CVE Catalog

CVE-2026-20190

HighCVSS 7.5
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.37%

29th percentile — higher than 29% of all known CVEs

Summary

A vulnerability in Cisco ISE and ISE-PIC could allow an unauthenticated, remote attacker to view sensitive information on an affected device. This issue is due to improper authorization checks when accessing resources.

Risk Assessment

An attacker could gain access to sensitive information, including hashed credentials that could be used in future attacks, posing a significant threat to the organization's security.

Recommendation

It is recommended to update Cisco ISE and ISE-PIC to the latest version to patch this vulnerability and implement additional security measures to protect sensitive data.

Original NVD description (English source)

A vulnerability in Cisco ISE and ISE-PIC could allow an unauthenticated, remote attacker to view sensitive information on an affected device. This vulnerability is due to improper authorization checks when a resource is accessed. An attacker could exploit this vulnerability by sending crafted traffic to an affected device. A successful exploit could allow the attacker to gain access to sensitive information, including hashed credentials that could be used in future attacks.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS