Improper authorization in Cisco Identity Services Engine (ISE) - CVE-2025-20264
Published: June 25, 2025
Vulnerability identifier: #VU111941
CSH Severity: Medium
CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/U:Green
CVE-ID: CVE-2025-20264
CWE-ID: CWE-285
Exploitation vector: Remote access
Exploit availability:
No public exploit available
Vendor: Cisco Systems, Inc
Affected software:
Cisco Identity Services Engine (ISE)
Cisco Identity Services Engine (ISE)
Detailed vulnerability description
The vulnerability allows a remote user to escalate privileges on the system.
The vulnerability exists due to insufficient authorization enforcement mechanisms for users created by SAML SSO integration with an external identity provider in the web-based management interface. A remote authenticated user can bypass the authorization mechanisms for specific administrative functions.
How to mitigate CVE-2025-20264
Install updates from vendor's website.