Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2025-20305

A vulnerability in the web-based management interface of Cisco ISE could allow an authenticated, remote attacker to obtain sensitive information from an affected device. This vulnerability exists because certain files lack proper data protection mechanisms. An attacker with read-only Administrator privileges could exploit this vulnerability by performing actions where the results should only be viewable to a high-privileged user. A successful exploit could allow the attacker to view passwords that are normally not visible to read-only administrators.

Published

2025-11-05T17:15:37.170

Last Modified

2025-11-19T15:02:15.157

Status

Analyzed

Source

[email protected]

Severity

CVSSv3.1: 4.3 (MEDIUM)

Weaknesses
  • Type: Secondary
    CWE-1220
Affected Vendors & Products
Type Vendor Product Version/Range Vulnerable?
Application cisco identity_services_engine ≤ 3.1.0 Yes
Application cisco identity_services_engine 3.2.0 Yes
Application cisco identity_services_engine 3.2.0 Yes
Application cisco identity_services_engine 3.2.0 Yes
Application cisco identity_services_engine 3.2.0 Yes
Application cisco identity_services_engine 3.2.0 Yes
Application cisco identity_services_engine 3.2.0 Yes
Application cisco identity_services_engine 3.2.0 Yes
Application cisco identity_services_engine 3.2.0 Yes
Application cisco identity_services_engine 3.3.0 Yes
Application cisco identity_services_engine 3.3.0 Yes
Application cisco identity_services_engine 3.3.0 Yes
Application cisco identity_services_engine 3.3.0 Yes
Application cisco identity_services_engine 3.3.0 Yes
Application cisco identity_services_engine 3.3.0 Yes
Application cisco identity_services_engine 3.3.0 Yes
Application cisco identity_services_engine 3.3.0 Yes
Application cisco identity_services_engine 3.4.0 Yes
Application cisco identity_services_engine 3.4.0 Yes
Application cisco identity_services_engine 3.4.0 Yes
Application cisco identity_services_engine 3.4.0 Yes
References