restored.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
    Assigner
    Impacted products
    Vendor Product Version
    Cisco Cisco Identity Services Engine Software Affected: 3.1.0
    Affected: 3.1.0 p1
    Affected: 3.1.0 p3
    Affected: 3.1.0 p2
    Affected: 3.2.0
    Affected: 3.1.0 p4
    Affected: 3.1.0 p5
    Affected: 3.2.0 p1
    Affected: 3.1.0 p6
    Affected: 3.2.0 p2
    Affected: 3.1.0 p7
    Affected: 3.3.0
    Affected: 3.2.0 p3
    Affected: 3.2.0 p4
    Affected: 3.1.0 p8
    Affected: 3.2.0 p5
    Affected: 3.2.0 p6
    Affected: 3.1.0 p9
    Affected: 3.3 Patch 2
    Affected: 3.3 Patch 1
    Affected: 3.3 Patch 3
    Affected: 3.4.0
    Affected: 3.2.0 p7
    Affected: 3.3 Patch 4
    Affected: 3.4 Patch 1
    Affected: 3.1.0 p10
    Affected: 3.3 Patch 5
    Affected: 3.3 Patch 6
    Affected: 3.4 Patch 2
    Affected: 3.3 Patch 7
    Affected: 3.4 Patch 3
    Affected: 3.5.0
    Affected: 3.4 Patch 4
    Affected: 3.3 Patch 8
    Affected: 3.2 Patch 8
    Affected: 3.5 Patch 1
    Affected: 3.3 Patch 9
    Affected: 3.2 Patch 9
    Affected: 3.4 Patch 5
    Affected: 3.5 Patch 3
    Affected: 3.5 Patch 2
    Affected: 3.3 Patch 10
    Affected: 3.2 Patch 10
    Affected: 3.1.0 p11
    Create a notification for this product.
    Cisco Cisco ISE Passive Identity Connector Affected: 3.2.0
    Affected: 3.1.0
    Affected: 3.3.0
    Affected: 3.4.0
    Affected: 3.5.0
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-20181",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-17T00:00:00+00:00",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-18T03:56:44.983Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unknown",
              "product": "Cisco Identity Services Engine Software",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "3.1.0"
                },
                {
                  "status": "affected",
                  "version": "3.1.0 p1"
                },
                {
                  "status": "affected",
                  "version": "3.1.0 p3"
                },
                {
                  "status": "affected",
                  "version": "3.1.0 p2"
                },
                {
                  "status": "affected",
                  "version": "3.2.0"
                },
                {
                  "status": "affected",
                  "version": "3.1.0 p4"
                },
                {
                  "status": "affected",
                  "version": "3.1.0 p5"
                },
                {
                  "status": "affected",
                  "version": "3.2.0 p1"
                },
                {
                  "status": "affected",
                  "version": "3.1.0 p6"
                },
                {
                  "status": "affected",
                  "version": "3.2.0 p2"
                },
                {
                  "status": "affected",
                  "version": "3.1.0 p7"
                },
                {
                  "status": "affected",
                  "version": "3.3.0"
                },
                {
                  "status": "affected",
                  "version": "3.2.0 p3"
                },
                {
                  "status": "affected",
                  "version": "3.2.0 p4"
                },
                {
                  "status": "affected",
                  "version": "3.1.0 p8"
                },
                {
                  "status": "affected",
                  "version": "3.2.0 p5"
                },
                {
                  "status": "affected",
                  "version": "3.2.0 p6"
                },
                {
                  "status": "affected",
                  "version": "3.1.0 p9"
                },
                {
                  "status": "affected",
                  "version": "3.3 Patch 2"
                },
                {
                  "status": "affected",
                  "version": "3.3 Patch 1"
                },
                {
                  "status": "affected",
                  "version": "3.3 Patch 3"
                },
                {
                  "status": "affected",
                  "version": "3.4.0"
                },
                {
                  "status": "affected",
                  "version": "3.2.0 p7"
                },
                {
                  "status": "affected",
                  "version": "3.3 Patch 4"
                },
                {
                  "status": "affected",
                  "version": "3.4 Patch 1"
                },
                {
                  "status": "affected",
                  "version": "3.1.0 p10"
                },
                {
                  "status": "affected",
                  "version": "3.3 Patch 5"
                },
                {
                  "status": "affected",
                  "version": "3.3 Patch 6"
                },
                {
                  "status": "affected",
                  "version": "3.4 Patch 2"
                },
                {
                  "status": "affected",
                  "version": "3.3 Patch 7"
                },
                {
                  "status": "affected",
                  "version": "3.4 Patch 3"
