CVE-2026-20148
Received Received - Intake
Path Traversal in Cisco ISE Allows Arbitrary File Access

Publication date: 2026-04-15

Last updated on: 2026-04-15

Assigner: Cisco Systems, Inc.

Description
A vulnerability in Cisco ISE and Cisco ISE-PIC could allow an authenticated, remote attacker to perform path traversal attacks on the underlying operating system and read arbitrary files. To exploit this vulnerability, the attacker must have valid administrative credentials. This vulnerability is due to improper validation of user-supplied input. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected system. A successful exploit could allow the attacker to access sensitive files on the affected system.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-04-15
Last Modified
2026-04-15
Generated
2026-06-16
AI Q&A
2026-04-15
EPSS Evaluated
2026-06-15
NVD
CVE-2026-20148
EUVD
EUVD-2026-22963
Affected Vendors & Products
Showing 7 associated CPEs
Vendor Product Version / Range
cisco ise 3.1
cisco ise 3.2
cisco ise 3.3
cisco ise 3.4
cisco ise 3.5
cisco ise *
cisco ise-pic *
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-22 The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

CVE-2026-20148 is a path traversal vulnerability affecting Cisco Identity Services Engine (ISE) and Cisco ISE Passive Identity Connector (ISE-PIC). It allows an authenticated remote attacker with valid administrative credentials to send specially crafted HTTP requests that exploit improper validation of user-supplied input.

By exploiting this vulnerability, the attacker can perform path traversal attacks on the underlying operating system, enabling them to read arbitrary files on the affected system.

Impact Analysis

This vulnerability can impact you by allowing an authenticated attacker to access sensitive files on your system without authorization. Since the attacker must have valid administrative credentials, the risk involves misuse of privileged access.

The ability to read arbitrary files could lead to exposure of confidential information, potentially compromising system security and privacy.

There are no workarounds available; the only way to remediate this vulnerability is by applying the fixed software updates provided by Cisco.

Detection Guidance

This vulnerability requires an authenticated attacker with valid administrative credentials to exploit it by sending crafted HTTP requests to the affected Cisco ISE or ISE-PIC systems.

There are no specific detection commands or network signatures provided in the available information to identify exploitation attempts or presence of this vulnerability.

Detection would typically involve monitoring for unusual or unauthorized administrative HTTP requests or reviewing logs for suspicious activity involving path traversal patterns, but no explicit commands or tools are mentioned.

Mitigation Strategies

The only effective mitigation for this vulnerability is to upgrade affected Cisco ISE and Cisco ISE-PIC systems to the fixed software releases provided by Cisco.

  • Upgrade to Cisco ISE 3.1 Patch 11 or later.
  • Upgrade to Cisco ISE 3.2 Patch 10 or later.
  • Upgrade to Cisco ISE 3.3 Patch 11 or later.
  • Upgrade to Cisco ISE 3.4 Patch 6 or later.
  • Upgrade to Cisco ISE 3.5 Patch 3 or later.

No workarounds or other mitigations are available; timely software updates are critical to prevent exploitation.

Compliance Impact

This vulnerability allows an authenticated attacker with administrative credentials to perform path traversal attacks and read arbitrary files on the affected system. Such unauthorized access to sensitive files could potentially lead to exposure of personal or protected data.

Because the vulnerability enables access to sensitive information, it could impact compliance with data protection regulations such as GDPR and HIPAA, which require safeguarding sensitive and personal data against unauthorized access.

However, the provided information does not explicitly discuss compliance implications or specific regulatory impacts.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-20148. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart