32 matches found
Cisco Identity Services Engine Remote Code Execution and Information Disclosure Vulnerabilities
Multiple vulnerabilities in Cisco Identity Services Engine ISE and Cisco ISE Passive Identity Connector ISE-PIC could allow a remote attacker to achieve remote code execution or conduct information disclosure attacks on an affected device. For more information about these vulnerabilities, see the...
CVE-2026-20136
A vulnerability in the CLI of Cisco Identity Services Engine ISE and Cisco ISE Passive Identity Connector ISE-PIC could allow an authenticated, local attacker with administrative privileges to perform a command injection attack on the underlying operating system and elevate privileges to root. Th...
The command-line interface of the Cisco Identity Services Engine (ISE) management platform, as well as the Cisco ISE Passive Identity Connector (ISE-PIC) virtual authentication data collection device, are vulnerable. This vulnerability allows attackers to escalate their privileges.
The vulnerability of the command-line interface of the Cisco Identity Services Engine ISE management platform and the Cisco ISE Passive Identity Connector ISE-PIC virtual authentication data collection device is related to improper encoding or filtering of output data. Exploiting this vulnerabili...
The vulnerability in the web interface of the Cisco Identity Services Engine (ISE) and the Cisco ISE Passive Identity Connector (ISE-PIC), a virtual device for collecting user authentication data, allows a perpetrator to execute arbitrary code.
The vulnerability of the Cisco Identity Services Engine ISE web interface and the Cisco ISE Passive Identity Connector ISE-PIC virtual authentication data collection device is related to the lack of measures taken at the management level for data cleansing. Exploiting this vulnerability could all...
The vulnerability in the web interface of the Cisco Identity Services Engine (ISE) and the Cisco ISE Passive Identity Connector (ISE-PIC), a virtual device for collecting user authentication data, allows a perpetrator to execute arbitrary code.
The vulnerability of the Cisco Identity Services Engine ISE web interface and the Cisco ISE Passive Identity Connector ISE-PIC virtual authentication data collection device is related to an incorrect restriction on the path name to the restricted access directory. Exploiting this vulnerability...
EUVD-2026-22960
A vulnerability in the CLI of Cisco Identity Services Engine ISE and Cisco ISE Passive Identity Connector ISE-PIC could allow an authenticated, local attacker with administrative privileges to perform a command injection attack on the underlying operating system and elevate privileges to root. Th...
CVE-2026-20136
A vulnerability in the CLI of Cisco Identity Services Engine ISE and Cisco ISE Passive Identity Connector ISE-PIC could allow an authenticated, local attacker with administrative privileges to perform a command injection attack on the underlying operating system and elevate privileges to root. Th...
CVE-2026-20136 Cisco Identity Services Engine Authenticated Privilege Escalation Vulnerability
A vulnerability in the CLI of Cisco Identity Services Engine ISE and Cisco ISE Passive Identity Connector ISE-PIC could allow an authenticated, local attacker with administrative privileges to perform a command injection attack on the underlying operating system and elevate privileges to root. Th...
Cisco Identity Services Engine Remote Code Execution and Path Traversal Vulnerabilities
Multiple vulnerabilities in Cisco Identity Services Engine ISE and Cisco ISE Passive Identity Connector ISE-PIC could allow an authenticated, remote attacker to achieve remote code execution or conduct path traversal attacks on an affected device. To exploit these vulnerabilities, the attacker mu...
PT-2026-33086
Name of the Vulnerable Software and Affected Versions Cisco Identity Services Engine ISE affected versions not specified Cisco ISE Passive Identity Connector ISE-PIC affected versions not specified Description Insufficient validation of user supplied input in the CLI allows an authenticated local...
VulnCheck KEV: CVE-2026-20029
A vulnerability in the licensing features of Cisco Identity Services Engine ISE and Cisco ISE Passive Identity Connector ISE-PIC could allow an authenticated, remote attacker with administrative privileges to gain access to sensitive information. This vulnerability is due to improper parsing of X...
The vulnerability in the web interface of the Cisco Identity Services Engine (ISE) and the Cisco ISE Passive Identity Connector (ISE-PIC), a virtual device for collecting user authentication data, allows attackers to carry out XSS attacks.
The vulnerability of the Cisco Identity Services Engine ISE web interface and the Cisco ISE Passive Identity Connector ISE-PIC virtual authentication data collection device is related to the failure to implement measures to neutralize HTML tags. Exploiting this vulnerability allows a malicious...
CVE-2026-20047
A vulnerability in the web-based management interface of Cisco Identity Services Engine ISE and Cisco ISE Passive Identity Connector ISE-PIC could allow an authenticated, remote attacker to conduct cross-site scripting XSS attacks against a user of the interface. This vulnerability is due to...
EUVD-2026-2741
A vulnerability in the web-based management interface of Cisco Identity Services Engine ISE and Cisco ISE Passive Identity Connector ISE-PIC could allow an authenticated, remote attacker to conduct cross-site scripting XSS attacks against a user of the interface. This vulnerability is due to...
CVE-2026-20047 Cisco Identity Services Engine Cross-Site Scripting Vulnerability
A vulnerability in the web-based management interface of Cisco Identity Services Engine ISE and Cisco ISE Passive Identity Connector ISE-PIC could allow an authenticated, remote attacker to conduct cross-site scripting XSS attacks against a user of the interface. This vulnerability is due to...
Cisco Identity Services Engine Cross-Site Scripting Vulnerability
A vulnerability in the web-based management interface of Cisco Identity Services Engine ISE and Cisco ISE Passive Identity Connector ISE-PIC could allow an authenticated, remote attacker to conduct cross-site scripting XSS attacks against a user of the interface. This vulnerability is due to...
Cisco Identity Services Engine and Cisco ISE Passive Identity Connector security vulnerabilities
Cisco Identity Services Engine Cisco ISE and Cisco ISE Passive Identity Connector are both products of the American company Cisco. Cisco Identity Services Engine is an Identity Services Engine ISE platform. This platform collects real-time information from networks, users, and devices, and develo...
The vulnerability of the Cisco Identity Services Engine (ISE) policy management platform and the Cisco ISE Passive Identity Connector (ISE-PIC) virtual authentication data collection device lies in the improper limitation on XML links to external objects. This allows attackers to load arbitrary files.
The vulnerability of the Cisco Identity Services Engine ISE policy management platform and the Cisco ISE Passive Identity Connector ISE-PIC virtual authentication data collection device is related to an incorrect limitation on XML references to external objects. Exploiting this vulnerability coul...
The vulnerability in the web interface of the Cisco Identity Services Engine (ISE) and the Cisco ISE Passive Identity Connector (ISE-PIC), a virtual device for collecting user authentication data, allows attackers to carry out XSS attacks.
The vulnerability of the Cisco Identity Services Engine ISE web interface and the Cisco ISE Passive Identity Connector ISE-PIC virtual authentication data collection device is related to the lack of security measures for the web page structure. Exploiting this vulnerability allows a malicious act...
The vulnerability in the web interface of the Cisco Identity Services Engine (ISE) and the Cisco ISE Passive Identity Connector (ISE-PIC), a virtual device for collecting user authentication data, allows attackers to carry out XSS attacks.
The vulnerability of the Cisco Identity Services Engine ISE web interface and the Cisco ISE Passive Identity Connector ISE-PIC virtual authentication data collection device is related to the lack of security measures for the web page structure. Exploiting this vulnerability allows a malicious act...