Cisco ISE ERS InternalUser command injection

Added: 07/17/2025

Background

Cisco Identity Services Engine (ISE) is a centralized user access control which provides network access policy for end users whether they connect through a wired or wireless network or by VPN.

Problem

A vulnerability in the Cisco ISE ERS API could allow remote, unauthenticated attackers to inject arbitrary commands in a request to the InternalUser resource.

Resolution

Apply Cisco ISE 3.3 Patch 7 or Cisco ISE 3.4 Patch 2 or higher.

References

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-unauth-rce-ZAd2GnJ6

Platforms

Linux

Back to exploit index