15 matches found
CVE-2026-20193
A vulnerability in the RADIUS Policy API endpoints of Cisco ISE could allow an authenticated, remote attacker with read-only Administrator privileges to gain unauthorized access to sensitive information on an affected device. This vulnerability is due to improper role-based access control RBAC...
EUVD-2026-27862
A vulnerability in the RADIUS Policy API endpoints of Cisco ISE could allow an authenticated, remote attacker with read-only Administrator privileges to gain unauthorized access to sensitive information on an affected device. This vulnerability is due to improper role-based access control RBAC...
CVE-2026-20193
Cisco Identity Services Engine (ISE) is affected by CVE-2026-20193 due to improper RBAC on the RADIUS Policy API endpoints. An authenticated, remote attacker with read-only Administrator privileges could bypass the web UI and call an affected endpoint to gain unauthorized read access to sensitive...
CVE-2026-20193 Cisco Identity Services Engine Authentication Bypass Vulnerability
A vulnerability in the RADIUS Policy API endpoints of Cisco ISE could allow an authenticated, remote attacker with read-only Administrator privileges to gain unauthorized access to sensitive information on an affected device. This vulnerability is due to improper role-based access control RBAC...
CVE-2026-20193
A vulnerability in the RADIUS Policy API endpoints of Cisco ISE could allow an authenticated, remote attacker with read-only Administrator privileges to gain unauthorized access to sensitive information on an affected device. This vulnerability is due to improper role-based access control RBAC...
Cisco ISE 安全漏洞
Cisco ISE is a NAC solution developed by the American company Cisco. It is used to manage access to network resources for endpoints, users, and devices in a zero-trust architecture. Cisco ISE has a security vulnerability that stems from improper role-based access control permissions on the RADIUS...
Cisco Identity Services Engine Multiple Vulnerabilities (cisco-sa-ise-unauth-bypass-uxjRXGpb)
According to its self-reported version, Cisco ISE is affected by multiple vulnerabilities. - A vulnerability in an identity management API endpoint of Cisco ISE could allow an unauthenticated, remote attacker to enumerate valid user accounts on an affected device. This vulnerability exists becaus...
CVE-2026-5512 Improper authorization vulnerability in GitHub Enterprise Server allowed disclosure of private repository names via mobile upload policy API
An improper authorization vulnerability was identified in GitHub Enterprise Server that allowed an authenticated attacker to determine the names of private repositories by their numeric ID. The mobile upload policy API endpoint did not perform an early authorization check, and validation error...
SUSE CVE-2026-22039
Kyverno is a policy engine designed for cloud native platform engineering teams. Versions prior to 1.16.3 and 1.15.3 have a critical authorization boundary bypass in namespaced Kyverno Policy apiCall. The resolved urlPath is executed using the Kyverno admission controller ServiceAccount, with no...
CVE-2026-22039
Kyverno is a policy engine designed for cloud native platform engineering teams. Versions prior to 1.16.3 and 1.15.3 have a critical authorization boundary bypass in namespaced Kyverno Policy apiCall. The resolved urlPath is executed using the Kyverno admission controller ServiceAccount, with no...
Kyverno Cross-Namespace Privilege Escalation via Policy apiCall
Summary A critical authorization boundary bypass in namespaced Kyverno Policy apiCall. The resolved urlPath is executed using the Kyverno admission controller ServiceAccount, with no enforcement that the request is limited to the policy’s namespace. As a result, any authenticated user with...
CVE-2026-22039
Kyverno is a policy engine designed for cloud native platform engineering teams. Versions prior to 1.16.3 and 1.15.3 have a critical authorization boundary bypass in namespaced Kyverno Policy apiCall. The resolved urlPath is executed using the Kyverno admission controller ServiceAccount, with no...
CVE-2026-22039
Kyverno contains a cross-namespace privilege escalation in the Policy apiCall path for versions prior to 1.16.3 and 1.15.3. The vulnerability lets an authenticated user with permission to create a namespaced Policy cause Kyverno’s admission controller to perform Kubernetes API requests using Kyve...
Incorrect Authorization
Overview Affected versions of this package are vulnerable to Incorrect Authorization via the policy evaluation process when egress.toGroups.aws.securityGroupsIds references AWS security group IDs that do not exist or are not attached to any network interface. An attacker can gain broader outbound...
How to Add a Blueprint Target Using Execution Hooks From the Policy API
Purpose This article explains how to set resources other than namespaces as the hooks for blueprint subjects. By default, hooks sets the namespace as the target for the blueprint unless specified otherwise. Solution Veeam Kasten for Kubernetes supports kanister execution hooks through Policy API...