https://community.cisco.com/t5/network-access-control/cisco-ise-3-4-patch-6/m-p/5546647#M600284 <P class="lia-align-justify">Hi&nbsp;<a href="https://community.cisco.com/t5/user/viewprofilepage/user-id/2067197">@millsbenjamin66</a>&nbsp;,</P> <P class="lia-align-justify">&nbsp;please take a look at <A href="https://community.cisco.com/t5/security-knowledge-base/ise-cve-release-3-x/ta-p/5319594" target="_blank" rel="noopener">ISE - CVE: release 3.x</A>.</P> <P class="lia-align-justify">&nbsp;</P> <P class="lia-align-justify">Hope this helps !</P> <P class="lia-align-justify">&nbsp;</P> Sun, 19 Apr 2026 23:00:25 GMT Marcelo Morais 2026-04-19T23:00:25Z https://community.cisco.com/t5/network-access-control/cisco-ise-3-4-patch-6/m-p/5546291#M600272 <P>Trying to upgrade to ISE to patch the newly published CVEs. Apparently the recommended approach from Cisco is to patch immediately. How am I supposed to do this if the patch isn’t available to download?</P><P><SPAN>• </SPAN><SPAN>CVE-2026-20147</SPAN><SPAN> - 'Improper Neutralization of Special Elements used in a Command' vulnerability - CVSS v3.1 Base Score: 9.9</SPAN></P><P><SPAN>• </SPAN><SPAN>CVE-2026-20148</SPAN><SPAN> - 'Improper Limitation of a Pathname to a Restricted Directory' vulnerability - CVSS v3.1 Base Score: 4.9</SPAN></P><P><SPAN>• </SPAN><SPAN>CVE-2026-20186 </SPAN><SPAN>- 'Improper Neutralization of Special Elements used in a Command' vulnerability - CVSS v3.1 Base Score: 9.9</SPAN></P><P><SPAN>• </SPAN><SPAN>CVE-2026-20180</SPAN><SPAN> - 'Improper Limitation of a Pathname to a Restricted Directory' vulnerability - CVSS v3.1 Base Score: 9.9</SPAN></P> Fri, 17 Apr 2026 18:58:33 GMT https://community.cisco.com/t5/network-access-control/cisco-ise-3-4-patch-6/m-p/5546291#M600272 millsbenjamin66 2026-04-17T18:58:33Z https://community.cisco.com/t5/network-access-control/cisco-ise-3-4-patch-6/m-p/5546295#M600274 <P>Cisco says it will be available sometime in April, we need to wait.</P> Fri, 17 Apr 2026 19:16:01 GMT https://community.cisco.com/t5/network-access-control/cisco-ise-3-4-patch-6/m-p/5546295#M600274 aleabrahao 2026-04-17T19:16:01Z https://community.cisco.com/t5/network-access-control/cisco-ise-3-4-patch-6/m-p/5546302#M600276 <P>They really need to make that much more clearer. I couldn’t even get that answer from TAC</P> Fri, 17 Apr 2026 19:25:44 GMT https://community.cisco.com/t5/network-access-control/cisco-ise-3-4-patch-6/m-p/5546302#M600276 millsbenjamin66 2026-04-17T19:25:44Z https://community.cisco.com/t5/network-access-control/cisco-ise-3-4-patch-6/m-p/5546306#M600277 <P><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="aleabrahao_0-1776454311932.png" style="width: 400px;"><img src="https://community.cisco.com/t5/image/serverpage/image-id/280718i1ED73F1FEDC168E8/image-size/medium?v=v2&amp;px=400" role="button" title="aleabrahao_0-1776454311932.png" alt="aleabrahao_0-1776454311932.png" /></span></P><P>&nbsp;</P> Fri, 17 Apr 2026 19:32:02 GMT https://community.cisco.com/t5/network-access-control/cisco-ise-3-4-patch-6/m-p/5546306#M600277 aleabrahao 2026-04-17T19:32:02Z https://community.cisco.com/t5/network-access-control/cisco-ise-3-4-patch-6/m-p/5546312#M600278 <P>I’m sorry but in no way is that clear. We are in April 2026 and 3.3 Patch 11 is available to there is huge inconsistency.</P> Fri, 17 Apr 2026 20:02:27 GMT https://community.cisco.com/t5/network-access-control/cisco-ise-3-4-patch-6/m-p/5546312#M600278 millsbenjamin66 2026-04-17T20:02:27Z https://community.cisco.com/t5/network-access-control/cisco-ise-3-4-patch-6/m-p/5546316#M600279 <P>April isn't over yet, as far as I remember, so we have to wait.</P> Fri, 17 Apr 2026 20:13:05 GMT https://community.cisco.com/t5/network-access-control/cisco-ise-3-4-patch-6/m-p/5546316#M600279 aleabrahao 2026-04-17T20:13:05Z https://community.cisco.com/t5/network-access-control/cisco-ise-3-4-patch-6/m-p/5546347#M600280 <P>We, as a Cisco partner was briefed about this... Don't you use a Cisco partner you could ask? Anyway, in the field notice about public TLS certs, there is the following paragraph, so they should arrive soon:</P><P>Upgrade Cisco ISE system software to a patch release that introduces updated certificate handling for certificates issued under the new CA policies. The following patches will be released starting mid-April 2026:&nbsp;</P><P>Cisco ISE Release Patch</P><TABLE><TBODY><TR><TD>3.1</TD><TD>Patch 11</TD></TR><TR><TD>3.2</TD><TD>Patch 10</TD></TR><TR><TD>3.3</TD><TD>Patch 11</TD></TR><TR><TD>3.4</TD><TD>Patch 6</TD></TR><TR><TD>3.5</TD><TD>Patch 3</TD></TR></TBODY></TABLE><P>&nbsp;</P> Sat, 18 Apr 2026 06:20:31 GMT https://community.cisco.com/t5/network-access-control/cisco-ise-3-4-patch-6/m-p/5546347#M600280 beepmeep 2026-04-18T06:20:31Z https://community.cisco.com/t5/network-access-control/cisco-ise-3-4-patch-6/m-p/5546647#M600284 <P class="lia-align-justify">Hi&nbsp;<a href="https://community.cisco.com/t5/user/viewprofilepage/user-id/2067197">@millsbenjamin66</a>&nbsp;,</P> <P class="lia-align-justify">&nbsp;please take a look at <A href="https://community.cisco.com/t5/security-knowledge-base/ise-cve-release-3-x/ta-p/5319594" target="_blank" rel="noopener">ISE - CVE: release 3.x</A>.</P> <P class="lia-align-justify">&nbsp;</P> <P class="lia-align-justify">Hope this helps !</P> <P class="lia-align-justify">&nbsp;</P> Sun, 19 Apr 2026 23:00:25 GMT https://community.cisco.com/t5/network-access-control/cisco-ise-3-4-patch-6/m-p/5546647#M600284 Marcelo Morais 2026-04-19T23:00:25Z