#VU111941 Improper authorization in Cisco Identity Services Engine (ISE) - CVE-2025-20264
Published: June 25, 2025
Vulnerability identifier: #VU111941
Vulnerability risk: Medium
CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/U:Green
CVE-ID: CVE-2025-20264
CWE-ID: CWE-285
Exploitation vector: Remote access
Exploit availability:
No public exploit available
Vulnerable software:
Cisco Identity Services Engine (ISE)
Cisco Identity Services Engine (ISE)
Software vendor:
Cisco Systems, Inc
Cisco Systems, Inc
Description
The vulnerability allows a remote user to escalate privileges on the system.
The vulnerability exists due to insufficient authorization enforcement mechanisms for users created by SAML SSO integration with an external identity provider in the web-based management interface. A remote authenticated user can bypass the authorization mechanisms for specific administrative functions.
Remediation
Install updates from vendor's website.