Identity Services Engine Security Vulnerabilities and Issues — Identity Services Engine CVE List

Lucene search

CiscoIdentity Services Engine

4 matches found

CVE•added 2025/06/25 4:15 p.m.•109 views

CVE-2025-20281

A vulnerability in a specific API of Cisco ISE and Cisco ISE-PIC could allow an unauthenticated, remote attacker to execute arbitrary code on the underlying operating system as root. The attacker does not require any valid credentials to exploit this vulnerability. This vulnerability is due to insu...

10CVSS8.1AI score0.00484EPSS

CVE•added 2025/06/25 5:15 p.m.•46 views

CVE-2025-20282

A vulnerability in an internal API of Cisco ISE and Cisco ISE-PIC could allow an unauthenticated, remote attacker to upload arbitrary files to an affected device and then execute those files on the underlying operating system as root. This vulnerability is due a lack of file validation checks that ...

10CVSS8.2AI score0.00148EPSS

CVE•added 2025/06/04 5:15 p.m.•43 views

CVE-2025-20130

A vulnerability in the API of Cisco Identity Services Engine (ISE) and Cisco ISE Passive Identity Connector (ISE-PIC) could allow an authenticated, remote attacker with administrative privileges to upload files to an affected device. This vulnerability is due to improper validation of the file copy...

7.2CVSS7.1AI score0.00053EPSS

CVE•added 2025/06/25 4:15 p.m.•8 views

CVE-2025-20264

A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to bypass the authorization mechanisms for specific administrative functions. This vulnerability is due to insufficient authorization enforcement mechanisms fo...

6.4CVSS7.2AI score0.00069EPSS