                },
                {
                  "status": "affected",
                  "version": "3.5.0"
                },
                {
                  "status": "affected",
                  "version": "3.4 Patch 4"
                },
                {
                  "status": "affected",
                  "version": "3.3 Patch 8"
                },
                {
                  "status": "affected",
                  "version": "3.2 Patch 8"
                },
                {
                  "status": "affected",
                  "version": "3.5 Patch 1"
                },
                {
                  "status": "affected",
                  "version": "3.3 Patch 9"
                },
                {
                  "status": "affected",
                  "version": "3.2 Patch 9"
                },
                {
                  "status": "affected",
                  "version": "3.4 Patch 5"
                },
                {
                  "status": "affected",
                  "version": "3.5 Patch 3"
                },
                {
                  "status": "affected",
                  "version": "3.5 Patch 2"
                },
                {
                  "status": "affected",
                  "version": "3.3 Patch 10"
                },
                {
                  "status": "affected",
                  "version": "3.2 Patch 10"
                },
                {
                  "status": "affected",
                  "version": "3.1.0 p11"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Cisco ISE Passive Identity Connector",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "3.2.0"
                },
                {
                  "status": "affected",
                  "version": "3.1.0"
                },
                {
                  "status": "affected",
                  "version": "3.3.0"
                },
                {
                  "status": "affected",
                  "version": "3.4.0"
                },
                {
                  "status": "affected",
                  "version": "3.5.0"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability in Cisco ISE and ISE-PIC could allow an authenticated, remote attacker to execute arbitrary commands on the underlying operating system of an affected device. To exploit this vulnerability, the attacker must have valid administrative credentials.\r\n\r\nThis vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected device. A successful exploit could allow the attacker to obtain user-level access to the underlying operating system and then elevate privileges to root. In single-node deployments, successful exploitation of this vulnerability could cause the affected ISE node to become unavailable, resulting in a denial of service (DoS) condition. In that condition, endpoints that have not already authenticated would be unable to access the network until the node is restored."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 9.1,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "cvssV3_1"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-22",
                  "description": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
                  "lang": "en",
                  "type": "cwe"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-17T16:16:56.706Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "cisco-sa-ise-multi-G5WP8vv",
              "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-multi-G5WP8vv"
            }
          ],
          "source": {
            "advisory": "cisco-sa-ise-multi-G5WP8vv",
            "defects": [
              "CSCwt22913"
            ],
            "discovery": "EXTERNAL"
          },
          "title": "Cisco Identity Services Engine Remote Code Execution Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2026-20181",
        "datePublished": "2026-06-17T16:16:56.706Z",
        "dateReserved": "2025-10-08T11:59:15.393Z",
        "dateUpdated": "2026-06-18T03:56:44.983Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-20337 (GCVE-0-2025-20337)

    Vulnerability from cvelistv5 – Published: 2025-07-16 16:17 – Updated: 2026-02-26 17:50
    VLAI CISA KEVIntel
    Title
    Cisco ISE API Unauthenticated Remote Code Execution Vulnerability
    Summary
    A vulnerability in a specific API of Cisco ISE and Cisco ISE-PIC could allow an unauthenticated, remote attacker to execute arbitrary code on the underlying operating system as root. The attacker does not require any valid credentials to exploit this vulnerability. This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by submitting a crafted API request. A successful exploit could allow the attacker to obtain root privileges on an affected device.
    SSVC
    Exploitation: active Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-74 - Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
    Assigner
    Impacted products
    Vendor Product Version
    Cisco Cisco Identity Services Engine Software Affected: 3.3.0
    Affected: 3.3 Patch 2
    Affected: 3.3 Patch 1
    Affected: 3.3 Patch 3
    Affected: 3.4.0
    Affected: 3.3 Patch 4
    Affected: 3.4 Patch 1
    Affected: 3.3 Patch 5
    Affected: 3.3 Patch 6
    Create a notification for this product.
