Cisco Identity Services Engine — known CVE vulnerabilities
Every CVE whose affected-product data names Cisco Identity Services Engine, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVE-2011-3290 — CVSS 10.0 (critical): Cisco Identity Services Engine (ISE) before 1.0.4.MR2 has default Oracle database credentials, which allows remote attackers to modify…
CVE-2025-20282 — CVSS 10.0 (critical): A vulnerability in an internal API of Cisco ISE and Cisco ISE-PIC could allow an unauthenticated, remote attacker to upload arbitrary files…
CVE-2025-20286 — CVSS 9.9 (critical): A vulnerability in Amazon Web Services (AWS), Microsoft Azure, and Oracle Cloud Infrastructure (OCI) cloud deployments of Cisco Identity…
CVE-2026-20186 — CVSS 9.9 (critical): A vulnerability in Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to execute arbitrary commands on the…
CVE-2025-20124 — CVSS 9.9 (critical): A vulnerability in an API of Cisco ISE could allow an authenticated, remote attacker to execute arbitrary commands as the root user on an…
CVE-2017-6747 — CVSS 9.8 (critical): A vulnerability in the authentication module of Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote attacker to…
CVE-2026-20181 — CVSS 9.1 (critical): A vulnerability in Cisco ISE and ISE-PIC could allow an authenticated, remote attacker to execute arbitrary commands on the underlying…
CVE-2025-20125 — CVSS 9.1 (critical): A vulnerability in an API of Cisco ISE could allow an authenticated, remote attacker with valid read-only credentials to obtain sensitive…
CVE-2018-0213 — CVSS 8.8 (high): A vulnerability in the credential reset functionality for Cisco Identity Services Engine (ISE) could allow an authenticated, remote…
CVE-2023-20175 — CVSS 8.8 (high): A vulnerability in a specific Cisco ISE CLI command could allow an authenticated, local attacker to perform command injection attacks on…
CVE-2022-20961 — CVSS 8.8 (high): A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote…
CVE-2022-20756 — CVSS 8.6 (high): A vulnerability in the RADIUS feature of Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote attacker to cause the…
CVE-2025-20152 — CVSS 8.6 (high): A vulnerability in the RADIUS message processing feature of Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote…
CVE-2023-20243 — CVSS 8.6 (high): A vulnerability in the RADIUS message processing feature of Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote…
CVE-2018-0277 — CVSS 8.6 (high): A vulnerability in the Extensible Authentication Protocol-Transport Layer Security (EAP-TLS) certificate validation during EAP…
CVE-2025-20343 — CVSS 8.6 (high): A vulnerability in the RADIUS setting Reject RADIUS requests from clients with repeated failures on Cisco Identity Services Engine (ISE)…
CVE-2017-12261 — CVSS 7.8 (high): A vulnerability in the restricted shell of the Cisco Identity Services Engine (ISE) that is accessible via SSH could allow an…
CVE-2020-3467 — CVSS 7.7 (high): A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker…
CVE-2026-20190 — CVSS 7.5 (high): A vulnerability in Cisco ISE and ISE-PIC could allow an unauthenticated, remote attacker to view sensitive information on an affected…
CVE-2019-1718 — CVSS 7.5 (high): A vulnerability in the web interface of Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote attacker to trigger…
CVE-2021-1594 — CVSS 7.5 (high): A vulnerability in the REST API of Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote attacker to perform a…
CVE-2016-9198 — CVSS 7.5 (high): A vulnerability in the Active Directory integration component of Cisco Identity Services Engine (ISE) could allow an unauthenticated…
CVE-2017-6653 — CVSS 7.5 (high): A vulnerability in the TCP throttling process for the GUI of the Cisco Identity Services Engine (ISE) 2.1(0.474) could allow an…
CVE-2016-6453 — CVSS 7.3 (high): A vulnerability in the web framework code of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to execute…
CVE-2022-20822 — CVSS 7.1 (high): A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker…
CVE-2022-20956 — CVSS 7.1 (high): A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker…
CVE-2013-3420 — CVSS 6.8 (medium): Cross-site request forgery (CSRF) vulnerability in the web framework on the Cisco Identity Services Engine (ISE) allows remote attackers to…
CVE-2013-5540 — CVSS 6.8 (medium): The file-upload feature in Cisco Identity Services Engine (ISE) allows remote authenticated users to cause a denial of service (disk…
CVE-2012-3908 — CVSS 6.8 (medium): Multiple cross-site request forgery (CSRF) vulnerabilities in the ISE Administrator user interface (aka the Apache Tomcat interface) on…
CVE-2019-1851 — CVSS 6.8 (medium): A vulnerability in the External RESTful Services (ERS) API of the Cisco Identity Services Engine (ISE) could allow an authenticated, remote…
CVE-2018-0221 — CVSS 6.7 (medium): A vulnerability in specific CLI commands for the Cisco Identity Services Engine (ISE) could allow an authenticated, local attacker to…
CVE-2023-20272 — CVSS 6.7 (medium): A vulnerability in the web-based management interface of Cisco Identity Services Engine could allow an authenticated, remote attacker to…
CVE-2020-27122 — CVSS 6.7 (medium): A vulnerability in the Microsoft Active Directory integration of Cisco Identity Services Engine (ISE) could allow an authenticated, local…
CVE-2018-0275 — CVSS 6.7 (medium): A vulnerability in the support tunnel feature of Cisco Identity Services Engine (ISE) could allow an authenticated, local attacker to…
CVE-2019-1736 — CVSS 6.6 (medium): A vulnerability in the firmware of the Cisco UCS C-Series Rack Servers could allow an authenticated, physical attacker to bypass Unified…
CVE-2021-1416 — CVSS 6.5 (medium): Multiple vulnerabilities in the Admin portal of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to…
CVE-2024-20486 — CVSS 6.5 (medium): A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote…
CVE-2024-20515 — CVSS 6.5 (medium): A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker…
CVE-2024-20417 — CVSS 6.5 (medium): Multiple vulnerabilities in the REST API of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to conduct…
CVE-2024-20368 — CVSS 6.5 (medium): A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote…
CVE-2024-20537 — CVSS 6.5 (medium): A vulnerability in the web-based management interface of Cisco ISE could allow an authenticated, remote attacker to bypass the…
CVE-2018-0187 — CVSS 6.5 (medium): A vulnerability in the Admin portal of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to obtain…
CVE-2024-20466 — CVSS 6.5 (medium): A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker…
CVE-2018-15459 — CVSS 6.5 (medium): A vulnerability in the administrative web interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker…
CVE-2019-15255 — CVSS 6.5 (medium): A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker…
CVE-2023-20164 — CVSS 6.5 (medium): Multiple vulnerabilities in Cisco Identity Services Engine (ISE) could allow an authenticated attacker to perform command injection attacks…
CVE-2023-20163 — CVSS 6.5 (medium): Multiple vulnerabilities in Cisco Identity Services Engine (ISE) could allow an authenticated attacker to perform command injection attacks…
CVE-2023-20111 — CVSS 6.5 (medium): A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker…
CVE-2021-1412 — CVSS 6.5 (medium): Multiple vulnerabilities in the Admin portal of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to…
CVE-2025-20284 — CVSS 6.5 (medium): A vulnerability in a specific API of Cisco ISE and Cisco ISE-PIC could allow an authenticated, remote attacker to execute arbitrary code on…
CVE-2025-20283 — CVSS 6.5 (medium): A vulnerability in a specific API of Cisco ISE and Cisco ISE-PIC could allow an authenticated, remote attacker to execute arbitrary code on…
CVE-2022-20782 — CVSS 6.5 (medium): A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker…
CVE-2022-20819 — CVSS 6.5 (medium): A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker…
CVE-2021-34706 — CVSS 6.4 (medium): A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker…
CVE-2025-20264 — CVSS 6.4 (medium): A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker…
CVE-2022-20964 — CVSS 6.3 (medium): A vulnerability in the web-based management interface of Cisco Identity Services Engine could allow an authenticated, remote attacker to…
