CNNVD-202507-2258 Information

Jul 16, 2025 cve

CNNVD ID

CNNVD-202507-2258

CVE-2025-20285

CNNVD Published: 2025-07-16

Description (Chinese)

Cisco ISE和Cisco ISE-PIC都是美国思科（Cisco）公司的产品。Cisco ISE是一个 NAC 解决方案。用于管理零信任架构中的端点、用户和设备对网络资源的访问。Cisco ISE-PIC是一个组件。 Cisco ISE和Cisco ISE-PIC存在安全漏洞，该漏洞源于IP访问限制功能执行不当，可能导致远程攻击者绕过IP限制登录设备。

Description (English)

Cisco ISE and Cisco ISE-PIC are all Cisco products. Cisco ISE is a NAC solution. To manage endpoints, users and equipment access to network resources in the zero confidence architecture. Cisco ISE-PIC is a component. Cisco ISE and Cisco ISE-PIC had a security loophole, which stemmed from the improper implementation of IP access restrictions, which could result in remote attackers bypassing IP-restricted access devices.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

思科

Published

2025-07-16

Last Modified

2026-02-24

References

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-multi-3VpsXOxO

Patch

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-multi-3VpsXOxO

Share on: