Cisco Identity Services Engine Software vulnerabilities

CVE-2026-20147 [CRITICAL] CWE-77 CVE-2026-20147: A vulnerability in Cisco ISE and Cisco ISE-PIC could allow an authenticated, remote attacker to exec A vulnerability in Cisco ISE and Cisco ISE-PIC could allow an authenticated, remote attacker to execute arbitrary commands on the underlying operating system of an affected device. To exploit this vulnerability, the attacker must have valid administrative credentials. This vulnerability is due to insufficient validation of user-supplied input. An

CVE-2026-20180 [CRITICAL] CWE-22 CVE-2026-20180: A vulnerability in Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacke A vulnerability in Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to execute arbitrary commands on the underlying operating system of an affected device. To exploit this vulnerability, the attacker must have at least Read Only Admin credentials. This vulnerability is due to insufficient validation of user-suppli

CVE-2026-20186 [CRITICAL] CWE-77 CVE-2026-20186: A vulnerability in Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacke A vulnerability in Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to execute arbitrary commands on the underlying operating system of an affected device. To exploit this vulnerability, the attacker must have at least Read Only Admin credentials. This vulnerability is due to insufficient validation of user-suppli

CVE-2026-20132 [MEDIUM] CWE-79 CVE-2026-20132: Multiple vulnerabilities in the web-based management interface of Cisco Identity Services Engine (IS Multiple vulnerabilities in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker with administrative write privileges to conduct a stored cross-site scripting (XSS) attack or a reflected XSS attack against a user of the web-based management interface of an affected device. These vul

CVE-2026-20148 [MEDIUM] CWE-22 CVE-2026-20148: A vulnerability in Cisco ISE and Cisco ISE-PIC could allow an authenticated, remote attacker to perf A vulnerability in Cisco ISE and Cisco ISE-PIC could allow an authenticated, remote attacker to perform path traversal attacks on the underlying operating system and read arbitrary files. To exploit this vulnerability, the attacker must have valid administrative credentials. This vulnerability is due to improper validation of user-supplied input. An

CVE-2026-20136 [MEDIUM] CWE-116 CVE-2026-20136: A vulnerability in the CLI of Cisco Identity Services Engine (ISE) and Cisco ISE Passive Identi A vulnerability in the CLI of Cisco Identity Services Engine (ISE) and Cisco ISE Passive Identity Connector (ISE-PIC) could allow an authenticated, local attacker with administrative privileges to perform a command injection attack on the underlying operating system and elevate privileges to root. This vulnerability is due to insufficient validatio

CVE-2026-20047 [MEDIUM] CWE-80 CVE-2026-20047: A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) and Ci A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) and Cisco ISE Passive Identity Connector (ISE-PIC) could allow an authenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface. This vulnerability is due to insufficient validation of user-supplied input by th

CVE-2026-20076 [MEDIUM] CWE-79 CVE-2026-20076: A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface. This vulnerability is due to insufficient validation of user-supplied input by the web-based management interface of an affec

CVE-2026-20029 [MEDIUM] CWE-611 CVE-2026-20029: A vulnerability in the licensing features of Cisco Identity Services Engine (ISE) and Cisco ISE A vulnerability in the licensing features of Cisco Identity Services Engine (ISE) and Cisco ISE Passive Identity Connector (ISE-PIC) could allow an authenticated, remote attacker with administrative privileges to gain access to sensitive information. This vulnerability is due to improper parsing of XML that is processed by the web-based management

CVE-2025-20343 [HIGH] CWE-697 CVE-2025-20343: A vulnerability in the RADIUS setting Reject RADIUS requests from clients with repeated failures on A vulnerability in the RADIUS setting Reject RADIUS requests from clients with repeated failures on Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote attacker to cause Cisco ISE to restart unexpectedly. This vulnerability is due to a logic error when processing a RADIUS access request for a MAC address that is already a rejec

CVE-2025-20289 [MEDIUM] CWE-79 CVE-2025-20289: Multiple vulnerabilities in the web-based management interface of Cisco ISE and Cisco ISE-PIC could Multiple vulnerabilities in the web-based management interface of Cisco ISE and Cisco ISE-PIC could allow an authenticated, remote attacker to conduct a reflected XSS attack against a user of the interface. These vulnerabilities are due to insufficient validation of user-supplied input by the web-based management interface of an affected system. An at

CVE-2025-20303 [MEDIUM] CWE-79 CVE-2025-20303: Multiple vulnerabilities in the web-based management interface of Cisco ISE and Cisco ISE-PIC could Multiple vulnerabilities in the web-based management interface of Cisco ISE and Cisco ISE-PIC could allow an authenticated, remote attacker to conduct a reflected XSS attack against a user of the interface. These vulnerabilities are due to insufficient validation of user-supplied input by the web-based management interface of an affected system. An at

CVE-2025-20305 [MEDIUM] CWE-1220 CVE-2025-20305: A vulnerability in the web-based management interface of Cisco ISE could allow an authenticated, rem A vulnerability in the web-based management interface of Cisco ISE could allow an authenticated, remote attacker to obtain sensitive information from an affected device. This vulnerability exists because certain files lack proper data protection mechanisms. An attacker with read-only Administrator privileges could exploit this vulnerability by perf

CVE-2025-20304 [MEDIUM] CWE-79 CVE-2025-20304: Multiple vulnerabilities in the web-based management interface of Cisco ISE and Cisco ISE-PIC could Multiple vulnerabilities in the web-based management interface of Cisco ISE and Cisco ISE-PIC could allow an authenticated, remote attacker to conduct a reflected XSS attack against a user of the interface. These vulnerabilities are due to insufficient validation of user-supplied input by the web-based management interface of an affected system. An at

CVE-2025-20131 [MEDIUM] CWE-284 CVE-2025-20131: A vulnerability in the GUI of Cisco Identity Services Engine (ISE) could allow an authenticated, rem A vulnerability in the GUI of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker with administrative privileges to upload files to an affected device. This vulnerability is due to improper validation of the file copy function. An attacker could exploit this vulnerability by sending a crafted file upload using the Cis

CVE-2025-20332 [MEDIUM] CWE-863 CVE-2025-20332: A vulnerability in the web-based management interface of Cisco ISE could allow an authenticated, rem A vulnerability in the web-based management interface of Cisco ISE could allow an authenticated, remote attacker to modify parts of the configuration on an affected device. This vulnerability is due to the lack of server-side validation of Administrator permissions. An attacker could exploit this vulnerability by submitting a crafted HTTP request t

CVE-2025-20331 [MEDIUM] CWE-80 CVE-2025-20331: A vulnerability in the web-based management interface of Cisco ISE and Cisco ISE-PIC could allow an A vulnerability in the web-based management interface of Cisco ISE and Cisco ISE-PIC could allow an authenticated, remote attacker to conduct a stored XSS attack against a user of the interface. This vulnerability is due to insufficient validation of user-supplied input by the web-based management interface of an affected system. An attacker could ex

CVE-2025-20337 [CRITICAL] CWE-74 CVE-2025-20337: A vulnerability in a specific API of Cisco ISE and Cisco ISE-PIC could allow an unauthenticated, rem A vulnerability in a specific API of Cisco ISE and Cisco ISE-PIC could allow an unauthenticated, remote attacker to execute arbitrary code on the underlying operating system as root. The attacker does not require any valid credentials to exploit this vulnerability. This vulnerability is due to insufficient validation of user-supplied input. An att

CVE-2025-20284 [HIGH] CWE-74 CVE-2025-20284: A vulnerability in a specific API of Cisco ISE and Cisco ISE-PIC could allow an authenticated, remot A vulnerability in a specific API of Cisco ISE and Cisco ISE-PIC could allow an authenticated, remote attacker to execute arbitrary code on the underlying operating system as root. This vulnerability is due to insufficient validation of user-supplied input. An attacker with valid credentials could exploit this vulnerability by submitting a crafted API

CVE-2025-20283 [HIGH] CWE-74 CVE-2025-20283: A vulnerability in a specific API of Cisco ISE and Cisco ISE-PIC could allow an authenticated, remot A vulnerability in a specific API of Cisco ISE and Cisco ISE-PIC could allow an authenticated, remote attacker to execute arbitrary code on the underlying operating system as root. This vulnerability is due to insufficient validation of user-supplied input. An attacker with valid credentials could exploit this vulnerability by submitting a crafted API