Lucene search
K

1688 matches found

Positive Technologies
Positive Technologies
added 2026/04/15 12:0 a.m.8 views

PT-2026-33085

Name of the Vulnerable Software and Affected Versions Cisco Identity Services Engine ISE affected versions not specified Description Multiple issues in the web-based management interface exist due to insufficient sanitization of user-supplied data stored in web pages. An authenticated remote...

5.5CVSS6AI score0.00173EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/04/15 12:0 a.m.14 views

Cisco Identity Services Engine 安全漏洞

Cisco Identity Services Engine is an identity services engine developed by Cisco, a US-based company. This platform collects real-time information from networks, users, and devices, and develops and implements policies to manage the network. There is a security vulnerability in Cisco Identity...

4.8CVSS5.8AI score0.00173EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/04/15 12:0 a.m.4 views

PT-2026-33088

A vulnerability in Cisco ISE and Cisco ISE-PIC could allow an authenticated, remote attacker to perform path traversal attacks on the underlying operating system and read arbitrary files. To exploit this vulnerability, the attacker must have valid administrative credentials. This vulnerability is...

4.9CVSS6AI score0.06919EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/04/15 12:0 a.m.21 views

Cisco Identity Services Engine Multiple Vulnerabilities (cisco-sa-ise-rce-4fverepv)

According to its self-reported version, Cisco ISE is affected by multiple vulnerabilities. - A vulnerability in Cisco Identity Services Engine ISE could allow an authenticated, remote attacker to execute arbitrary commands on the underlying operating system of an affected device. To exploit this...

9.9CVSS6.4AI score0.06381EPSS
Exploits1References5
Tenable Nessus
Tenable Nessus
added 2026/04/15 12:0 a.m.14 views

Cisco Identity Services Engine Multiple Vulnerabilities (cisco-sa-ise-rce-traversal-8bYndVrZ)

According to its self-reported version, Cisco ISE is affected by multiple vulnerabilities. - A vulnerability in Cisco ISE and Cisco ISE-PIC could allow an authenticated, remote attacker to execute arbitrary commands on the underlying operating system of an affected device. To exploit this...

9.9CVSS6.2AI score0.11679EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/04/15 12:0 a.m.12 views

Cisco Identity Services Engine (cisco-sa-isexss-BS8ctE7U)

According to its self-reported version, Cisco ISE is affected by a vulnerability. - Multiple vulnerabilities in the web-based management interface of Cisco Identity Services Engine ISE could allow an authenticated, remote attacker with administrativewrite privileges to conduct a stored cross-site...

4.8CVSS5.7AI score0.00173EPSS
Exploits0References4
VulnCheck KEV
VulnCheck KEV
added 2026/02/24 12:0 a.m.8 views

VulnCheck KEV: CVE-2026-20029

A vulnerability in the licensing features of Cisco Identity Services Engine ISE and Cisco ISE Passive Identity Connector ISE-PIC could allow an authenticated, remote attacker with administrative privileges to gain access to sensitive information. This vulnerability is due to improper parsing of X...

4.9CVSS6AI score0.05638EPSS
In wildExploits0References2
BDU FSTEC
BDU FSTEC
added 2026/02/13 12:0 a.m.4 views

The vulnerability in the web interface of the Cisco Identity Services Engine (ISE) and the Cisco ISE Passive Identity Connector (ISE-PIC), a virtual device for collecting user authentication data, allows attackers to carry out XSS attacks.

The vulnerability of the Cisco Identity Services Engine ISE web interface and the Cisco ISE Passive Identity Connector ISE-PIC virtual authentication data collection device is related to the failure to implement measures to neutralize HTML tags. Exploiting this vulnerability allows a malicious...

5.5CVSS5.9AI score0.00238EPSS
Exploits0References2
VulnCheck KEV
VulnCheck KEV
added 2026/01/20 12:0 a.m.6 views

VulnCheck KEV: CVE-2025-20282

A vulnerability in an internal API of Cisco ISE and Cisco ISE-PIC could allow an unauthenticated, remote attacker to upload arbitrary files to an affected device and then execute those files on the underlying operating system as root. This vulnerability is due a lack of file validation checks tha...

10CVSS6.2AI score0.09805EPSS
In wildExploits3References2
RedhatCVE
RedhatCVE
added 2026/01/16 5:26 p.m.7 views

CVE-2026-20076

A vulnerability in the web-based management interface of Cisco Identity Services Engine ISE could allow an authenticated, remote attacker to conduct a stored cross-site scripting XSS attack against a user of the interface. This vulnerability is due to insufficient validation of user-supplied inpu...

