CNNVD-202511-404 Information
CNNVD ID
CNNVD-202511-404
Related CVE
- CNNVD Published: 2025-11-05
Description (Chinese)
Cisco Identity Services Engine(Cisco ISE)是美国思科(Cisco)公司的一款环境感知平台(ISE身份服务引擎)。该平台通过收集网络、用户和设备中的实时信息,制定并实施相应策略来监管网络。 Cisco Identity Services Engine(Cisco ISE)存在安全漏洞,该漏洞源于文件缺少适当的数据保护机制,可能导致具有只读管理员权限的攻击者查看高权限用户密码。
Description (English)
Cisco Information Services Engineering (Cisco ISE) is an environmental awareness platform for Cisco companies. The platform regulates networks by collecting real-time information from networks, users and equipment and developing and implementing strategies. There is a security loophole in Cisco Service Services Engineering (Cisco ISE), which stems from the lack of appropriate data protection mechanisms for the document, which may lead the assailant with read-only administrator access to high-permit user passwords.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
思科
Published
2025-11-05
Last Modified
2026-02-24
References
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-multiple-vulns-O9BESWJH https://access.redhat.com/security/cve/cve-2025-20305