Cisco

Identity Services Engine Software

87 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
4.3

CVE-2026-20193

Medienbericht
  • EPSS 0.03%
  • Veröffentlicht 06.05.2026 16:15:16
  • Zuletzt bearbeitet 06.05.2026 18:59:53

A vulnerability in the RADIUS Policy API endpoints of Cisco ISE could allow an authenticated, remote attacker with read-only Administrator privileges to gain unauthorized access to sensitive information on an affected device. This vulnerabili...

5.3

CVE-2026-20195

Medienbericht
  • EPSS 0.04%
  • Veröffentlicht 06.05.2026 16:14:54
  • Zuletzt bearbeitet 06.05.2026 18:59:53

A vulnerability in an identity management API endpoint of Cisco ISE could allow an unauthenticated, remote attacker to enumerate valid user accounts on an affected device. This vulnerability exists because error messages are observed when the affe...

6

CVE-2026-20136

Medienbericht
  • EPSS 0.06%
  • Veröffentlicht 15.04.2026 16:11:29
  • Zuletzt bearbeitet 17.04.2026 15:09:46

A vulnerability in the CLI of Cisco Identity Services Engine (ISE) and Cisco ISE Passive Identity Connector (ISE-PIC) could allow an authenticated, local attacker with administrative privileges to perform a command injection attack on the underl...

9.9

CVE-2026-20180

Medienbericht
  • EPSS 0.26%
  • Veröffentlicht 15.04.2026 16:03:51
  • Zuletzt bearbeitet 17.04.2026 15:09:46

A vulnerability in Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to execute arbitrary commands on the underlying operating system of an affected device. To exploit this vulnerability, the attacker must have at lea...

9.9

CVE-2026-20186

Medienbericht
  • EPSS 0.28%
  • Veröffentlicht 15.04.2026 16:03:35
  • Zuletzt bearbeitet 17.04.2026 15:09:46

A vulnerability in Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to execute arbitrary commands on the underlying operating system of an affected device. To exploit this vulnerability, the attacker must have at lea...

4.9

CVE-2026-20148

Medienbericht
  • EPSS 0.06%
  • Veröffentlicht 15.04.2026 16:03:31
  • Zuletzt bearbeitet 17.04.2026 15:09:46

A vulnerability in Cisco ISE and Cisco ISE-PIC could allow an authenticated, remote attacker to perform path traversal attacks on the underlying operating system and read arbitrary files. To exploit this vulnerability, the attacker must have valid ad...

9.9

CVE-2026-20147

Medienbericht
  • EPSS 0.28%
  • Veröffentlicht 15.04.2026 16:03:25
  • Zuletzt bearbeitet 17.04.2026 15:09:46

A vulnerability in Cisco ISE and Cisco ISE-PIC could allow an authenticated, remote attacker to execute arbitrary commands on the underlying operating system of an affected device. To exploit this vulnerability, the attacker must have valid administr...

4.8

CVE-2026-20132

Medienbericht
  • EPSS 0.04%
  • Veröffentlicht 15.04.2026 16:03:14
  • Zuletzt bearbeitet 17.04.2026 15:09:46

Multiple vulnerabilities in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker with administrative write privileges to conduct a stored cross-site scripting (XSS) attack or a ...

4.8

CVE-2026-20047

  • EPSS 0.01%
  • Veröffentlicht 15.01.2026 16:32:15
  • Zuletzt bearbeitet 30.01.2026 19:58:27

A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) and Cisco ISE Passive Identity Connector (ISE-PIC) could allow an authenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a use...

4.8

CVE-2026-20076

  • EPSS 0.01%
  • Veröffentlicht 15.01.2026 16:32:03
  • Zuletzt bearbeitet 30.01.2026 19:53:59

A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface. This vulnerability i...