CVE-2018-0215 — CVSS 6.3 (medium): A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote…
CVE-2017-6701 — CVSS 6.1 (medium): A vulnerability in the web application interface of the Cisco Identity Services Engine (ISE) portal could allow an unauthenticated, remote…
CVE-2018-0212 — CVSS 6.1 (medium): A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote…
CVE-2018-0091 — CVSS 6.1 (medium): A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote…
CVE-2017-6733 — CVSS 6.1 (medium): A vulnerability in the web-based application interface of the Cisco Identity Services Engine (ISE) portal could allow an unauthenticated…
CVE-2021-34738 — CVSS 6.1 (medium): Multiple vulnerabilities in the web-based management interface of Cisco Identity Services Engine (ISE) Software could allow an attacker to…
CVE-2024-20538 — CVSS 6.1 (medium): A vulnerability in the web-based management interface of Cisco ISE could allow an unauthenticated, remote attacker to conduct an XSS attack…
CVE-2019-1941 — CVSS 6.1 (medium): A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote…
CVE-2020-3156 — CVSS 6.1 (medium): A vulnerability in the logging component of Cisco Identity Services Engine could allow an unauthenticated remote attacker to conduct…
CVE-2021-40121 — CVSS 6.1 (medium): Multiple vulnerabilities in the web-based management interface of Cisco Identity Services Engine (ISE) Software could allow an attacker to…
CVE-2024-20525 — CVSS 6.1 (medium): A vulnerability in the web-based management interface of Cisco ISE could allow an unauthenticated, remote attacker to conduct an XSS attack…
CVE-2024-20530 — CVSS 6.1 (medium): A vulnerability in the web-based management interface of Cisco ISE could allow an unauthenticated, remote attacker to conduct an XSS attack…
CVE-2019-1719 — CVSS 6.1 (medium): A vulnerability in the web-based guest portal of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to…
CVE-2023-20085 — CVSS 6.1 (medium): A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote…
CVE-2019-12644 — CVSS 6.1 (medium): A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) Software could allow an unauthenticated…
CVE-2020-3551 — CVSS 6.1 (medium): A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote…
CVE-2019-12631 — CVSS 6.1 (medium): A vulnerability in the web-based guest portal of Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote attacker to…
CVE-2022-20959 — CVSS 6.1 (medium): A vulnerability in the External RESTful Services (ERS) API of Cisco Identity Services Engine (ISE) Software could allow an authenticated…
CVE-2018-15455 — CVSS 6.1 (medium): A vulnerability in the logging component of Cisco Identity Services Engine could allow an unauthenticated, remote attacker to conduct…
CVE-2026-20136 — CVSS 6.0 (medium): A vulnerability in the CLI of Cisco Identity Services Engine (ISE) and Cisco ISE Passive Identity Connector (ISE-PIC) could allow an…
CVE-2024-20469 — CVSS 6.0 (medium): A vulnerability in specific CLI commands in Cisco Identity Services Engine (ISE) could allow an authenticated, local attacker to perform…
CVE-2013-5539 — CVSS 6.0 (medium): The upload-dialog implementation in Cisco Identity Services Engine (ISE) allows remote authenticated users to upload files with an…
CVE-2023-20021 — CVSS 6.0 (medium): Multiple vulnerabilities in specific Cisco Identity Services Engine (ISE) CLI commands could allow an authenticated, local attacker to…
CVE-2023-20022 — CVSS 6.0 (medium): Multiple vulnerabilities in specific Cisco Identity Services Engine (ISE) CLI commands could allow an authenticated, local attacker to…
CVE-2023-20023 — CVSS 6.0 (medium): Multiple vulnerabilities in specific Cisco Identity Services Engine (ISE) CLI commands could allow an authenticated, local attacker to…
CVE-2023-20030 — CVSS 6.0 (medium): A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker…
CVE-2023-20121 — CVSS 6.0 (medium): Multiple vulnerabilities in the restricted shell of Cisco Evolved Programmable Network Manager (EPNM), Cisco Identity Services Engine…