    Cisco Cisco ISE Passive Identity Connector Affected: 3.2.0
    Affected: 3.1.0
    Affected: 3.3.0
    Affected: 3.4.0
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-20337",
                    "options": [
                      {
                        "Exploitation": "active"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-07-26T03:55:52.398837Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              },
              {
                "other": {
                  "content": {
                    "dateAdded": "2025-07-28",
                    "reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-20337"
                  },
                  "type": "kev"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-02-26T17:50:30.400Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "references": [
              {
                "tags": [
                  "government-resource"
                ],
                "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-20337"
              }
            ],
            "timeline": [
              {
                "lang": "en",
                "time": "2025-07-28T00:00:00.000Z",
                "value": "CVE-2025-20337 added to CISA KEV"
              }
            ],
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unknown",
              "product": "Cisco Identity Services Engine Software",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "3.3.0"
                },
                {
                  "status": "affected",
                  "version": "3.3 Patch 2"
                },
                {
                  "status": "affected",
                  "version": "3.3 Patch 1"
                },
                {
                  "status": "affected",
                  "version": "3.3 Patch 3"
                },
                {
                  "status": "affected",
                  "version": "3.4.0"
                },
                {
                  "status": "affected",
                  "version": "3.3 Patch 4"
                },
                {
                  "status": "affected",
                  "version": "3.4 Patch 1"
                },
                {
                  "status": "affected",
                  "version": "3.3 Patch 5"
                },
                {
                  "status": "affected",
                  "version": "3.3 Patch 6"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Cisco ISE Passive Identity Connector",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "3.2.0"
                },
                {
                  "status": "affected",
                  "version": "3.1.0"
                },
                {
                  "status": "affected",
                  "version": "3.3.0"
                },
                {
                  "status": "affected",
                  "version": "3.4.0"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability in a specific API of Cisco ISE and Cisco ISE-PIC could allow an unauthenticated, remote attacker to execute arbitrary code on the underlying operating system as root. The attacker does not require any valid credentials to exploit this vulnerability.\r\n\r\nThis vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by submitting a crafted API request. A successful exploit could allow the attacker to obtain root privileges on an affected device."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "In July 2025, the Cisco PSIRT became aware of attempted exploitation of this vulnerability in the wild. Cisco continues to strongly recommend that customers upgrade to a fixed software release to remediate these vulnerabilities."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 10,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "cvssV3_1"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-74",
                  "description": "Improper Neutralization of Special Elements in Output Used by a Downstream Component (\u0027Injection\u0027)",
                  "lang": "en",
                  "type": "cwe"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-07-25T12:26:22.077Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "cisco-sa-ise-unauth-rce-ZAd2GnJ6",
              "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-unauth-rce-ZAd2GnJ6"
            }
          ],
          "source": {
            "advisory": "cisco-sa-ise-unauth-rce-ZAd2GnJ6",
            "defects": [
              "CSCwo99449"
            ],
            "discovery": "EXTERNAL"
          },
          "title": "Cisco ISE API Unauthenticated Remote Code Execution Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2025-20337",
        "datePublished": "2025-07-16T16:17:04.664Z",
        "dateReserved": "2024-10-10T19:15:13.255Z",
        "dateUpdated": "2026-02-26T17:50:30.400Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-20285 (GCVE-0-2025-20285)

    Vulnerability from cvelistv5 – Published: 2025-07-16 16:16 – Updated: 2026-02-26 17:50
    VLAI
    Title
    Cisco Identity Services Engine IP Filter Access Restriction for Admin Access Configuration Bypass Vulnerability
    Summary
    A vulnerability in the IP Access Restriction feature of Cisco ISE and Cisco ISE-PIC could allow an authenticated, remote attacker to bypass configured IP access restrictions and log in to the device from a disallowed IP address. This vulnerability is due to improper enforcement of access controls that are configured using the IP Access Restriction feature. An attacker could exploit this vulnerability by logging in to the API from an unauthorized source IP address. A successful exploit could allow the attacker to gain access to the targeted device from an IP address that should have been restricted. To exploit this vulnerability, the attacker must have valid administrative credentials.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-302 - Authentication Bypass by Assumed-Immutable Data
    Assigner
    Impacted products
    Vendor Product Version
    Cisco Cisco Identity Services Engine Software Affected: 3.1.0
    Affected: 3.1.0 p1
    Affected: 3.1.0 p3
    Affected: 3.1.0 p2
    Affected: 3.2.0
    Affected: 3.1.0 p4
    Affected: 3.1.0 p5
    Affected: 3.2.0 p1
    Affected: 3.1.0 p6
    Affected: 3.2.0 p2
    Affected: 3.1.0 p7
    Affected: 3.3.0
    Affected: 3.2.0 p3
    Affected: 3.2.0 p4
    Affected: 3.1.0 p8
    Affected: 3.2.0 p5
    Affected: 3.2.0 p6
    Affected: 3.1.0 p9
    Affected: 3.3 Patch 2
    Affected: 3.3 Patch 1
    Affected: 3.3 Patch 3
    Affected: 3.4.0
    Affected: 3.2.0 p7
    Affected: 3.3 Patch 4
    Affected: 3.4 Patch 1
    Affected: 3.1.0 p10
    Affected: 3.3 Patch 5
    Affected: 3.3 Patch 6
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-20285",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-07-17T03:55:53.094512Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-02-26T17:50:30.825Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unknown",
              "product": "Cisco Identity Services Engine Software",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "3.1.0"
                },
                {
                  "status": "affected",
                  "version": "3.1.0 p1"
                },
                {
                  "status": "affected",
                  "version": "3.1.0 p3"
                },
                {
                  "status": "affected",
                  "version": "3.1.0 p2"
                },
                {
                  "status": "affected",
                  "version": "3.2.0"
                },
                {
                  "status": "affected",
                  "version": "3.1.0 p4"
                },
                {
                  "status": "affected",
                  "version": "3.1.0 p5"
                },
                {
                  "status": "affected",
                  "version": "3.2.0 p1"
                },
                {
                  "status": "affected",
                  "version": "3.1.0 p6"
                },
                {
                  "status": "affected",
                  "version": "3.2.0 p2"
                },
                {
                  "status": "affected",
                  "version": "3.1.0 p7"
                },
                {
                  "status": "affected",
                  "version": "3.3.0"
                },
                {
                  "status": "affected",
                  "version": "3.2.0 p3"
                },
                {
                  "status": "affected",
                  "version": "3.2.0 p4"
                },
                {
                  "status": "affected",
                  "version": "3.1.0 p8"
                },
                {
                  "status": "affected",
                  "version": "3.2.0 p5"
                },
                {
                  "status": "affected",
                  "version": "3.2.0 p6"
                },
                {
                  "status": "affected",
                  "version": "3.1.0 p9"
                },
                {
                  "status": "affected",
                  "version": "3.3 Patch 2"
                },
                {
                  "status": "affected",
                  "version": "3.3 Patch 1"
                },
                {
                  "status": "affected",
                  "version": "3.3 Patch 3"
                },
                {
                  "status": "affected",
                  "version": "3.4.0"
                },
                {
                  "status": "affected",
                  "version": "3.2.0 p7"
                },
                {
                  "status": "affected",
                  "version": "3.3 Patch 4"
                },
                {
                  "status": "affected",
                  "version": "3.4 Patch 1"
                },
                {
                  "status": "affected",
                  "version": "3.1.0 p10"
                },
                {
                  "status": "affected",
                  "version": "3.3 Patch 5"
                },
                {
                  "status": "affected",
                  "version": "3.3 Patch 6"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability in the IP Access Restriction feature of Cisco ISE and Cisco ISE-PIC could allow an authenticated, remote attacker to bypass configured IP access restrictions and log in to the device from a disallowed IP address.\r\n\r\nThis vulnerability is due to improper enforcement of access controls that are configured using the IP Access Restriction feature. An attacker could exploit this vulnerability by logging in to the API from an unauthorized source IP address. A successful exploit could allow the attacker to gain access to the targeted device from an IP address that should have been restricted. To exploit this vulnerability, the attacker must have valid administrative credentials."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 4.1,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "LOW",
                "privilegesRequired": "HIGH",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:L/A:N",
                "version": "3.1"
              },
              "format": "cvssV3_1"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-302",
                  "description": "Authentication Bypass by Assumed-Immutable Data",
                  "lang": "en",
                  "type": "cwe"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-07-16T16:16:56.155Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "cisco-sa-ise-multi-3VpsXOxO",
              "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-multi-3VpsXOxO"
            }
          ],
          "source": {
            "advisory": "cisco-sa-ise-multi-3VpsXOxO",
            "defects": [
              "CSCwp02811"
            ],
            "discovery": "EXTERNAL"
          },
          "title": "Cisco Identity Services Engine IP Filter Access Restriction for Admin Access Configuration Bypass Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2025-20285",
        "datePublished": "2025-07-16T16:16:56.155Z",
        "dateReserved": "2024-10-10T19:15:13.249Z",
        "dateUpdated": "2026-02-26T17:50:30.825Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-20284 (GCVE-0-2025-20284)

    Vulnerability from cvelistv5 – Published: 2025-07-16 16:16 – Updated: 2026-02-26 17:50
    VLAI
    Title
    Cisco Identity Services Engine Authenticated Remote Code Execution Vulnerability
    Summary
