Cisco Identity Services Engine vulnerabilities

CVE-2025-20204 [MEDIUM] CWE-79 CVE-2025-20204: A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface. This vulnerability is due to insufficient validation of user-supplied input by the web-based management interface of an affected syst

CVE-2025-20205 [MEDIUM] CWE-79 CVE-2025-20205: A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface. This vulnerability is due to insufficient validation of user-supplied input by the web-based management interface of an affected syst

CVE-2020-3525 [MEDIUM] CWE-200 CVE-2020-3525: A vulnerability in the Admin portal of Cisco Identity Services Engine (ISE) could allow an auth A vulnerability in the Admin portal of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to recover service account passwords that are saved on an affected system. The vulnerability is due to the incorrect inclusion of saved passwords when loading configuration pages in the Admin portal. An attacker with read or write

CVE-2024-20528 [HIGH] CWE-22 CVE-2024-20528: A vulnerability in the API of Cisco ISE could allow an authenticated, remote attacker to upload file A vulnerability in the API of Cisco ISE could allow an authenticated, remote attacker to upload files to arbitrary locations on the underlying operating system of an affected device. To exploit this vulnerability, an attacker would need valid Super Admin credentials. This vulnerability is due to insufficient validation of user-supplied parameters in A

CVE-2024-20531 [MEDIUM] CWE-611 CVE-2024-20531: A vulnerability in the API of Cisco ISE could allow an authenticated, remote attacker to read arbitr A vulnerability in the API of Cisco ISE could allow an authenticated, remote attacker to read arbitrary files on the underlying operating system of an affected device and conduct a server-side request forgery (SSRF) attack through an affected device. To exploit this vulnerability, the attacker would need valid Super Admin credentials. This vulnerab

CVE-2024-20487 [MEDIUM] CWE-79 CVE-2024-20487: A vulnerability in the web-based management interface of Cisco ISE could allow an authenticated, rem A vulnerability in the web-based management interface of Cisco ISE could allow an authenticated, remote attacker to conduct a stored XSS attack against a user of the interface. This vulnerability is due to insufficient validation of user-supplied input by the web-based management interface of an affected system. An attacker could exploit this vulner

CVE-2024-20525 [MEDIUM] CWE-79 CVE-2024-20525: A vulnerability in the web-based management interface of Cisco ISE could allow an unauthenticated, r A vulnerability in the web-based management interface of Cisco ISE could allow an unauthenticated, remote attacker to conduct an XSS attack against a user of the interface. This vulnerability exists because the web-based management interface does not properly validate user-supplied input. An attacker could exploit this vulnerability by persuading a

CVE-2024-20538 [MEDIUM] CWE-79 CVE-2024-20538: A vulnerability in the web-based management interface of Cisco ISE could allow an unauthenticated, r A vulnerability in the web-based management interface of Cisco ISE could allow an unauthenticated, remote attacker to conduct an XSS attack against a user of the interface. This vulnerability exists because the web-based management interface does not sufficiently validate user-supplied input. An attacker could exploit this vulnerability by persuadin

CVE-2024-20537 [MEDIUM] CWE-863 CVE-2024-20537: A vulnerability in the web-based management interface of Cisco ISE could allow an authenticated, rem A vulnerability in the web-based management interface of Cisco ISE could allow an authenticated, remote attacker to bypass the authorization mechanisms for specific administrative functions. This vulnerability is due to a lack of server-side validation of Administrator permissions. An attacker could exploit this vulnerability by submitting a crafte

CVE-2024-20539 [MEDIUM] CWE-79 CVE-2024-20539: A vulnerability in the web-based management interface of Cisco ISE could allow an authenticated, rem A vulnerability in the web-based management interface of Cisco ISE could allow an authenticated, remote attacker to conduct a stored XSS attack against a user of the interface. This vulnerability exists because the web-based management interface does not sufficiently validate user-supplied input. An attacker could exploit this vulnerability by injec

CVE-2024-20529 [MEDIUM] CWE-22 CVE-2024-20529: A vulnerability in the API of Cisco ISE could allow an authenticated, remote attacker to read and de A vulnerability in the API of Cisco ISE could allow an authenticated, remote attacker to read and delete arbitrary files on an affected device. To exploit this vulnerability, the attacker would need valid Super Admin credentials. This vulnerability is due to insufficient validation of user-supplied parameters in API requests. An attacker could explo

CVE-2024-20476 [MEDIUM] CWE-602 CVE-2024-20476: A vulnerability in the web-based management interface of Cisco ISE could allow an authenticated, rem A vulnerability in the web-based management interface of Cisco ISE could allow an authenticated, remote attacker to bypass the authorization mechanisms for specific file management functions. This vulnerability is due to lack of server-side validation of Administrator permissions. An attacker could exploit this vulnerability by submitting a crafted

CVE-2024-20532 [MEDIUM] CWE-22 CVE-2024-20532: A vulnerability in the API of Cisco ISE could allow an authenticated, remote attacker to read and de A vulnerability in the API of Cisco ISE could allow an authenticated, remote attacker to read and delete arbitrary files on an affected device. To exploit this vulnerability, the attacker would need valid Super Admin credentials. This vulnerability is due to insufficient validation of user-supplied parameters in API requests. An attacker could explo

CVE-2024-20527 [MEDIUM] CWE-22 CVE-2024-20527: A vulnerability in the API of Cisco ISE could allow an authenticated, remote attacker to read and de A vulnerability in the API of Cisco ISE could allow an authenticated, remote attacker to read and delete arbitrary files on an affected device. To exploit this vulnerability, the attacker would need valid Super Admin credentials. This vulnerability is due to insufficient validation of user-supplied parameters in API requests. An attacker could explo

CVE-2024-20530 [MEDIUM] CWE-79 CVE-2024-20530: A vulnerability in the web-based management interface of Cisco ISE could allow an unauthenticated, r A vulnerability in the web-based management interface of Cisco ISE could allow an unauthenticated, remote attacker to conduct an XSS attack against a user of the interface. This vulnerability exists because the web-based management interface does not properly validate user-supplied input. An attacker could exploit this vulnerability by persuading a

CVE-2024-20515 [MEDIUM] CWE-311 CVE-2024-20515: A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to obtain sensitive information from an affected device. This vulnerability is due to a lack of proper data protection mechanisms for certain configuration settings. An attacker with Read-Only Administrator priv

CVE-2024-20469 [MEDIUM] CWE-78 CVE-2024-20469: A vulnerability in specific CLI commands in Cisco Identity Services Engine (ISE) could allow an auth A vulnerability in specific CLI commands in Cisco Identity Services Engine (ISE) could allow an authenticated, local attacker to perform command injection attacks on the underlying operating system and elevate privileges to root. To exploit this vulnerability, the attacker must have valid Administrator privileges on an affected device. This vulnerab

CVE-2024-20486 [HIGH] CWE-352 CVE-2024-20486: A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack and perform arbitrary actions on an affected device. This vulnerability is due to insufficient CSRF protections for the web-based management interface of an

CVE-2024-20417 [HIGH] CWE-89 CVE-2024-20417: Multiple vulnerabilities in the REST API of Cisco Identity Services Engine (ISE) could allow an auth Multiple vulnerabilities in the REST API of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to conduct blind SQL injection attacks. These vulnerabilities are due to insufficient validation of user-supplied input in REST API calls. An attacker could exploit these vulnerabilities by sending crafted input to an affected

CVE-2024-20466 [MEDIUM] CWE-266 CVE-2024-20466: A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to obtain sensitive information from an affected device. This vulnerability is due to improper enforcement of administrative privilege levels for high-value sensitive data. An attacker with read-only Administrat