CVE-2026-20195 | THREATINT

Description

A vulnerability in an identity management API endpoint of Cisco ISE could allow an unauthenticated, remote attacker to enumerate valid user accounts on an affected device. This vulnerability exists because error messages are observed when the affected API endpoint is called. An attacker could exploit this vulnerability by sending a series of crafted requests to the affected endpoint and analyzing the differentiated responses. A successful exploit could allow the attacker to compile a list of valid usernames on an affected system.

PUBLISHED Reserved 2025-10-08 | Published 2026-05-06 | Updated 2026-05-06 | Assigner cisco

MEDIUM: 5.3CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Problem types

Observable Response Discrepancy

Product status

Default status

unknown

3.3.0

affected

3.3 Patch 2

affected

3.3 Patch 1

affected

3.3 Patch 3

affected

3.4.0

affected

3.3 Patch 4

affected

3.4 Patch 1

affected

3.3 Patch 5

affected

3.3 Patch 6

affected

3.4 Patch 2

affected

3.3 Patch 7

affected

3.4 Patch 3

affected

3.5.0

affected

3.4 Patch 4

affected

3.3 Patch 8

affected

3.5 Patch 1

affected

3.3 Patch 9

affected

3.4 Patch 5

affected

3.5 Patch 3

affected

3.5 Patch 2

affected

3.3 Patch 10

affected

References

sec.cloudapps.cisco.com/...sco-sa-ise-unauth-bypass-uxjRXGpb (cisco-sa-ise-unauth-bypass-uxjRXGpb)

cve.org (CVE-2026-20195)

nvd.nist.gov (CVE-2026-20195)

Download JSON