Identity Management API Vulnerability in Cisco ISE
CVE-2026-20195

5.3MEDIUM

Key Information:

Vendor: Cisco
Status: Cisco Identity Services Engine Software
Vendor: CVE Published:; 6 May 2026

Badges

👾 Exploit Exists

What is CVE-2026-20195?

A vulnerability exists in the identity management API endpoint of Cisco Identity Services Engine (ISE) that allows an unauthorized remote attacker to enumerate valid user accounts. This flaw arises from improper error handling, which reveals differentiated responses when the API endpoint receives certain crafted requests. An attacker can exploit this weakness by making consecutive requests to the endpoint and analyzing the resulting messages, thereby compiling a list of legitimate usernames on the device. Mitigation measures are essential to protect against unauthorized access and the potential exposure of sensitive user information.

Affected Version(s)

Cisco Identity Services Engine Software 3.3.0

Cisco Identity Services Engine Software 3.3 Patch 2

Cisco Identity Services Engine Software 3.3 Patch 1

References

https://sec.cloudapps.cisco.com/security/center/content/C...

CVSS V3.1

Score:

5.3

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

None

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

👾
Exploit known to exist
May 6, 2026
Vulnerability published
May 6, 2026
Vulnerability Reserved
Oct 8, 2025

CVE-2026-20195 Data

JSON