CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2026-20190

A vulnerability in Cisco ISE and ISE-PIC could allow an unauthenticated, remote attacker to view sensitive information on an affected device. This vulnerability is due to improper authorization checks when a resource is accessed. An attacker could exploit this vulnerability by sending crafted traffic to an affected device. A successful exploit could allow the attacker to gain access to sensitive information, including hashed credentials that could be used in future attacks.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.004

EPSS Ranking 28.7%

CVSS Severity

CVSS v3 Score 7.5

References

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-multi-G5WP8vv

Products affected by CVE-2026-20190

Cisco » Identity Services Engine » Version: 3.4.0

cpe:2.3:a:cisco:identity_services_engine:3.4.0
Cisco » Identity Services Engine » Version: 3.5.0

cpe:2.3:a:cisco:identity_services_engine:3.5.0
Cisco » Identity Services Engine Passive Identity Connector » Version: 3.4.0

cpe:2.3:a:cisco:identity_services_engine_passive_identity_connector:3.4.0
Cisco » Identity Services Engine Passive Identity Connector » Version: 3.5.0

cpe:2.3:a:cisco:identity_services_engine_passive_identity_connector:3.5.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2026-20190

Products

Pricing

Contact Us