CVE-2023-20122 — CVSS 6.0 (medium): Multiple vulnerabilities in the restricted shell of Cisco Evolved Programmable Network Manager (EPNM), Cisco Identity Services Engine…
CVE-2023-20152 — CVSS 6.0 (medium): Multiple vulnerabilities in specific Cisco Identity Services Engine (ISE) CLI commands could allow an authenticated, local attacker to…
CVE-2023-20153 — CVSS 6.0 (medium): Multiple vulnerabilities in specific Cisco Identity Services Engine (ISE) CLI commands could allow an authenticated, local attacker to…
CVE-2023-20166 — CVSS 6.0 (medium): Multiple vulnerabilities in Cisco Identity Services Engine (ISE) could allow an authenticated attacker to perform path traversal attacks on…
CVE-2023-20167 — CVSS 6.0 (medium): Multiple vulnerabilities in Cisco Identity Services Engine (ISE) could allow an authenticated attacker to perform path traversal attacks on…
CVE-2023-20170 — CVSS 6.0 (medium): A vulnerability in a specific Cisco ISE CLI command could allow an authenticated, local attacker to perform command injection attacks on…
CVE-2023-20193 — CVSS 6.0 (medium): A vulnerability in the Embedded Service Router (ESR) of Cisco ISE could allow an authenticated, local attacker to read, write, or delete…
CVE-2020-3353 — CVSS 5.9 (medium): A vulnerability in the syslog processing engine of Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote attacker to…
CVE-2024-20531 — CVSS 5.5 (medium): A vulnerability in the API of Cisco ISE could allow an authenticated, remote attacker to read arbitrary files on the underlying operating…
CVE-2024-20332 — CVSS 5.5 (medium): A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker…
CVE-2024-20527 — CVSS 5.5 (medium): A vulnerability in the API of Cisco ISE could allow an authenticated, remote attacker to read and delete arbitrary files on an affected…
CVE-2024-20532 — CVSS 5.5 (medium): A vulnerability in the API of Cisco ISE could allow an authenticated, remote attacker to read and delete arbitrary files on an affected…
CVE-2024-20529 — CVSS 5.5 (medium): A vulnerability in the API of Cisco ISE could allow an authenticated, remote attacker to read and delete arbitrary files on an affected…
CVE-2025-20303 — CVSS 5.4 (medium): Multiple vulnerabilities in the web-based management interface of Cisco ISE and Cisco ISE-PIC could allow an authenticated, remote attacker…
CVE-2022-20966 — CVSS 5.4 (medium): A vulnerability in the web-based management interface of Cisco Identity Services Engine could allow an authenticated, remote attacker to…
CVE-2019-12637 — CVSS 5.4 (medium): Multiple vulnerabilities in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote…
CVE-2017-6605 — CVSS 5.4 (medium): A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker…
CVE-2018-0216 — CVSS 5.4 (medium): A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote…
CVE-2020-3157 — CVSS 5.4 (medium): A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker…
CVE-2025-20304 — CVSS 5.4 (medium): Multiple vulnerabilities in the web-based management interface of Cisco ISE and Cisco ISE-PIC could allow an authenticated, remote attacker…
CVE-2023-20106 — CVSS 5.4 (medium): Multiple vulnerabilities in Cisco Identity Services Engine (ISE) could allow an authenticated attacker to delete or read arbitrary files on…
CVE-2019-1673 — CVSS 5.4 (medium): A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker…
CVE-2017-6734 — CVSS 5.4 (medium): A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) Software could allow an authenticated, remote…
CVE-2019-12638 — CVSS 5.4 (medium): A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker…
CVE-2022-20963 — CVSS 5.4 (medium): A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker…
CVE-2024-20443 — CVSS 5.4 (medium): A vulnerability in the web-based management interface of Cisco ISE could allow an authenticated, remote attacker to conduct an XSS attack…
CVE-2023-20171 — CVSS 5.4 (medium): Multiple vulnerabilities in Cisco Identity Services Engine (ISE) could allow an authenticated attacker to delete or read arbitrary files on…
CVE-2023-20172 — CVSS 5.4 (medium): Multiple vulnerabilities in Cisco Identity Services Engine (ISE) could allow an authenticated attacker to delete or read arbitrary files on…
