Lucene search
K

5 matches found

RedhatCVE
RedhatCVE
added 2025/02/07 5:21 p.m.13 views

CVE-2025-20125

A vulnerability in an API of Cisco ISE could allow an authenticated, remote attacker with valid read-only credentials to obtain sensitive information, change node configurations, and restart the node. This vulnerability is due to a lack of authorization in a specific API and improper validation o...

9.1CVSS6.7AI score0.14982EPSS
Exploits2References1
The Hacker News
The Hacker News
added 2025/02/06 7:40 a.m.44 views

Cisco Patches Critical ISE Vulnerabilities Enabling Root CmdExec and PrivEsc

Cisco has released updates to address two critical security flaws Identity Services Engine ISE that could allow remote attackers to execute arbitrary commands and elevate privileges on susceptible devices. The vulnerabilities are listed below - CVE-2025-20124 CVSS score: 9.9 - An insecure Java...

9.9CVSS8.7AI score0.17218EPSS
Exploits5
NVD
NVD
added 2025/02/05 5:15 p.m.21 views

CVE-2025-20125

A vulnerability in an API of Cisco ISE could allow an authenticated, remote attacker with valid read-only credentials to obtain sensitive information, change node configurations, and restart the node. This vulnerability is due to a lack of authorization in a specific API and improper validation o...

9.1CVSS0.14982EPSS
Exploits2References1
Vulnrichment
Vulnrichment
added 2025/02/05 4:12 p.m.17 views

CVE-2025-20125 Cisco Identity Services Engine Insufficient Authorization Bypass Vulnerability

A vulnerability in an API of Cisco ISE could allow an authenticated, remote attacker with valid read-only credentials to obtain sensitive information, change node configurations, and restart the node. This vulnerability is due to a lack of authorization in a specific API and improper validation o...

9.1CVSS6.7AI score0.14982EPSS
Exploits2References1
Cvelist
Cvelist
added 2025/02/05 4:12 p.m.27 views

CVE-2025-20125 Cisco Identity Services Engine Insufficient Authorization Bypass Vulnerability

A vulnerability in an API of Cisco ISE could allow an authenticated, remote attacker with valid read-only credentials to obtain sensitive information, change node configurations, and restart the node. This vulnerability is due to a lack of authorization in a specific API and improper validation o...

9.1CVSS0.14982EPSS
Exploits2References1
Rows per page
Query Builder