Vulnerability Description
A vulnerability in an API of Cisco ISE could allow an authenticated, remote attacker with valid read-only credentials to obtain sensitive information, change node configurations, and restart the node. This vulnerability is due to a lack of authorization in a specific API and improper validation of user-supplied data. An attacker could exploit this vulnerability by sending a crafted HTTP request to a specific API on the device. A successful exploit could allow the attacker to attacker to obtain information, modify system configuration, and reload the device. Note: To successfully exploit this vulnerability, the attacker must have valid read-only administrative credentials. In a single-node deployment, new devices will not be able to authenticate during the reload time.
CVSS Score
CRITICAL
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Cisco | Identity Services Engine | < 3.1 |
Related Weaknesses (CWE)
References
FAQ
What is CVE-2025-20125?
CVE-2025-20125 is a vulnerability with a CVSS score of 9.1 (CRITICAL). A vulnerability in an API of Cisco ISE could allow an authenticated, remote attacker with valid read-only credentials to obtain sensitive information, change node configurations, and restart the node....
How severe is CVE-2025-20125?
CVE-2025-20125 has been rated CRITICAL with a CVSS base score of 9.1/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2025-20125?
Check the references section above for vendor advisories and patch information. Affected products include: Cisco Identity Services Engine.