CNNVD-202506-3166 Information

CNNVD ID

CNNVD-202506-3166

Related CVE

CVE-2025-20264

• CNNVD Published: 2025-06-25

Description (Chinese)

Cisco Identity Services Engine（Cisco ISE）是美国思科（Cisco）公司的一款环境感知平台（ISE身份服务引擎）。该平台通过收集网络、用户和设备中的实时信息，制定并实施相应策略来监管网络。 Cisco Identity Services Engine（Cisco ISE）存在授权问题漏洞，该漏洞源于授权机制不足，可能导致修改系统设置。

Description (English)

Cisco Information Services Engineering (Cisco ISE) is an environmental awareness platform for Cisco companies. The platform regulates networks by collecting real-time information from networks, users and equipment and developing and implementing strategies. There is a mandate gap in Cisco Service Services Engineering (Cisco ISE), which stems from inadequate delegation mechanisms and may lead to changes in system settings.

Hazard Level

High

Vulnerability Type

授权问题

Affected Vendor

思科

Published

2025-06-25

Last Modified

2026-02-24

References

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-auth-bypass-mVfKVQAU https://nvd.nist.gov/vuln/detail/CVE-2025-20264

Patch

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-auth-bypass-mVfKVQAU