CNNVD-202506-3182 Information

Jun 25, 2025 cve

CNNVD ID

CNNVD-202506-3182

CVE-2025-20282

CNNVD Published: 2025-06-25

Description (Chinese)

Cisco ISE和Cisco ISE-PIC都是美国思科（Cisco）公司的产品。Cisco ISE是一个 NAC 解决方案。用于管理零信任架构中的端点、用户和设备对网络资源的访问。Cisco ISE-PIC是一个组件。 Cisco ISE和Cisco ISE-PIC存在安全漏洞，该漏洞源于文件验证不足，可能导致上传和执行任意文件。

Description (English)

Cisco ISE and Cisco ISE-PIC are all Cisco products. Cisco ISE is a NAC solution. To manage endpoints, users and equipment access to network resources in the zero confidence architecture. Cisco ISE-PIC is a component. There is a security gap between Cisco ISE and Cisco ISE-PIC, which stems from insufficient document validation and may lead to the uploading and execution of arbitrary documents.

Hazard Level

Low

Vulnerability Type

其他

Affected Vendor

思科

Published

2025-06-25

Last Modified

2026-02-24

References

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-unauth-rce-ZAd2GnJ6 https://nvd.nist.gov/vuln/detail/CVE-2025-20282

Patch

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-unauth-rce-ZAd2GnJ6

Share on: