FKIE_CVE-2026-20193
Vulnerability from fkie_nvd - Published: 2026-05-06 17:16 - Updated: 2026-07-01 13:27
Severity
Summary
A vulnerability in the RADIUS Policy API endpoints of Cisco ISE could allow an authenticated, remote attacker with read-only Administrator privileges to gain unauthorized access to sensitive information on an affected device.
This vulnerability is due to improper role-based access control (RBAC) permissions on the RADIUS Policy API endpoints. An attacker could exploit this vulnerability by bypassing the web-based management interface and directly calling an affected endpoint. A successful exploit could allow the attacker to gain unauthorized read access to sensitive RADIUS Policy details that are restricted for their role.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | identity_services_engine | * | |
| cisco | identity_services_engine | 3.3.0 | |
| cisco | identity_services_engine | 3.3.0 | |
| cisco | identity_services_engine | 3.3.0 | |
| cisco | identity_services_engine | 3.3.0 | |
| cisco | identity_services_engine | 3.3.0 | |
| cisco | identity_services_engine | 3.3.0 | |
| cisco | identity_services_engine | 3.3.0 | |
| cisco | identity_services_engine | 3.3.0 | |
| cisco | identity_services_engine | 3.3.0 | |
| cisco | identity_services_engine | 3.3.0 | |
| cisco | identity_services_engine | 3.3.0 | |
| cisco | identity_services_engine | 3.4.0 | |
| cisco | identity_services_engine | 3.4.0 | |
| cisco | identity_services_engine | 3.4.0 | |
| cisco | identity_services_engine | 3.4.0 | |
| cisco | identity_services_engine | 3.4.0 | |
| cisco | identity_services_engine | 3.4.0 | |
| cisco | identity_services_engine | 3.5.0 | |
| cisco | identity_services_engine | 3.5.0 | |
| cisco | identity_services_engine | 3.5.0 |
{
"affected": [
{
"affectedData": [
{
"defaultStatus": "unknown",
"product": "Cisco Identity Services Engine Software",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "3.3.0"
},
{
"status": "affected",
"version": "3.3 Patch 2"
},
{
"status": "affected",
"version": "3.3 Patch 1"
},
{
"status": "affected",
"version": "3.3 Patch 3"
},
{
"status": "affected",
"version": "3.4.0"
},
{
"status": "affected",
"version": "3.3 Patch 4"
},
{
"status": "affected",
"version": "3.4 Patch 1"
},
{
"status": "affected",
"version": "3.3 Patch 5"
},
{
"status": "affected",
"version": "3.3 Patch 6"
},
{
"status": "affected",
"version": "3.4 Patch 2"
},
{
"status": "affected",
"version": "3.3 Patch 7"
},
{
"status": "affected",
"version": "3.4 Patch 3"
},
{
"status": "affected",
"version": "3.5.0"
},
{
"status": "affected",
"version": "3.4 Patch 4"
},
{
"status": "affected",
"version": "3.3 Patch 8"
},
{
"status": "affected",
"version": "3.5 Patch 1"
},
{
"status": "affected",
"version": "3.3 Patch 9"
},
{
"status": "affected",
"version": "3.4 Patch 5"
},
{
"status": "affected",
"version": "3.5 Patch 3"
},
{
"status": "affected",
"version": "3.5 Patch 2"
},
{
"status": "affected",
"version": "3.3 Patch 10"
}
]
}
],
"source": "psirt@cisco.com"
}
],
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:identity_services_engine:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1F8D9766-8462-48B6-A997-EEF549569786",
"versionEndIncluding": "3.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:identity_services_engine:3.3.0:-:*:*:*:*:*:*",
"matchCriteriaId": "F1B9C2C1-59A4-49A0-9B74-83CCB063E55D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:identity_services_engine:3.3.0:patch1:*:*:*:*:*:*",
"matchCriteriaId": "DFD29A0B-0D75-4EAB-BCE0-79450EC75DD0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:identity_services_engine:3.3.0:patch10:*:*:*:*:*:*",
"matchCriteriaId": "43F3A55D-D4FC-4D93-9513-94B64B21A2B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:identity_services_engine:3.3.0:patch2:*:*:*:*:*:*",
"matchCriteriaId": "E6C94CC4-CC08-4DAF-A606-FDAFC92720A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:identity_services_engine:3.3.0:patch3:*:*:*:*:*:*",
