CVE-2026-20190
Cisco Identity Services Engine Information Disclosure Vulnerability
CVSS Score
7.5
EPSS Score
0.0%
EPSS Percentile
0th
A vulnerability in Cisco ISE and ISE-PIC could allow an unauthenticated, remote attacker to view sensitive information on an affected device. This vulnerability is due to improper authorization checks when a resource is accessed. An attacker could exploit this vulnerability by sending crafted traffic to an affected device. A successful exploit could allow the attacker to gain access to sensitive information, including hashed credentials that could be used in future attacks.
| CWE | CWE-285 |
| Vendor | cisco |
| Product | cisco identity services engine software |
| Ecosystems | |
| Industries | NetworkingTelecommunications |
| Published | Jun 17, 2026 |
| Last Updated | Jun 17, 2026 |
Stay Ahead of the Next One
Get instant alerts for cisco cisco identity services engine software
Be the first to know when new high vulnerabilities affecting cisco cisco identity services engine software are published โ delivered to Slack, Telegram or Discord.
Get Free Alerts โ
Free ยท No credit card ยท 60 sec setup
CVSS v3 Breakdown
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
None
Availability
None
Affected Versions
Cisco / Cisco Identity Services Engine Software
3.4.0 3.4 Patch 1 3.4 Patch 2 3.4 Patch 3 3.5.0 3.4 Patch 4 3.5 Patch 1 3.4 Patch 5 3.5 Patch 2
Cisco / Cisco ISE Passive Identity Connector
3.4.0