An API of Cisco ISE, which Cisco didn’t confirm to be the same as the one affected by CVE-2025-20124, could allow attackers with the same admin credentials to obtain sensitive information, ...

Cisco has released patches to address three vulnerabilities with public exploit code in its Identity Services Engine (ISE) and Customer Collaboration Platform (CCP) solutions.

Cisco has fixed two critical Identity Services Engine (ISE) vulnerabilities that can let attackers with read-only admin privileges bypass authorization and run commands as root.

In the Cisco Identity Services Engine (ISE), authenticated attackers can also launch remote cross-site scripting attacks against users of the web-based management interface (CVE-2024-20443, CVSS 5 ...