FKIE_CVE-2025-20130

Vulnerability from fkie_nvd - Published: 2025-06-04 17:15 - Updated: 2025-07-22 15:47
Severity ?
4.9 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N
7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
A vulnerability in the API of Cisco Identity Services Engine (ISE) and Cisco ISE Passive Identity Connector (ISE-PIC) could allow an authenticated, remote attacker with administrative privileges to upload files to an affected device. This vulnerability is due to improper validation of the file copy function. An attacker could exploit this vulnerability by sending a crafted file upload request to a specific API endpoint. A successful exploit could allow the attacker to upload arbitrary files to an affected system.
References
psirt@cisco.comhttps://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-file-upload-P4M8vwXYVendor Advisory
Impacted products
Vendor Product Version
cisco identity_services_engine *
cisco identity_services_engine 3.1.0
cisco identity_services_engine 3.1.0
cisco identity_services_engine 3.1.0
cisco identity_services_engine 3.1.0
cisco identity_services_engine 3.1.0
cisco identity_services_engine 3.1.0
cisco identity_services_engine 3.1.0
cisco identity_services_engine 3.1.0
cisco identity_services_engine 3.1.0
cisco identity_services_engine 3.1.0
cisco identity_services_engine 3.2.0
cisco identity_services_engine 3.2.0
cisco identity_services_engine 3.2.0
cisco identity_services_engine 3.2.0
cisco identity_services_engine 3.2.0
cisco identity_services_engine 3.2.0
cisco identity_services_engine 3.2.0
cisco identity_services_engine 3.3.0
cisco identity_services_engine 3.3.0
cisco identity_services_engine 3.3.0
cisco identity_services_engine_passive_identity_connector *
cisco identity_services_engine_passive_identity_connector 3.1.0
cisco identity_services_engine_passive_identity_connector 3.1.0
cisco identity_services_engine_passive_identity_connector 3.1.0
cisco identity_services_engine_passive_identity_connector 3.1.0
cisco identity_services_engine_passive_identity_connector 3.1.0
cisco identity_services_engine_passive_identity_connector 3.1.0
cisco identity_services_engine_passive_identity_connector 3.1.0
cisco identity_services_engine_passive_identity_connector 3.1.0
cisco identity_services_engine_passive_identity_connector 3.1.0
cisco identity_services_engine_passive_identity_connector 3.1.0
cisco identity_services_engine_passive_identity_connector 3.2.0
cisco identity_services_engine_passive_identity_connector 3.2.0
cisco identity_services_engine_passive_identity_connector 3.2.0
cisco identity_services_engine_passive_identity_connector 3.2.0
cisco identity_services_engine_passive_identity_connector 3.2.0
cisco identity_services_engine_passive_identity_connector 3.2.0
cisco identity_services_engine_passive_identity_connector 3.2.0
cisco identity_services_engine_passive_identity_connector 3.3.0
cisco identity_services_engine_passive_identity_connector 3.3.0
cisco identity_services_engine_passive_identity_connector 3.3.0
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:identity_services_engine:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3283F4AC-CAD8-49B7-956E-05B1C1672A42",
              "versionEndExcluding": "3.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:identity_services_engine:3.1.0:-:*:*:*:*:*:*",
              "matchCriteriaId": "7A789B44-7E6C-4FE9-BD40-702A871AB8AC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:identity_services_engine:3.1.0:patch1:*:*:*:*:*:*",
              "matchCriteriaId": "93920663-445E-4456-A905-81CEC6CA1833",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:identity_services_engine:3.1.0:patch2:*:*:*:*:*:*",
              "matchCriteriaId": "33DA5BB8-4CFE-44BD-9CEB-BC26577E8477",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:identity_services_engine:3.1.0:patch3:*:*:*:*:*:*",
              "matchCriteriaId": "D3AEFA85-66B5-4145-A4AD-96D1FF86B46D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:identity_services_engine:3.1.0:patch4:*:*:*:*:*:*",
              "matchCriteriaId": "7A6A0697-6A9E-48EF-82D8-36C75E0CDFDC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:identity_services_engine:3.1.0:patch5:*:*:*:*:*:*",
              "matchCriteriaId": "E939B65A-7912-4C36-8799-03A1526D7BD3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:identity_services_engine:3.1.0:patch6:*:*:*:*:*:*",
              "matchCriteriaId": "833B438F-0869-4C0D-9952-750C00702E8D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:identity_services_engine:3.1.0:patch7:*:*:*:*:*:*",
              "matchCriteriaId": "E8B2588D-01F9-450B-B2E3-ADC4125E354E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:identity_services_engine:3.1.0:patch8:*:*:*:*:*:*",
              "matchCriteriaId": "E41016C0-19E6-4BCC-A8DD-F6C9A2B0003E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:identity_services_engine:3.1.0:patch9:*:*:*:*:*:*",
              "matchCriteriaId": "654E946A-07C5-4036-BC54-85EF42B808DD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:identity_services_engine:3.2.0:-:*:*:*:*:*:*",
              "matchCriteriaId": "7932D5D5-83E1-4BEF-845A-D0783D4BB750",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:identity_services_engine:3.2.0:patch1:*:*:*:*:*:*",
              "matchCriteriaId": "1B818846-4A6E-4256-B344-281E8C786C43",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:identity_services_engine:3.2.0:patch2:*:*:*:*:*:*",
              "matchCriteriaId": "A44858A2-922A-425A-8B38-0C47DB911A3C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:identity_services_engine:3.2.0:patch3:*:*:*:*:*:*",
              "matchCriteriaId": "53484A32-757B-42F8-B655-554C34222060",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:identity_services_engine:3.2.0:patch4:*:*:*:*:*:*",
              "matchCriteriaId": "0CCAC61F-C273-49B3-A631-31D3AE3EB148",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:identity_services_engine:3.2.0:patch5:*:*:*:*:*:*",
              "matchCriteriaId": "51AEFCE6-FB4A-4B1C-A23D-83CC3CF3FBBD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:identity_services_engine:3.2.0:patch6:*:*:*:*:*:*",
              "matchCriteriaId": "B452B4F0-8510-475E-9AE8-B48FABB4D7D3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:identity_services_engine:3.3.0:-:*:*:*:*:*:*",
              "matchCriteriaId": "F1B9C2C1-59A4-49A0-9B74-83CCB063E55D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:identity_services_engine:3.3.0:patch1:*:*:*:*:*:*",
              "matchCriteriaId": "DFD29A0B-0D75-4EAB-BCE0-79450EC75DD0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:identity_services_engine:3.3.0:patch2:*:*:*:*:*:*",
              "matchCriteriaId": "E6C94CC4-CC08-4DAF-A606-FDAFC92720A9",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:identity_services_engine_passive_identity_connector:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "BB8FD39E-819E-48CB-AD6C-2F9F6AEF600E",
              "versionEndExcluding": "3.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:identity_services_engine_passive_identity_connector:3.1.0:-:*:*:*:*:*:*",
              "matchCriteriaId": "006E0D77-534C-447F-8E97-EC0AB906D978",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:identity_services_engine_passive_identity_connector:3.1.0:patch1:*:*:*:*:*:*",
              "matchCriteriaId": "AC07A742-D194-425C-945C-3977E96B61B8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:identity_services_engine_passive_identity_connector:3.1.0:patch2:*:*:*:*:*:*",
              "matchCriteriaId": "97787372-9A0D-4916-A7A2-19237B84419F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:identity_services_engine_passive_identity_connector:3.1.0:patch3:*:*:*:*:*:*",
              "matchCriteriaId": "2E2D9D7C-A36E-489D-A2E1-ACE9E9C399BD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:identity_services_engine_passive_identity_connector:3.1.0:patch4:*:*:*:*:*:*",
              "matchCriteriaId": "3ABA57DA-78C9-489B-88E5-6E5275E53388",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:identity_services_engine_passive_identity_connector:3.1.0:patch5:*:*:*:*:*:*",
              "matchCriteriaId": "2ABFB0CE-60CF-4969-A91E-186F457C8014",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:identity_services_engine_passive_identity_connector:3.1.0:patch6:*:*:*:*:*:*",
              "matchCriteriaId": "B8CF7EF0-FBAA-47C7-8386-F67264CA8D0E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:identity_services_engine_passive_identity_connector:3.1.0:patch7:*:*:*:*:*:*",
              "matchCriteriaId": "5F08ACD7-2867-428A-966C-6509283FCA10",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:identity_services_engine_passive_identity_connector:3.1.0:patch8:*:*:*:*:*:*",
