CNNVD-202507-2260 Information
Jul 16, 2025
cve
CNNVD ID
CNNVD-202507-2260
Related CVE
- CNNVD Published: 2025-07-16
Description (Chinese)
Cisco ISE和Cisco ISE-PIC都是美国思科(Cisco)公司的产品。Cisco ISE是一个 NAC 解决方案。用于管理零信任架构中的端点、用户和设备对网络资源的访问。Cisco ISE-PIC是一个组件。 Cisco ISE和Cisco ISE-PIC存在注入漏洞,该漏洞源于用户输入验证不足,可能导致远程攻击者以root权限执行任意代码。
Description (English)
Cisco ISE and Cisco ISE-PIC are all Cisco products. Cisco ISE is a NAC solution. To manage endpoints, users and equipment access to network resources in the zero confidence architecture. Cisco ISE-PIC is a component. Cisco ISE and Cisco ISE-PIC had an injection loophole, which stemmed from a lack of user input validation, which could lead to remote assailants implementing random codes with root privileges.
Hazard Level
High
Vulnerability Type
注入
Affected Vendor
思科
Published
2025-07-16
Last Modified
2026-02-24