Lucene search
K

32 matches found

Cisco
Cisco
added 2026/06/17 4:0 p.m.13 views

Cisco Identity Services Engine Remote Code Execution and Information Disclosure Vulnerabilities

Multiple vulnerabilities in Cisco Identity Services Engine ISE and Cisco ISE Passive Identity Connector ISE-PIC could allow a remote attacker to achieve remote code execution or conduct information disclosure attacks on an affected device. For more information about these vulnerabilities, see the...

9.1CVSS6.3AI score0.00748EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:29 p.m.11 views

CVE-2026-20136

A vulnerability in the CLI of Cisco Identity Services Engine ISE and Cisco ISE Passive Identity Connector ISE-PIC could allow an authenticated, local attacker with administrative privileges to perform a command injection attack on the underlying operating system and elevate privileges to root. Th...

6CVSS5.5AI score0.00499EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2026/04/21 12:0 a.m.5 views

The command-line interface of the Cisco Identity Services Engine (ISE) management platform, as well as the Cisco ISE Passive Identity Connector (ISE-PIC) virtual authentication data collection device, are vulnerable. This vulnerability allows attackers to escalate their privileges.

The vulnerability of the command-line interface of the Cisco Identity Services Engine ISE management platform and the Cisco ISE Passive Identity Connector ISE-PIC virtual authentication data collection device is related to improper encoding or filtering of output data. Exploiting this vulnerabili...

6.2CVSS5.9AI score0.00499EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2026/04/17 12:0 a.m.5 views

The vulnerability in the web interface of the Cisco Identity Services Engine (ISE) and the Cisco ISE Passive Identity Connector (ISE-PIC), a virtual device for collecting user authentication data, allows a perpetrator to execute arbitrary code.

The vulnerability of the Cisco Identity Services Engine ISE web interface and the Cisco ISE Passive Identity Connector ISE-PIC virtual authentication data collection device is related to the lack of measures taken at the management level for data cleansing. Exploiting this vulnerability could all...

9.9CVSS6.5AI score0.11679EPSS
Exploits0References2Affected Software2
BDU FSTEC
BDU FSTEC
added 2026/04/17 12:0 a.m.4 views

The vulnerability in the web interface of the Cisco Identity Services Engine (ISE) and the Cisco ISE Passive Identity Connector (ISE-PIC), a virtual device for collecting user authentication data, allows a perpetrator to execute arbitrary code.

The vulnerability of the Cisco Identity Services Engine ISE web interface and the Cisco ISE Passive Identity Connector ISE-PIC virtual authentication data collection device is related to an incorrect restriction on the path name to the restricted access directory. Exploiting this vulnerability...

6.8CVSS6.3AI score0.06919EPSS
Exploits0References2Affected Software2
EUVD
EUVD
added 2026/04/15 6:31 p.m.5 views

EUVD-2026-22960

A vulnerability in the CLI of Cisco Identity Services Engine ISE and Cisco ISE Passive Identity Connector ISE-PIC could allow an authenticated, local attacker with administrative privileges to perform a command injection attack on the underlying operating system and elevate privileges to root. Th...

6CVSS5.8AI score0.00499EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/04/15 4:11 p.m.4 views

CVE-2026-20136

A vulnerability in the CLI of Cisco Identity Services Engine ISE and Cisco ISE Passive Identity Connector ISE-PIC could allow an authenticated, local attacker with administrative privileges to perform a command injection attack on the underlying operating system and elevate privileges to root. Th...

6CVSS5.8AI score0.00499EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2026/04/15 4:11 p.m.24 views

CVE-2026-20136 Cisco Identity Services Engine Authenticated Privilege Escalation Vulnerability

A vulnerability in the CLI of Cisco Identity Services Engine ISE and Cisco ISE Passive Identity Connector ISE-PIC could allow an authenticated, local attacker with administrative privileges to perform a command injection attack on the underlying operating system and elevate privileges to root. Th...

6CVSS0.00499EPSS
Exploits0References1
Cisco
Cisco
added 2026/04/15 4:0 p.m.16 views

Cisco Identity Services Engine Remote Code Execution and Path Traversal Vulnerabilities

Multiple vulnerabilities in Cisco Identity Services Engine ISE and Cisco ISE Passive Identity Connector ISE-PIC could allow an authenticated, remote attacker to achieve remote code execution or conduct path traversal attacks on an affected device. To exploit these vulnerabilities, the attacker mu...

9.9CVSS6.4AI score0.11679EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/04/15 12:0 a.m.13 views

PT-2026-33086

Name of the Vulnerable Software and Affected Versions Cisco Identity Services Engine ISE affected versions not specified Cisco ISE Passive Identity Connector ISE-PIC affected versions not specified Description Insufficient validation of user supplied input in the CLI allows an authenticated local...

6.2CVSS6.3AI score0.00499EPSS
Exploits0References5
VulnCheck KEV
VulnCheck KEV
added 2026/02/24 12:0 a.m.8 views

VulnCheck KEV: CVE-2026-20029

A vulnerability in the licensing features of Cisco Identity Services Engine ISE and Cisco ISE Passive Identity Connector ISE-PIC could allow an authenticated, remote attacker with administrative privileges to gain access to sensitive information. This vulnerability is due to improper parsing of X...