"matchCriteriaId": "BB069EA3-7B8C-42B5-8035-2EE5ED3F56E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:identity_services_engine:3.3.0:patch4:*:*:*:*:*:*",
"matchCriteriaId": "FF8B81A6-BF44-4E5F-B167-39F61DDCA026",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:identity_services_engine:3.3.0:patch5:*:*:*:*:*:*",
"matchCriteriaId": "56E0F0EC-3E66-4866-89F5-89B331F3F517",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:identity_services_engine:3.3.0:patch6:*:*:*:*:*:*",
"matchCriteriaId": "2E3E8937-2859-4A2A-91C0-05F674EF0466",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:identity_services_engine:3.3.0:patch7:*:*:*:*:*:*",
"matchCriteriaId": "D4B14684-EB9E-405B-85FA-B62E57CB292C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:identity_services_engine:3.3.0:patch8:*:*:*:*:*:*",
"matchCriteriaId": "22B752D1-9E8F-4FB7-8EEB-F9234492372B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:identity_services_engine:3.3.0:patch9:*:*:*:*:*:*",
"matchCriteriaId": "85A1CC7D-FE54-4AC0-B98F-972C4B1F3189",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:identity_services_engine:3.4.0:-:*:*:*:*:*:*",
"matchCriteriaId": "D23905E0-E525-49B1-8E5F-4EB42D186768",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:identity_services_engine:3.4.0:patch1:*:*:*:*:*:*",
"matchCriteriaId": "74509498-38EF-4345-9583-CEF5C26CA1D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:identity_services_engine:3.4.0:patch2:*:*:*:*:*:*",
"matchCriteriaId": "CD05FF93-7B8C-4283-9DB7-E03FE98FAADF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:identity_services_engine:3.4.0:patch3:*:*:*:*:*:*",
"matchCriteriaId": "0F9B6A8E-E773-44A3-9266-878F0C58EB41",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:identity_services_engine:3.4.0:patch4:*:*:*:*:*:*",
"matchCriteriaId": "D3727619-E0CA-4CA9-BE35-0C732BCF1741",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:identity_services_engine:3.4.0:patch5:*:*:*:*:*:*",
"matchCriteriaId": "2CFB7565-3930-409C-B5DB-CE77E6ED7C42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:identity_services_engine:3.5.0:-:*:*:*:*:*:*",
"matchCriteriaId": "2610FD35-BC4B-41B7-9C92-E6E5264FEE54",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:identity_services_engine:3.5.0:patch1:*:*:*:*:*:*",
"matchCriteriaId": "3FEE4377-B238-4442-9892-28CECFB2319E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:identity_services_engine:3.5.0:patch2:*:*:*:*:*:*",
"matchCriteriaId": "6598563B-7E32-43FB-96A7-88C53E4CE226",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the RADIUS Policy API endpoints of Cisco ISE could allow an\u0026nbsp;authenticated, remote attacker with read-only Administrator privileges to gain unauthorized access to sensitive information on an affected device.\r\n\r\nThis vulnerability is due to improper role-based access control (RBAC) permissions on the RADIUS Policy API endpoints. An attacker could exploit this vulnerability by bypassing the web-based management interface and directly calling an affected endpoint. A successful exploit could allow the attacker to gain unauthorized\u0026nbsp;read access to sensitive RADIUS Policy details that are restricted for their role."
}
],
"id": "CVE-2026-20193",
"lastModified": "2026-07-01T13:27:03.933",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4,
"source": "psirt@cisco.com",
"type": "Secondary"
}
],
"ssvcV203": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"ssvcData": {
"id": "CVE-2026-20193",
"options": [
{
"exploitation": "none"
},
{
"automatable": "no"
},
{
"technicalImpact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-06T17:35:13.146938Z",
"version": "2.0.3"
}
}
]
},
"published": "2026-05-06T17:16:21.500",
"references": [
{
"source": "psirt@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-unauth-bypass-uxjRXGpb"
}
],
"sourceIdentifier": "psirt@cisco.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-862"
}
],
"source": "psirt@cisco.com",
"type": "Secondary"
}
]
}
Loading…
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…