    A vulnerability in a specific API of Cisco ISE and Cisco ISE-PIC could allow an authenticated, remote attacker to execute arbitrary code on the underlying operating system as root. This vulnerability is due to insufficient validation of user-supplied input. An attacker with valid credentials could exploit this vulnerability by submitting a crafted API request. A successful exploit could allow the attacker to execute commands as the root user. To exploit this vulnerability, the attacker must have valid high-privileged credentials.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-74 - Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
    Assigner
    Impacted products
    Vendor Product Version
    Cisco Cisco Identity Services Engine Software Affected: 3.3.0
    Affected: 3.3 Patch 2
    Affected: 3.3 Patch 1
    Affected: 3.3 Patch 3
    Affected: 3.4.0
    Affected: 3.3 Patch 4
    Affected: 3.4 Patch 1
    Affected: 3.3 Patch 5
    Affected: 3.3 Patch 6
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-20284",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-07-17T03:55:50.843551Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-02-26T17:50:31.157Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unknown",
              "product": "Cisco Identity Services Engine Software",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "3.3.0"
                },
                {
                  "status": "affected",
                  "version": "3.3 Patch 2"
                },
                {
                  "status": "affected",
                  "version": "3.3 Patch 1"
                },
                {
                  "status": "affected",
                  "version": "3.3 Patch 3"
                },
                {
                  "status": "affected",
                  "version": "3.4.0"
                },
                {
                  "status": "affected",
                  "version": "3.3 Patch 4"
                },
                {
                  "status": "affected",
                  "version": "3.4 Patch 1"
                },
                {
                  "status": "affected",
                  "version": "3.3 Patch 5"
                },
                {
                  "status": "affected",
                  "version": "3.3 Patch 6"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability in a specific API of Cisco ISE and Cisco ISE-PIC could allow an authenticated, remote attacker to execute arbitrary code on the underlying operating system as root.\r\n\r\nThis vulnerability is due to insufficient validation of user-supplied input. An attacker with valid credentials could exploit this vulnerability by submitting a crafted API request. A successful exploit could allow the attacker to execute commands as the root user. To exploit this vulnerability, the attacker must have valid high-privileged credentials."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 6.5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N",
                "version": "3.1"
              },
              "format": "cvssV3_1"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-74",
                  "description": "Improper Neutralization of Special Elements in Output Used by a Downstream Component (\u0027Injection\u0027)",
                  "lang": "en",
                  "type": "cwe"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-07-16T16:16:46.479Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "cisco-sa-ise-multi-3VpsXOxO",
              "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-multi-3VpsXOxO"
            }
          ],
          "source": {
            "advisory": "cisco-sa-ise-multi-3VpsXOxO",
            "defects": [
              "CSCwp02819"
            ],
            "discovery": "EXTERNAL"
          },
          "title": "Cisco Identity Services Engine Authenticated Remote Code Execution Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2025-20284",
        "datePublished": "2025-07-16T16:16:46.479Z",
        "dateReserved": "2024-10-10T19:15:13.249Z",
        "dateUpdated": "2026-02-26T17:50:31.157Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-20283 (GCVE-0-2025-20283)

    Vulnerability from cvelistv5 – Published: 2025-07-16 16:16 – Updated: 2026-02-26 17:50
    VLAI
    Title
    Cisco Identity Services Engine Authenticated Remote Code Execution Vulnerability
    Summary
    A vulnerability in a specific API of Cisco ISE and Cisco ISE-PIC could allow an authenticated, remote attacker to execute arbitrary code on the underlying operating system as root. This vulnerability is due to insufficient validation of user-supplied input. An attacker with valid credentials could exploit this vulnerability by submitting a crafted API request. A successful exploit could allow the attacker to execute commands as the root user. To exploit this vulnerability, the attacker must have valid high-privileged credentials.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-74 - Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
    Assigner
    Impacted products
    Vendor Product Version
    Cisco Cisco Identity Services Engine Software Affected: 3.3.0
    Affected: 3.3 Patch 2
    Affected: 3.3 Patch 1
    Affected: 3.3 Patch 3
    Affected: 3.4.0
    Affected: 3.3 Patch 4
    Affected: 3.4 Patch 1
    Affected: 3.3 Patch 5
    Affected: 3.3 Patch 6
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-20283",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-07-17T03:55:52.031348Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-02-26T17:50:31.510Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unknown",
              "product": "Cisco Identity Services Engine Software",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "3.3.0"
                },
                {
                  "status": "affected",
                  "version": "3.3 Patch 2"
                },
                {
                  "status": "affected",
                  "version": "3.3 Patch 1"
                },
                {
                  "status": "affected",
                  "version": "3.3 Patch 3"
                },
                {
                  "status": "affected",
                  "version": "3.4.0"
                },
                {
                  "status": "affected",
                  "version": "3.3 Patch 4"
                },
                {
                  "status": "affected",
