VYPR

Cisco ISE

by Cisco Systems, Inc.

CVEs (7)

  • CVE-2025-20281CriKEVJun 25, 2025
    risk 0.85cvss 10.0epss 0.97

    A vulnerability in a specific API of Cisco ISE and Cisco ISE-PIC could allow an unauthenticated, remote attacker to execute arbitrary code on the underlying operating system as root. The attacker does not require any valid credentials to exploit this vulnerability. This…

  • CVE-2025-20282CriJun 25, 2025
    risk 0.66cvss 10.0epss 0.10

    A vulnerability in an internal API of Cisco ISE and Cisco ISE-PIC could allow an unauthenticated, remote attacker to upload arbitrary files to an affected device and then execute those files on the underlying operating system as root. This vulnerability is due a lack of file…

  • CVE-2025-20125CriFeb 5, 2025
    risk 0.63cvss 9.1epss 0.14

    A vulnerability in an API of Cisco ISE could allow an authenticated, remote attacker with valid read-only credentials to obtain sensitive information, change node configurations, and restart the node. This vulnerability is due to a lack of authorization in a specific API and…

  • CVE-2023-20175HigNov 1, 2023
    risk 0.57cvss 8.8epss 0.01

    A vulnerability in a specific Cisco ISE CLI command could allow an authenticated, local attacker to perform command injection attacks on the underlying operating system and elevate privileges to root. To exploit this vulnerability, an attacker must have valid Read-only-level…

  • CVE-2023-20170MedNov 1, 2023
    risk 0.39cvss 6.0epss 0.00

    A vulnerability in a specific Cisco ISE CLI command could allow an authenticated, local attacker to perform command injection attacks on the underlying operating system and elevate privileges to root. To exploit this vulnerability, an attacker must have valid Administrator-level…

  • CVE-2023-20193MedSep 7, 2023
    risk 0.39cvss 6.0epss 0.00

    A vulnerability in the Embedded Service Router (ESR) of Cisco ISE could allow an authenticated, local attacker to read, write, or delete arbitrary files on the underlying operating system and escalate their privileges to root. To exploit this vulnerability, an attacker must have…

  • CVE-2023-20196MedNov 1, 2023
    risk 0.31cvss 4.7epss 0.01

    Two vulnerabilities in Cisco ISE could allow an authenticated, remote attacker to upload arbitrary files to an affected device. To exploit these vulnerabilities, an attacker must have valid Administrator credentials on the affected device. These vulnerabilities are due to…