Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2025-20130

Опубликовано: 04 июн. 2025
Источник: nvd
CVSS3: 4.9
CVSS3: 7.2
EPSS Низкий

Описание

A vulnerability in the API of Cisco Identity Services Engine (ISE) and Cisco ISE Passive Identity Connector (ISE-PIC) could allow an authenticated, remote attacker with administrative privileges to upload files to an affected device.

This vulnerability is due to improper validation of the file copy function. An attacker could exploit this vulnerability by sending a crafted file upload request to a specific API endpoint. A successful exploit could allow the attacker to upload arbitrary files to an affected system.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:cisco:identity_services_engine:*:*:*:*:*:*:*:*
Версия до 3.1.0 (исключая)
cpe:2.3:a:cisco:identity_services_engine:3.1.0:-:*:*:*:*:*:*
cpe:2.3:a:cisco:identity_services_engine:3.1.0:patch1:*:*:*:*:*:*
cpe:2.3:a:cisco:identity_services_engine:3.1.0:patch2:*:*:*:*:*:*
cpe:2.3:a:cisco:identity_services_engine:3.1.0:patch3:*:*:*:*:*:*
cpe:2.3:a:cisco:identity_services_engine:3.1.0:patch4:*:*:*:*:*:*
cpe:2.3:a:cisco:identity_services_engine:3.1.0:patch5:*:*:*:*:*:*
cpe:2.3:a:cisco:identity_services_engine:3.1.0:patch6:*:*:*:*:*:*
cpe:2.3:a:cisco:identity_services_engine:3.1.0:patch7:*:*:*:*:*:*
cpe:2.3:a:cisco:identity_services_engine:3.1.0:patch8:*:*:*:*:*:*
cpe:2.3:a:cisco:identity_services_engine:3.1.0:patch9:*:*:*:*:*:*
cpe:2.3:a:cisco:identity_services_engine:3.2.0:-:*:*:*:*:*:*
cpe:2.3:a:cisco:identity_services_engine:3.2.0:patch1:*:*:*:*:*:*
cpe:2.3:a:cisco:identity_services_engine:3.2.0:patch2:*:*:*:*:*:*
cpe:2.3:a:cisco:identity_services_engine:3.2.0:patch3:*:*:*:*:*:*
cpe:2.3:a:cisco:identity_services_engine:3.2.0:patch4:*:*:*:*:*:*
cpe:2.3:a:cisco:identity_services_engine:3.2.0:patch5:*:*:*:*:*:*
cpe:2.3:a:cisco:identity_services_engine:3.2.0:patch6:*:*:*:*:*:*
cpe:2.3:a:cisco:identity_services_engine:3.3.0:-:*:*:*:*:*:*
cpe:2.3:a:cisco:identity_services_engine:3.3.0:patch1:*:*:*:*:*:*
cpe:2.3:a:cisco:identity_services_engine:3.3.0:patch2:*:*:*:*:*:*
Конфигурация 2

Одно из

cpe:2.3:a:cisco:identity_services_engine_passive_identity_connector:*:*:*:*:*:*:*:*
Версия до 3.1.0 (исключая)
cpe:2.3:a:cisco:identity_services_engine_passive_identity_connector:3.1.0:-:*:*:*:*:*:*
cpe:2.3:a:cisco:identity_services_engine_passive_identity_connector:3.1.0:patch1:*:*:*:*:*:*
cpe:2.3:a:cisco:identity_services_engine_passive_identity_connector:3.1.0:patch2:*:*:*:*:*:*
cpe:2.3:a:cisco:identity_services_engine_passive_identity_connector:3.1.0:patch3:*:*:*:*:*:*
cpe:2.3:a:cisco:identity_services_engine_passive_identity_connector:3.1.0:patch4:*:*:*:*:*:*
cpe:2.3:a:cisco:identity_services_engine_passive_identity_connector:3.1.0:patch5:*:*:*:*:*:*
cpe:2.3:a:cisco:identity_services_engine_passive_identity_connector:3.1.0:patch6:*:*:*:*:*:*
cpe:2.3:a:cisco:identity_services_engine_passive_identity_connector:3.1.0:patch7:*:*:*:*:*:*
cpe:2.3:a:cisco:identity_services_engine_passive_identity_connector:3.1.0:patch8:*:*:*:*:*:*
cpe:2.3:a:cisco:identity_services_engine_passive_identity_connector:3.1.0:patch9:*:*:*:*:*:*
cpe:2.3:a:cisco:identity_services_engine_passive_identity_connector:3.2.0:-:*:*:*:*:*:*
cpe:2.3:a:cisco:identity_services_engine_passive_identity_connector:3.2.0:patch1:*:*:*:*:*:*
cpe:2.3:a:cisco:identity_services_engine_passive_identity_connector:3.2.0:patch2:*:*:*:*:*:*
cpe:2.3:a:cisco:identity_services_engine_passive_identity_connector:3.2.0:patch3:*:*:*:*:*:*
cpe:2.3:a:cisco:identity_services_engine_passive_identity_connector:3.2.0:patch4:*:*:*:*:*:*
cpe:2.3:a:cisco:identity_services_engine_passive_identity_connector:3.2.0:patch5:*:*:*:*:*:*
cpe:2.3:a:cisco:identity_services_engine_passive_identity_connector:3.2.0:patch6:*:*:*:*:*:*
cpe:2.3:a:cisco:identity_services_engine_passive_identity_connector:3.3.0:-:*:*:*:*:*:*
cpe:2.3:a:cisco:identity_services_engine_passive_identity_connector:3.3.0:patch1:*:*:*:*:*:*
cpe:2.3:a:cisco:identity_services_engine_passive_identity_connector:3.3.0:patch2:*:*:*:*:*:*

EPSS

Процентиль: 13%
0.00044
Низкий

4.9 Medium

CVSS3

7.2 High

CVSS3

Дефекты

CWE-284
CWE-434

Связанные уязвимости

github логотип

GHSA-px43-75mc-j6hq

CVSS3: 4.9
github
8 месяцев назад

A vulnerability in the API of Cisco Identity Services Engine (ISE) and Cisco ISE Passive Identity Connector (ISE-PIC) could allow an authenticated, remote attacker with administrative privileges to upload files to an affected device. This vulnerability is due to improper validation of the file copy function. An attacker could exploit this vulnerability by sending a crafted file upload request to a specific API endpoint. A successful exploit could allow the attacker to upload arbitrary files to an affected system.

fstec логотип

BDU:2025-08241

CVSS3: 4.9
fstec
8 месяцев назад

Уязвимость компонента API платформы управления политиками соединений Cisco Identity Services Engine (ISE) и Cisco ISE Passive Identity Connector (ISE-PIC), позволяющая нарушителю загружать произвольные файлы

EPSS

Процентиль: 13%
0.00044
Низкий

4.9 Medium

CVSS3

7.2 High

CVSS3

Дефекты

CWE-284
CWE-434