              "matchCriteriaId": "B365970F-9239-45F8-80C6-DA426FCA2E32",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:identity_services_engine_passive_identity_connector:3.1.0:patch9:*:*:*:*:*:*",
              "matchCriteriaId": "5A66142F-712F-4EFA-9FC4-E499D3015DD2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:identity_services_engine_passive_identity_connector:3.2.0:-:*:*:*:*:*:*",
              "matchCriteriaId": "50D8B7DD-14A8-4C67-8B32-E1F9C7D9C01E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:identity_services_engine_passive_identity_connector:3.2.0:patch1:*:*:*:*:*:*",
              "matchCriteriaId": "CB65DFF8-33D8-4840-8A63-7C4797FF0B51",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:identity_services_engine_passive_identity_connector:3.2.0:patch2:*:*:*:*:*:*",
              "matchCriteriaId": "890FDA62-DED9-401B-9D44-26F3624118CD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:identity_services_engine_passive_identity_connector:3.2.0:patch3:*:*:*:*:*:*",
              "matchCriteriaId": "604079BA-78F5-4D20-AF27-E7A9A899DA0C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:identity_services_engine_passive_identity_connector:3.2.0:patch4:*:*:*:*:*:*",
              "matchCriteriaId": "25344C6F-8EB6-4709-A51B-DCA26AA885E3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:identity_services_engine_passive_identity_connector:3.2.0:patch5:*:*:*:*:*:*",
              "matchCriteriaId": "51DE5AD0-5DFA-460D-B22D-0F5E367A9A28",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:identity_services_engine_passive_identity_connector:3.2.0:patch6:*:*:*:*:*:*",
              "matchCriteriaId": "683F2E87-9759-4A98-B7C9-489E74837D59",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:identity_services_engine_passive_identity_connector:3.3.0:-:*:*:*:*:*:*",
              "matchCriteriaId": "3CA3315D-8A45-43F4-A0F0-094D325F285B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:identity_services_engine_passive_identity_connector:3.3.0:patch1:*:*:*:*:*:*",
              "matchCriteriaId": "B3736136-9FD8-4B12-B119-EA15201224D9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:identity_services_engine_passive_identity_connector:3.3.0:patch2:*:*:*:*:*:*",
              "matchCriteriaId": "654ED77E-22D3-4E76-9E6D-B1581F5982F0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the API of Cisco Identity Services Engine (ISE) and Cisco ISE Passive Identity Connector (ISE-PIC) could allow an authenticated, remote attacker with administrative privileges to upload files to an affected device.\r\n\r\nThis vulnerability is due to improper validation of the file copy function. An attacker could exploit this vulnerability by sending a crafted file upload request to a specific API endpoint. A successful exploit could allow the attacker to upload arbitrary files to an affected system."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en la API de Cisco Identity Services Engine (ISE) y Cisco ISE Passive Identity Connector (ISE-PIC) podr\u00eda permitir que un atacante remoto autenticado con privilegios administrativos cargue archivos a un dispositivo afectado. Esta vulnerabilidad se debe a una validaci\u00f3n incorrecta de la funci\u00f3n de copia de archivos. Un atacante podr\u00eda explotar esta vulnerabilidad enviando una solicitud de carga de archivos manipulada a un endpoint API espec\u00edfico. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante cargar archivos arbitrarios a un sistema afectado."
    }
  ],
  "id": "CVE-2025-20130",
  "lastModified": "2025-07-22T15:47:40.783",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 4.9,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "HIGH",
          "privilegesRequired": "HIGH",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 1.2,
        "impactScore": 3.6,
        "source": "psirt@cisco.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.2,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "HIGH",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.2,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2025-06-04T17:15:25.833",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-file-upload-P4M8vwXY"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-284"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Primary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-434"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.