CVE-2018-0214 — CVSS 5.3 (medium): A vulnerability in certain CLI commands of Cisco Identity Services Engine (ISE) could allow an authenticated, local attacker to execute…
CVE-2022-20733 — CVSS 5.3 (medium): A vulnerability in the login page of Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote attacker to log in without…
CVE-2026-20195 — CVSS 5.3 (medium): A vulnerability in an identity management API endpoint of Cisco ISE could allow an unauthenticated, remote attacker to enumerate valid user…
CVE-2022-20937 — CVSS 5.3 (medium): A vulnerability in a feature that monitors RADIUS requests on Cisco Identity Services Engine (ISE) Software could allow an unauthenticated…
CVE-2013-3445 — CVSS 5.0 (medium): The firewall subsystem in Cisco Identity Services Engine has an incorrect rule for open ports, which allows remote attackers to cause a…
CVE-2013-5538 — CVSS 5.0 (medium): The Sponsor Portal in Cisco Identity Services Engine (ISE) uses weak permissions for uploaded files, which allows remote attackers to read…
CVE-2023-20174 — CVSS 4.9 (medium): Multiple vulnerabilities in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote…
CVE-2023-20087 — CVSS 4.9 (medium): Multiple vulnerabilities in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote…
CVE-2023-20173 — CVSS 4.9 (medium): Multiple vulnerabilities in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote…
CVE-2023-20077 — CVSS 4.9 (medium): Multiple vulnerabilities in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote…
CVE-2025-20130 — CVSS 4.9 (medium): A vulnerability in the API of Cisco Identity Services Engine (ISE) and Cisco ISE Passive Identity Connector (ISE-PIC) could allow an…
CVE-2023-20194 — CVSS 4.9 (medium): A vulnerability in the ERS API of Cisco ISE could allow an authenticated, remote attacker to read arbitrary files on the underlying…
CVE-2022-20914 — CVSS 4.9 (medium): A vulnerability in the External RESTful Services (ERS) API of Cisco Identity Services Engine (ISE) Software could allow an authenticated…
CVE-2025-20267 — CVSS 4.8 (medium): A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker…
CVE-2020-26083 — CVSS 4.8 (medium): A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker…
CVE-2020-3149 — CVSS 4.8 (medium): A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) Software could allow an authenticated, remote…
CVE-2020-3340 — CVSS 4.8 (medium): Multiple vulnerabilities in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote…
CVE-2020-3589 — CVSS 4.8 (medium): A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) Software could allow an authenticated, remote…
CVE-2021-1603 — CVSS 4.8 (medium): Multiple vulnerabilities in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote…
CVE-2021-1604 — CVSS 4.8 (medium): Multiple vulnerabilities in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote…
CVE-2021-1605 — CVSS 4.8 (medium): Multiple vulnerabilities in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote…
CVE-2021-1606 — CVSS 4.8 (medium): Multiple vulnerabilities in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote…
CVE-2021-1607 — CVSS 4.8 (medium): Multiple vulnerabilities in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote…
CVE-2021-34759 — CVSS 4.8 (medium): A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) Software could allow an authenticated, remote…
CVE-2022-20967 — CVSS 4.8 (medium): A vulnerability in the web-based management interface of Cisco Identity Services Engine could allow an authenticated, remote attacker to…
CVE-2023-20208 — CVSS 4.8 (medium): A vulnerability in the web-based management interface of Cisco ISE could allow an authenticated, remote attacker to conduct an XSS attack…
CVE-2024-20251 — CVSS 4.8 (medium): A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker…
CVE-2024-20479 — CVSS 4.8 (medium): A vulnerability in the web-based management interface of Cisco ISE could allow an authenticated, remote attacker to conduct an XSS attack…
CVE-2024-20539 — CVSS 4.8 (medium): A vulnerability in the web-based management interface of Cisco ISE could allow an authenticated, remote attacker to conduct a stored XSS…
CVE-2025-20204 — CVSS 4.8 (medium): Multiple vulnerabilities in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote…
CVE-2025-20205 — CVSS 4.8 (medium): Multiple vulnerabilities in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote…
CVE-2025-20289 — CVSS 4.8 (medium): Multiple vulnerabilities in the web-based management interface of Cisco ISE and Cisco ISE-PIC could allow an authenticated, remote attacker…
CVE-2026-20047 — CVSS 4.8 (medium): A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) and Cisco ISE Passive Identity Connector…
CVE-2026-20076 — CVSS 4.8 (medium): A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker…
CVE-2026-20132 — CVSS 4.8 (medium): Multiple vulnerabilities in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote…
CVE-2023-20196 — CVSS 4.7 (medium): Two vulnerabilities in Cisco ISE could allow an authenticated, remote attacker to upload arbitrary files to an affected device. To exploit…
CVE-2023-20195 — CVSS 4.7 (medium): Two vulnerabilities in Cisco ISE could allow an authenticated, remote attacker to upload arbitrary files to an affected device. To exploit…
CVE-2018-15425 — CVSS 4.7 (medium): A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker…
CVE-2018-15424 — CVSS 4.7 (medium): A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker…
CVE-2024-20296 — CVSS 4.7 (medium): A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker…
CVE-2021-1306 — CVSS 4.4 (medium): A vulnerability in the restricted shell of Cisco Evolved Programmable Network (EPN) Manager, Cisco Identity Services Engine (ISE), and…
CVE-2018-0211 — CVSS 4.4 (medium): A vulnerability in specific CLI commands for the Cisco Identity Services Engine could allow an authenticated, local attacker to cause a…
CVE-2018-15456 — CVSS 4.3 (medium): A vulnerability in the Admin Portal of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to view saved…
CVE-2014-0680 — CVSS 4.3 (medium): Cross-site scripting (XSS) vulnerability in the HTTP control interface in the NAC Web Agent component in Cisco Identity Services Engine…
CVE-2026-20193 — CVSS 4.3 (medium): A vulnerability in the RADIUS Policy API endpoints of Cisco ISE could allow an authenticated, remote attacker with read-only…
CVE-2025-20305 — CVSS 4.3 (medium): A vulnerability in the web-based management interface of Cisco ISE could allow an authenticated, remote attacker to obtain sensitive…
CVE-2022-20965 — CVSS 4.3 (medium): A vulnerability in the web-based management interface of Cisco Identity Services Engine could allow an authenticated, remote attacker to…
CVE-2021-40123 — CVSS 4.3 (medium): A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker…
CVE-2021-34702 — CVSS 4.3 (medium): A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker…
CVE-2020-3525 — CVSS 4.3 (medium): A vulnerability in the Admin portal of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to recover…
CVE-2023-20213 — CVSS 4.3 (medium): A vulnerability in the CDP processing feature of Cisco ISE could allow an unauthenticated, adjacent attacker to cause a denial of service…
CVE-2019-1942 — CVSS 4.3 (medium): A vulnerability in the sponsor portal web interface for Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker…
CVE-2024-20487 — CVSS 4.3 (medium): A vulnerability in the web-based management interface of Cisco ISE could allow an authenticated, remote attacker to conduct a stored XSS…
CVE-2024-20476 — CVSS 4.3 (medium): A vulnerability in the web-based management interface of Cisco ISE could allow an authenticated, remote attacker to bypass the…
CVE-2025-20285 — CVSS 4.1 (medium): A vulnerability in the IP Access Restriction feature of Cisco ISE and Cisco ISE-PIC could allow an authenticated, remote attacker to bypass…
CVE-2022-20962 — CVSS 3.8 (low): A vulnerability in the Localdisk Management feature of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker…
CVE-2024-20528 — CVSS 3.8 (low): A vulnerability in the API of Cisco ISE could allow an authenticated, remote attacker to upload files to arbitrary locations on the…
CVE-2013-5541 — CVSS 3.5 (low): Cross-site scripting (XSS) vulnerability in the file-upload interface in Cisco Identity Services Engine (ISE) allows remote authenticated…