4.8CVSS6AI score0.00238EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/16 5:26 p.m.12 views

CVE-2026-20047

A vulnerability in the web-based management interface of Cisco Identity Services Engine ISE and Cisco ISE Passive Identity Connector ISE-PIC could allow an authenticated, remote attacker to conduct cross-site scripting XSS attacks against a user of the interface. This vulnerability is due to...

4.8CVSS6.1AI score0.00238EPSS
Exploits0References1
OSV
OSV
added 2026/01/15 5:16 p.m.4 views

CVE-2026-20076

A vulnerability in the web-based management interface of Cisco Identity Services Engine ISE could allow an authenticated, remote attacker to conduct a stored cross-site scripting XSS attack against a user of the interface. This vulnerability is due to insufficient validation of user-supplied inpu...

4.8CVSS6AI score0.00238EPSS
Exploits0References1
OSV
OSV
added 2026/01/15 5:16 p.m.5 views

CVE-2026-20047

A vulnerability in the web-based management interface of Cisco Identity Services Engine ISE and Cisco ISE Passive Identity Connector ISE-PIC could allow an authenticated, remote attacker to conduct cross-site scripting XSS attacks against a user of the interface. This vulnerability is due to...

4.8CVSS6AI score0.00238EPSS
Exploits0References1
NVD
NVD
added 2026/01/15 5:16 p.m.13 views

CVE-2026-20076

A vulnerability in the web-based management interface of Cisco Identity Services Engine ISE could allow an authenticated, remote attacker to conduct a stored cross-site scripting XSS attack against a user of the interface. This vulnerability is due to insufficient validation of user-supplied inpu...

4.8CVSS0.00238EPSS
Exploits0References1
NVD
NVD
added 2026/01/15 5:16 p.m.8 views

CVE-2026-20047

A vulnerability in the web-based management interface of Cisco Identity Services Engine ISE and Cisco ISE Passive Identity Connector ISE-PIC could allow an authenticated, remote attacker to conduct cross-site scripting XSS attacks against a user of the interface. This vulnerability is due to...

4.8CVSS0.00238EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/01/15 4:32 p.m.3 views

CVE-2026-20047 Cisco Identity Services Engine Cross-Site Scripting Vulnerability

A vulnerability in the web-based management interface of Cisco Identity Services Engine ISE and Cisco ISE Passive Identity Connector ISE-PIC could allow an authenticated, remote attacker to conduct cross-site scripting XSS attacks against a user of the interface. This vulnerability is due to...

4.8CVSS5.8AI score0.00238EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/01/15 4:32 p.m.22 views

CVE-2026-20047 Cisco Identity Services Engine Cross-Site Scripting Vulnerability

A vulnerability in the web-based management interface of Cisco Identity Services Engine ISE and Cisco ISE Passive Identity Connector ISE-PIC could allow an authenticated, remote attacker to conduct cross-site scripting XSS attacks against a user of the interface. This vulnerability is due to...

4.8CVSS0.00238EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/01/15 4:32 p.m.3 views

CVE-2026-20076

A vulnerability in the web-based management interface of Cisco Identity Services Engine ISE could allow an authenticated, remote attacker to conduct a stored cross-site scripting XSS attack against a user of the interface. This vulnerability is due to insufficient validation of user-supplied inpu...

4.8CVSS5.8AI score0.00238EPSS
Exploits0References2Affected Software1
EUVD
EUVD
added 2026/01/15 4:32 p.m.8 views

EUVD-2026-2748

A vulnerability in the web-based management interface of Cisco Identity Services Engine ISE could allow an authenticated, remote attacker to conduct a stored cross-site scripting XSS attack against a user of the interface. This vulnerability is due to insufficient validation of user-supplied inpu...

4.8CVSS5.5AI score0.00238EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/01/15 4:32 p.m.23 views

CVE-2026-20076 Cisco Identity Services Engine Stored Cross-Site Scripting Vulnerability

A vulnerability in the web-based management interface of Cisco Identity Services Engine ISE could allow an authenticated, remote attacker to conduct a stored cross-site scripting XSS attack against a user of the interface. This vulnerability is due to insufficient validation of user-supplied inpu...

4.8CVSS0.00238EPSS
Exploits0References1
Rows per page
Query Builder