CNNVD-202507-2259 Information

CNNVD ID

CNNVD-202507-2259

Related CVE

CVE-2025-20283

• CNNVD Published: 2025-07-16

Description (Chinese)

Cisco ISE和Cisco ISE-PIC都是美国思科（Cisco）公司的产品。Cisco ISE是一个 NAC 解决方案。用于管理零信任架构中的端点、用户和设备对网络资源的访问。Cisco ISE-PIC是一个组件。 Cisco ISE和Cisco ISE-PIC存在注入漏洞，该漏洞源于API输入验证不足，可能导致执行任意代码。

Description (English)

Cisco ISE and Cisco ISE-PIC are all Cisco products. Cisco ISE is a NAC solution. To manage endpoints, users and equipment access to network resources in the zero confidence architecture. Cisco ISE-PIC is a component. Cisco ISE and Cisco ISE-PIC had an injection loophole, which stemmed from insufficient API input validation and could lead to the implementation of any code.

Hazard Level

High

Vulnerability Type

注入

Affected Vendor

思科

Published

2025-07-16

Last Modified

2026-02-24

References

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-multi-3VpsXOxO

Patch

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-multi-3VpsXOxO