CNNVD-202601-1192 Information
CNNVD ID
CNNVD-202601-1192
Related CVE
- CNNVD Published: 2026-01-07
Description (Chinese)
Cisco Identity Services Engine(Cisco ISE)和Cisco ISE Passive Identity Connector都是美国思科(Cisco)公司的产品。Cisco Identity Services Engine是一款环境感知平台(ISE身份服务引擎)。该平台通过收集网络、用户和设备中的实时信息,制定并实施相应策略来监管网络。Cisco ISE Passive Identity Connector是一个身份服务引擎被动身份连接器。 Cisco Identity Services Engine(Cisco ISE)和Cisco ISE Passive Identity Connector存在代码问题漏洞,该漏洞源于基于Web的管理界面解析XML不当,可能导致读取任意文件。
Description (English)
Cisco Industries Engineering and Cisco ISE Passive Identity Contractor are all Cisco products. Cisco Identity Services Engineering is an environmental awareness platform (ISE identity service engine). The platform regulates networks by collecting real-time information from networks, users and equipment and developing and implementing strategies. Cisco ISSE Passive Identity Contractor is a passive identity connector for the identity service engine. Cisco Infrastructure Services Engineering and Cisco ISE Pacific Contact had a code gap, which stemmed from the inappropriate analysis of XML, based on the Web-based management interface, which could lead to the reading of any file.
Hazard Level
High
Vulnerability Type
代码问题
Affected Vendor
思科
Published
2026-01-07
Last Modified
2026-02-24