Vulnerability Description
A vulnerability in the API of Cisco Identity Services Engine (ISE) and Cisco ISE Passive Identity Connector (ISE-PIC) could allow an authenticated, remote attacker with administrative privileges to upload files to an affected device. This vulnerability is due to improper validation of the file copy function. An attacker could exploit this vulnerability by sending a crafted file upload request to a specific API endpoint. A successful exploit could allow the attacker to upload arbitrary files to an affected system.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Cisco | Identity Services Engine | < 3.1.0 |
| Cisco | Identity Services Engine Passive Identity Connector | < 3.1.0 |
Related Weaknesses (CWE)
References
FAQ
What is CVE-2025-20130?
CVE-2025-20130 is a vulnerability with a CVSS score of 4.9 (MEDIUM). A vulnerability in the API of Cisco Identity Services Engine (ISE) and Cisco ISE Passive Identity Connector (ISE-PIC) could allow an authenticated, remote attacker with administrative privileges to up...
How severe is CVE-2025-20130?
CVE-2025-20130 has been rated MEDIUM with a CVSS base score of 4.9/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2025-20130?
Check the references section above for vendor advisories and patch information. Affected products include: Cisco Identity Services Engine, Cisco Identity Services Engine Passive Identity Connector.