The Portuguese version of this Article can be found at: Vulnerabilidade que afeta o Cisco ISE (CVE-2025-20286) .
 |
For an offline or printed copy of this document, simply choose ⋮ Options > Printer Friendly Page. You may then Print > Print to PDF or Copy & Paste to any other document format you like. |
Introduction
Please be aware of the following CVE (Common Vulnerabilities and Exposures) of CVSS (Common Vulnerability Scoring System) Critical :
CVE-2025-20286 of June 04, 2025
described in:
CVE-2025-20286 Cisco Identity Services Engine on Cloud Platforms Static Credential Vulnerability
CSCwn63400 ISE on Cloud Deployments Static Credential.
Summary
A vulnerability in Amazon Web Services (AWS), Microsoft Azure, and Oracle Cloud Infrastructure (OCI) Cloud Deployments of Cisco ISE could allow an unauthenticated, remote attacker to access sensitive data, execute limited administrative operations, modify system configurations, or disrupt services within the impacted systems.
Note: if the PPAN is deployed in the Cloud, then Cisco ISE is affected by this vulnerability. If the PPAN is On-Premises, then it is not affected.
Workaround
There is no Workaround that will solve this vulnerability !!!
Affected Products & Fixed Software
The vulnerability affects Cisco ISE in the following versions:
To access the version of Cisco ISE that fixes this CVE:
