CVE-2025-20305 | Cisco Identity Services Engine Software up to 3.4.0 Web-based Management Interface insufficient granularity of access control (cisco-sa-ise-multiple-vulns-O9BESWJH)

Inserito da Angelo Barbosa | Nov 5, 2025 | CVE

A vulnerability was found in Cisco Identity Services Engine Software. It has been rated as problematic. This affects an unknown part of the component Web-based Management Interface. The manipulation leads to insufficient granularity of access control.

This vulnerability is traded as CVE-2025-20305. It is possible to initiate the attack remotely. There is no exploit available.

Upgrading the affected component is advised.

CVE-2025-20305 | Cisco Identity Services Engine Software up to 3.4.0 Web-based Management Interface insufficient granularity of access control (cisco-sa-ise-multiple-vulns-O9BESWJH)

Post correlati

CVE-2024-3443 | SourceCodester Prison Management System 1.0 apply_leave.php txtstart_date/txtend_date cross site scripting

CVE-2024-42367 | aio-libs aiohttp up to 3.10.1 symlink (GHSA-jwhx-xcg6-8xhj)

CVE-2024-6444 | zephyrproject-rtos Zephyr up to 3.6 ots_client.c olcp_ind_handler heap-based overflow

CVE-2024-6760 | FreeBSD ktrace information disclosure