                  "version": "3.4 Patch 1"
                },
                {
                  "status": "affected",
                  "version": "3.3 Patch 5"
                },
                {
                  "status": "affected",
                  "version": "3.3 Patch 6"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability in a specific API of Cisco ISE and Cisco ISE-PIC could allow an authenticated, remote attacker to execute arbitrary code on the underlying operating system as root.\r\n\r\nThis vulnerability is due to insufficient validation of user-supplied input. An attacker with valid credentials could exploit this vulnerability by submitting a crafted API request. A successful exploit could allow the attacker to execute commands as the root user. To exploit this vulnerability, the attacker must have valid high-privileged credentials."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 6.5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N",
                "version": "3.1"
              },
              "format": "cvssV3_1"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-74",
                  "description": "Improper Neutralization of Special Elements in Output Used by a Downstream Component (\u0027Injection\u0027)",
                  "lang": "en",
                  "type": "cwe"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-07-16T16:16:37.827Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "cisco-sa-ise-multi-3VpsXOxO",
              "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-multi-3VpsXOxO"
            }
          ],
          "source": {
            "advisory": "cisco-sa-ise-multi-3VpsXOxO",
            "defects": [
              "CSCwp02806"
            ],
            "discovery": "EXTERNAL"
          },
          "title": "Cisco Identity Services Engine Authenticated Remote Code Execution Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2025-20283",
        "datePublished": "2025-07-16T16:16:37.827Z",
        "dateReserved": "2024-10-10T19:15:13.249Z",
        "dateUpdated": "2026-02-26T17:50:31.510Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-20282 (GCVE-0-2025-20282)

    Vulnerability from cvelistv5 – Published: 2025-06-25 16:29 – Updated: 2026-02-26 17:50
    VLAI KEVIntel
    Title
    Cisco ISE API Unauthenticated Remote Code Execution Vulnerability
    Summary
    A vulnerability in an internal API of Cisco ISE and Cisco ISE-PIC could allow an unauthenticated, remote attacker to upload arbitrary files to an affected device and then execute those files on the underlying operating system as root. This vulnerability is due a lack of file validation checks that would prevent uploaded files from being placed in privileged directories on an affected system. An attacker could exploit this vulnerability by uploading a crafted file to the affected device. A successful exploit could allow the attacker to store malicious files on the affected system and then execute arbitrary code or obtain root privileges on the system.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-269 - Improper Privilege Management
    Assigner
    Impacted products
    Vendor Product Version
    Cisco Cisco Identity Services Engine Software Affected: 3.4.0
    Affected: 3.4 Patch 1
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-20282",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-06-26T03:55:26.461128Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-02-26T17:50:23.927Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unknown",
              "product": "Cisco Identity Services Engine Software",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "3.4.0"
                },
                {
                  "status": "affected",
                  "version": "3.4 Patch 1"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability in an internal API of Cisco ISE and Cisco ISE-PIC could allow an unauthenticated, remote attacker to upload arbitrary files to an affected device and then execute those files on the underlying operating system as root.\r\n\r\nThis vulnerability is due a lack of file validation checks that would prevent uploaded files from being placed in privileged directories on an affected system. An attacker could exploit this vulnerability by uploading a crafted file to the affected device. A successful exploit could allow the attacker to store malicious files on the affected system and then execute arbitrary code or obtain root privileges on the system."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of this vulnerability."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 10,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "cvssV3_1"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-269",
                  "description": "Improper Privilege Management",
                  "lang": "en",
                  "type": "cwe"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-07-25T12:26:24.545Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "cisco-sa-ise-unauth-rce-ZAd2GnJ6",
              "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-unauth-rce-ZAd2GnJ6"
            }
          ],
          "source": {
            "advisory": "cisco-sa-ise-unauth-rce-ZAd2GnJ6",
            "defects": [
              "CSCwp02821"
            ],
            "discovery": "EXTERNAL"
          },
          "title": "Cisco ISE API Unauthenticated Remote Code Execution Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2025-20282",
        "datePublished": "2025-06-25T16:29:12.357Z",
        "dateReserved": "2024-10-10T19:15:13.248Z",
        "dateUpdated": "2026-02-26T17:50:23.927Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-20281 (GCVE-0-2025-20281)

    Vulnerability from cvelistv5 – Published: 2025-06-25 16:11 – Updated: 2026-02-26 17:50
    Title
    Cisco ISE API Unauthenticated Remote Code Execution Vulnerability
    Summary
    A vulnerability in a specific API of Cisco ISE and Cisco ISE-PIC could allow an unauthenticated, remote attacker to execute arbitrary code on the underlying operating system as root. The attacker does not require any valid credentials to exploit this vulnerability. This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by submitting a crafted API request. A successful exploit could allow the attacker to obtain root privileges on an affected device.
    SSVC
    Exploitation: active Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-74 - Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
    Assigner
    Impacted products
    Vendor Product Version
    Cisco Cisco Identity Services Engine Software Affected: 3.3.0
    Affected: 3.3 Patch 2
    Affected: 3.3 Patch 1
    Affected: 3.3 Patch 3
    Affected: 3.4.0
    Affected: 3.3 Patch 4
    Affected: 3.4 Patch 1
    Affected: 3.3 Patch 5
    Affected: 3.3 Patch 6
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-20281",
                    "options": [
                      {
                        "Exploitation": "active"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-07-26T03:55:51.221716Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              },
              {
                "other": {
                  "content": {
                    "dateAdded": "2025-07-28",
                    "reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-20281"
                  },
                  "type": "kev"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-02-26T17:50:24.202Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "references": [
              {
                "tags": [
                  "exploit",
                  "technical-description"
                ],
                "url": "https://www.zerodayinitiative.com/blog/2025/7/24/cve-2025-20281-cisco-ise-api-unauthenticated-remote-code-execution-vulnerability"
              },
              {
                "tags": [
                  "government-resource"
                ],
                "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-20281"
              }
            ],
            "timeline": [
              {
                "lang": "en",
                "time": "2025-07-28T00:00:00.000Z",
                "value": "CVE-2025-20281 added to CISA KEV"
              }
            ],
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unknown",
              "product": "Cisco Identity Services Engine Software",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "3.3.0"
                },
                {
                  "status": "affected",
                  "version": "3.3 Patch 2"
                },
                {
                  "status": "affected",
                  "version": "3.3 Patch 1"
                },
                {
                  "status": "affected",
                  "version": "3.3 Patch 3"
                },
                {
                  "status": "affected",
                  "version": "3.4.0"
                },
                {
                  "status": "affected",
                  "version": "3.3 Patch 4"
                },
                {
                  "status": "affected",
                  "version": "3.4 Patch 1"
                },
                {
                  "status": "affected",
                  "version": "3.3 Patch 5"
                },
                {
                  "status": "affected",
                  "version": "3.3 Patch 6"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability in a specific API of Cisco ISE and Cisco ISE-PIC could allow an unauthenticated, remote attacker to execute arbitrary code on the underlying operating system as root. The attacker does not require any valid credentials to exploit this vulnerability.\r\n\r\nThis vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by submitting a crafted API request. A successful exploit could allow the attacker to obtain root privileges on an affected device."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "In July 2025, the Cisco PSIRT became aware of attempted exploitation of this vulnerability in the wild. Cisco continues to strongly recommend that customers upgrade to a fixed software release to remediate these vulnerabilities."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 10,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "cvssV3_1"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-74",
                  "description": "Improper Neutralization of Special Elements in Output Used by a Downstream Component (\u0027Injection\u0027)",
                  "lang": "en",
                  "type": "cwe"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-07-25T12:26:24.542Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "cisco-sa-ise-unauth-rce-ZAd2GnJ6",
              "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-unauth-rce-ZAd2GnJ6"
            }
          ],
          "source": {
            "advisory": "cisco-sa-ise-unauth-rce-ZAd2GnJ6",
            "defects": [
              "CSCwo99449"
            ],
            "discovery": "EXTERNAL"
          },
          "title": "Cisco ISE API Unauthenticated Remote Code Execution Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2025-20281",
        "datePublished": "2025-06-25T16:11:42.285Z",
        "dateReserved": "2024-10-10T19:15:13.247Z",
        "dateUpdated": "2026-02-26T17:50:24.202Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-20130 (GCVE-0-2025-20130)

    Vulnerability from cvelistv5 – Published: 2025-06-04 16:17 – Updated: 2025-06-23 20:27
    VLAI
    Title
    Cisco Identity Services Engine Access Control Bypass Vulnerability
    Summary
    A vulnerability in the API of Cisco Identity Services Engine (ISE) and Cisco ISE Passive Identity Connector (ISE-PIC) could allow an authenticated, remote attacker with administrative privileges to upload files to an affected device. This vulnerability is due to improper validation of the file copy function. An attacker could exploit this vulnerability by sending a crafted file upload request to a specific API endpoint. A successful exploit could allow the attacker to upload arbitrary files to an affected system.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-284 - Improper Access Control
    Assigner
    Impacted products
    Vendor Product Version
    Cisco Cisco Identity Services Engine Software Affected: 3.0.0
    Affected: 3.0.0 p1
    Affected: 3.0.0 p2
    Affected: 3.0.0 p3
    Affected: 3.1.0
    Affected: 3.0.0 p4
    Affected: 3.1.0 p1
    Affected: 3.0.0 p5
    Affected: 3.1.0 p3
    Affected: 3.1.0 p2
    Affected: 3.0.0 p6
    Affected: 3.2.0
    Affected: 3.1.0 p4
    Affected: 2.7.0 p8
    Affected: 3.1.0 p5
    Affected: 3.2.0 p1
    Affected: 3.0.0 p7
    Affected: 3.1.0 p6
    Affected: 3.2.0 p2
    Affected: 3.1.0 p7
    Affected: 3.3.0
    Affected: 3.2.0 p3
    Affected: 3.0.0 p8
    Affected: 3.2.0 p4
    Affected: 3.1.0 p8
    Affected: 3.2.0 p5
    Affected: 3.2.0 p6
    Affected: 3.1.0 p9
    Affected: 3.3 Patch 2
    Affected: 3.3 Patch 1
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-20130",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-06-04T18:13:24.858171Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-06-04T18:20:23.800Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unknown",
              "product": "Cisco Identity Services Engine Software",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "3.0.0"
                },
                {
                  "status": "affected",
                  "version": "3.0.0 p1"
                },
                {
                  "status": "affected",
                  "version": "3.0.0 p2"
                },
                {
                  "status": "affected",
                  "version": "3.0.0 p3"
                },
                {
                  "status": "affected",
                  "version": "3.1.0"
                },
                {
                  "status": "affected",
                  "version": "3.0.0 p4"
                },
                {
                  "status": "affected",
                  "version": "3.1.0 p1"
                },
                {
                  "status": "affected",
                  "version": "3.0.0 p5"
                },
                {
                  "status": "affected",
                  "version": "3.1.0 p3"
                },
                {
                  "status": "affected",
                  "version": "3.1.0 p2"
                },
                {
                  "status": "affected",
                  "version": "3.0.0 p6"
                },
                {
                  "status": "affected",
                  "version": "3.2.0"
                },
                {
                  "status": "affected",
                  "version": "3.1.0 p4"
                },
                {
                  "status": "affected",
                  "version": "2.7.0 p8"
                },
                {
                  "status": "affected",
                  "version": "3.1.0 p5"
                },
                {
                  "status": "affected",
                  "version": "3.2.0 p1"
                },
                {
                  "status": "affected",
                  "version": "3.0.0 p7"
                },
                {
                  "status": "affected",
                  "version": "3.1.0 p6"
                },
                {
                  "status": "affected",
                  "version": "3.2.0 p2"
                },
                {
                  "status": "affected",
                  "version": "3.1.0 p7"
                },
                {
                  "status": "affected",
                  "version": "3.3.0"
                },
                {
                  "status": "affected",
                  "version": "3.2.0 p3"
                },
                {
                  "status": "affected",
                  "version": "3.0.0 p8"
                },
                {
                  "status": "affected",
                  "version": "3.2.0 p4"
                },
                {
                  "status": "affected",
                  "version": "3.1.0 p8"
                },
                {
                  "status": "affected",
                  "version": "3.2.0 p5"
                },
                {
                  "status": "affected",
                  "version": "3.2.0 p6"
                },
                {
                  "status": "affected",
                  "version": "3.1.0 p9"
                },
                {
                  "status": "affected",
                  "version": "3.3 Patch 2"
                },
                {
                  "status": "affected",
                  "version": "3.3 Patch 1"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability in the API of Cisco Identity Services Engine (ISE) and Cisco ISE Passive Identity Connector (ISE-PIC) could allow an authenticated, remote attacker with administrative privileges to upload files to an affected device.\r\n\r\nThis vulnerability is due to improper validation of the file copy function. An attacker could exploit this vulnerability by sending a crafted file upload request to a specific API endpoint. A successful exploit could allow the attacker to upload arbitrary files to an affected system."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "The Cisco PSIRT is aware that proof-of-concept exploit code is available for the vulnerability described in this advisory.\r\n\r\nThe Cisco PSIRT is not aware of any malicious use of the vulnerability that is described in this advisory."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 4.9,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N",
                "version": "3.1"
              },
              "format": "cvssV3_1"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-284",
                  "description": "Improper Access Control",
                  "lang": "en",
                  "type": "cwe"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-06-23T20:27:53.961Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "cisco-sa-ise-file-upload-P4M8vwXY",
              "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-file-upload-P4M8vwXY"
            }
          ],
          "source": {
            "advisory": "cisco-sa-ise-file-upload-P4M8vwXY",
            "defects": [
              "CSCwj33565"
            ],
            "discovery": "EXTERNAL"
          },
          "title": "Cisco Identity Services Engine Access Control Bypass Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2025-20130",
        "datePublished": "2025-06-04T16:17:27.311Z",
        "dateReserved": "2024-10-10T19:15:13.212Z",
        "dateUpdated": "2025-06-23T20:27:53.961Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }