Cisco Cisco Ise Passive Identity Connector
6 CVEs affecting Cisco Cisco Ise Passive Identity Connector. Latest disclosed: 2026-04-15. Critical: 4, High: 0.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2025-20337 | Critical | 10.0 | 2025-07-16 | A vulnerability in a specific API of Cisco ISE and Cisco ISE-PIC could allow an unauthenticated, remote attacker to execute arbitrary code on the underlying op… |
CVE-2026-20147 | Critical | 9.9 | 2026-04-15 | A vulnerability in Cisco ISE and Cisco ISE-PIC could allow an authenticated, remote attacker to execute arbitrary commands on the underlying operating system o… |
CVE-2025-20124 | Critical | 9.9 | 2025-02-05 | A vulnerability in an API of Cisco ISE could allow an authenticated, remote attacker to execute arbitrary commands as the root user on an affected device. T… |
CVE-2025-20125 | Critical | 9.1 | 2025-02-05 | A vulnerability in an API of Cisco ISE could allow an authenticated, remote attacker with valid read-only credentials to obtain sensitive information, change n… |
CVE-2025-20331 | Medium | 5.4 | 2025-08-06 | A vulnerability in the web-based management interface of Cisco ISE and Cisco ISE-PIC could allow an authenticated, remote attacker to conduct a stored XSS atta… |
CVE-2026-20148 | Medium | 4.9 | 2026-04-15 | A vulnerability in Cisco ISE and Cisco ISE-PIC could allow an authenticated, remote attacker to perform path traversal attacks on the underlying operating syst… |