4.9CVSS6AI score0.05638EPSS
In wildExploits0References2
BDU FSTEC
BDU FSTEC
added 2026/02/13 12:0 a.m.4 views

The vulnerability in the web interface of the Cisco Identity Services Engine (ISE) and the Cisco ISE Passive Identity Connector (ISE-PIC), a virtual device for collecting user authentication data, allows attackers to carry out XSS attacks.

The vulnerability of the Cisco Identity Services Engine ISE web interface and the Cisco ISE Passive Identity Connector ISE-PIC virtual authentication data collection device is related to the failure to implement measures to neutralize HTML tags. Exploiting this vulnerability allows a malicious...

5.5CVSS5.9AI score0.00238EPSS
Exploits0References2
NVD
NVD
added 2026/01/15 5:16 p.m.8 views

CVE-2026-20047

A vulnerability in the web-based management interface of Cisco Identity Services Engine ISE and Cisco ISE Passive Identity Connector ISE-PIC could allow an authenticated, remote attacker to conduct cross-site scripting XSS attacks against a user of the interface. This vulnerability is due to...

4.8CVSS0.00238EPSS
Exploits0References1
EUVD
EUVD
added 2026/01/15 4:32 p.m.6 views

EUVD-2026-2741

A vulnerability in the web-based management interface of Cisco Identity Services Engine ISE and Cisco ISE Passive Identity Connector ISE-PIC could allow an authenticated, remote attacker to conduct cross-site scripting XSS attacks against a user of the interface. This vulnerability is due to...

4.8CVSS5.7AI score0.00238EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/01/15 4:32 p.m.22 views

CVE-2026-20047 Cisco Identity Services Engine Cross-Site Scripting Vulnerability

A vulnerability in the web-based management interface of Cisco Identity Services Engine ISE and Cisco ISE Passive Identity Connector ISE-PIC could allow an authenticated, remote attacker to conduct cross-site scripting XSS attacks against a user of the interface. This vulnerability is due to...

4.8CVSS0.00238EPSS
Exploits0References1
Cisco
Cisco
added 2026/01/15 4:0 p.m.11 views

Cisco Identity Services Engine Cross-Site Scripting Vulnerability

A vulnerability in the web-based management interface of Cisco Identity Services Engine ISE and Cisco ISE Passive Identity Connector ISE-PIC could allow an authenticated, remote attacker to conduct cross-site scripting XSS attacks against a user of the interface. This vulnerability is due to...

4.8CVSS6.2AI score0.00238EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/01/15 12:0 a.m.6 views

Cisco Identity Services Engine and Cisco ISE Passive Identity Connector security vulnerabilities

Cisco Identity Services Engine Cisco ISE and Cisco ISE Passive Identity Connector are both products of the American company Cisco. Cisco Identity Services Engine is an Identity Services Engine ISE platform. This platform collects real-time information from networks, users, and devices, and develo...

4.8CVSS5.7AI score0.00238EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2026/01/14 12:0 a.m.7 views

The vulnerability of the Cisco Identity Services Engine (ISE) policy management platform and the Cisco ISE Passive Identity Connector (ISE-PIC) virtual authentication data collection device lies in the improper limitation on XML links to external objects. This allows attackers to load arbitrary files.

The vulnerability of the Cisco Identity Services Engine ISE policy management platform and the Cisco ISE Passive Identity Connector ISE-PIC virtual authentication data collection device is related to an incorrect limitation on XML references to external objects. Exploiting this vulnerability coul...

6.8CVSS6.3AI score0.05638EPSS
Exploits0References5Affected Software2
BDU FSTEC
BDU FSTEC
added 2026/01/09 12:0 a.m.2 views

The vulnerability in the web interface of the Cisco Identity Services Engine (ISE) and the Cisco ISE Passive Identity Connector (ISE-PIC), a virtual device for collecting user authentication data, allows attackers to carry out XSS attacks.

The vulnerability of the Cisco Identity Services Engine ISE web interface and the Cisco ISE Passive Identity Connector ISE-PIC virtual authentication data collection device is related to the lack of security measures for the web page structure. Exploiting this vulnerability allows a malicious act...

5.5CVSS5.9AI score0.03521EPSS
Exploits0References3Affected Software2
BDU FSTEC
BDU FSTEC
added 2026/01/09 12:0 a.m.5 views

The vulnerability in the web interface of the Cisco Identity Services Engine (ISE) and the Cisco ISE Passive Identity Connector (ISE-PIC), a virtual device for collecting user authentication data, allows attackers to carry out XSS attacks.

The vulnerability of the Cisco Identity Services Engine ISE web interface and the Cisco ISE Passive Identity Connector ISE-PIC virtual authentication data collection device is related to the lack of security measures for the web page structure. Exploiting this vulnerability allows a malicious act...

5.5CVSS5.9AI score0.00193EPSS
Exploits0References3Affected Software2
Rows per page
Query Builder