← Home
Cisco Identity Services Engine Remote Code Execution and Path Traversal Vulnerabilities
Source: cisco / cisco-sa-ise-rce-traversal-8bYndVrZ
— original advisory
Published: 2026-04-15
· Last updated: 2026-04-28
· Vendor severity: Critical
CVEs
| CVE | CVSS | CWE | Exploitation |
| CVE-2026-20147 |
9.9 |
CWE-22: Path Traversal |
Not observed in the wild |
| CVE-2026-20148 |
9.9 |
CWE-22: Path Traversal |
Not observed in the wild |
Affected Products
| Product | Affected versions | Fixed version |
| Cisco Identity Services Engine Software |
Not specified by vendor |
Not specified by vendor |
| Cisco ISE Passive Identity Connector |
Not specified by vendor |
Not specified by vendor |