嗯,用户让我帮忙总结一下这篇文章的内容,控制在100个字以内,而且不需要用“文章内容总结”或者“这篇文章”这样的开头。直接写文章描述即可。 首先,我需要通读整篇文章,抓住主要信息。文章讲的是Cisco修复了一个中等严重性的漏洞,CVE-2026-20029,CVSS评分4.9。这个漏洞存在于ISE和ISE-PIC的许可证功能中,问题出在XML解析不当。 然后,漏洞的影响是怎样的呢?攻击者可以通过上传恶意文件来读取任意文件,包括敏感数据。虽然需要管理员权限,但一旦被利用,后果严重。 文章还提到这个漏洞是由于一个公开的PoC利用被披露后才修复的。此外,没有可用的解决方法,所有版本都受到影响。最后提到研究人员Bobby Gould报告了这个漏洞,并且Cisco确认有公开的PoC代码,但目前没有恶意利用的证据。 现在我要把这些信息浓缩到100字以内。要包含Cisco修复漏洞、CVE编号、影响范围、攻击方式以及PoC的存在和当前状态。 可能的结构是:Cisco修复了ISE和ISE-PIC中的一个中等严重性漏洞(CVE-2026-20029),该漏洞因XML解析不当导致攻击者上传恶意文件读取敏感数据。该漏洞在公开PoC后被修复,所有版本受影响,目前无解决方法。 </think> Cisco修复了身份服务引擎(ISE)和被动身份连接器(ISE-PIC)中的一个中等严重性漏洞(CVE-2026-20029),该漏洞因XML解析不当导致攻击者上传恶意文件读取敏感数据。此漏洞在公开PoC后被修复,所有版本受影响且无解决方法。 2026-1-8 15:4:41 Author: securityaffairs.com(查看原文) 阅读量:6 收藏
Public PoC prompts Cisco patch for ISE, ISE-PIC vulnerability
Cisco addressed a medium-severity vulnerability in ISE and ISE-PIC after a public PoC exploit was disclosed.
Cisco addressed a medium-severity vulnerability, tracked as CVE-2026-20029 (CVSS score: 4.9), in Identity Services Engine (ISE) and ISE Passive Identity Connector (ISE-PIC) after a public PoC exploit was disclosed.
The vulnerability resides in the licensing feature of Cisco ISE and ISE-PIC due to improper XML parsing in the web management interface. An authenticated remote attacker with administrative privileges could exploit it by uploading a malicious file, enabling the reading of arbitrary files on the underlying operating system that should not be accessible, even to administrators.
“A vulnerability in the licensing features of Cisco Identity Services Engine (ISE) and Cisco ISE Passive Identity Connector (ISE-PIC) could allow an authenticated, remote attacker with administrative privileges to gain access to sensitive information.” reads the advisory. “This vulnerability is due to improper parsing of XML that is processed by the web-based management interface of Cisco ISE and Cisco ISE-PIC. An attacker could exploit this vulnerability by uploading a malicious file to the application. A successful exploit could allow the attacker to read arbitrary files from the underlying operating system that could include sensitive data that should otherwise be inaccessible even to administrators. To exploit this vulnerability, the attacker must have valid administrative credentials.”
The flaw impacts all Cisco ISE and ISE-PIC deployments regardless of configuration, and no workarounds are currently available.
Below is the list of the impacted releases:
| Cisco ISE or ISE-PIC Release | First Fixed Release |
|---|---|
| Earlier than 3.2 | Migrate to a fixed release. |
| 3.2 | 3.2 Patch 8 |
| 3.3 | 3.3 Patch 8 |
| 3.4 | 3.4 Patch 4 |
| 3.5 | Not vulnerable. |
The researcher Bobby Gould of Trend Micro Zero Day Initiative reported the flaw.
Cisco PSIRT confirms public PoC exploit code exists for the flaw but reports no evidence of active malicious exploitation so far.
“The Cisco PSIRT is aware that proof-of-concept exploit code is available for the vulnerability described in this advisory.The Cisco PSIRT is not aware of any malicious use of the vulnerability that is described in this advisory.” concludes the report.
Follow me on Twitter: @securityaffairs and Facebook and Mastodon
(SecurityAffairs – hacking, ISE)
如有侵权请联系:admin#unsafe.sh