{"api_version":"1","generated_at":"2026-05-12T23:15:56+00:00","cve":"CVE-2026-20195","urls":{"html":"https://cve.report/CVE-2026-20195","api":"https://cve.report/api/cve/CVE-2026-20195.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2026-20195","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2026-20195"},"summary":{"title":"Cisco Identity Services Engine Observable Response Discrepancy Vulnerability","description":"A vulnerability in an identity management API endpoint of Cisco ISE could allow an unauthenticated, remote attacker to enumerate valid user accounts on an affected device.\r\n\r\nThis vulnerability exists because error messages are observed when the affected API endpoint is called. An attacker could exploit this vulnerability by sending a series of crafted requests to the affected endpoint and analyzing the differentiated responses. A successful exploit could allow the attacker to compile a list of valid usernames on an affected system.","state":"PUBLISHED","assigner":"cisco","published_at":"2026-05-06 17:16:21","updated_at":"2026-05-06 18:59:53"},"problem_types":["CWE-204","CWE-204 Observable Response Discrepancy"],"metrics":[{"version":"3.1","source":"psirt@cisco.com","type":"Primary","score":"5.3","severity":"MEDIUM","vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N","data":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"}},{"version":"3.1","source":"CNA","type":"CVSSV3_1","score":"5.3","severity":"MEDIUM","vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N","data":{"attackComplexity":"LOW","attackVector":"NETWORK","availabilityImpact":"NONE","baseScore":5.3,"baseSeverity":"MEDIUM","confidentialityImpact":"LOW","integrityImpact":"NONE","privilegesRequired":"NONE","scope":"UNCHANGED","userInteraction":"NONE","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N","version":"3.1"}}],"references":[{"url":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-unauth-bypass-uxjRXGpb","name":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-unauth-bypass-uxjRXGpb","refsource":"psirt@cisco.com","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://www.cve.org/CVERecord?id=CVE-2026-20195","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-20195","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[{"source":"CNA","vendor":"Cisco","product":"Cisco Identity Services Engine Software","version":"affected 3.3.0","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Identity Services Engine Software","version":"affected 3.3 Patch 2","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Identity Services Engine Software","version":"affected 3.3 Patch 1","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Identity Services Engine Software","version":"affected 3.3 Patch 3","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Identity Services Engine Software","version":"affected 3.4.0","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Identity Services Engine Software","version":"affected 3.3 Patch 4","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Identity Services Engine Software","version":"affected 3.4 Patch 1","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Identity Services Engine Software","version":"affected 3.3 Patch 5","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Identity Services Engine Software","version":"affected 3.3 Patch 6","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Identity Services Engine Software","version":"affected 3.4 Patch 2","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Identity Services Engine Software","version":"affected 3.3 Patch 7","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Identity Services Engine Software","version":"affected 3.4 Patch 3","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Identity Services Engine Software","version":"affected 3.5.0","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Identity Services Engine Software","version":"affected 3.4 Patch 4","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Identity Services Engine Software","version":"affected 3.3 Patch 8","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Identity Services Engine Software","version":"affected 3.5 Patch 1","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Identity Services Engine Software","version":"affected 3.3 Patch 9","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Identity Services Engine Software","version":"affected 3.4 Patch 5","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Identity Services Engine Software","version":"affected 3.5 Patch 3","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Identity Services Engine Software","version":"affected 3.5 Patch 2","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Identity Services Engine Software","version":"affected 3.3 Patch 10","platforms":[]}],"timeline":[],"solutions":[],"workarounds":[],"exploits":[{"source":"CNA","title":"","value":"The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory.","time":"","lang":"en"}],"credits":[],"nvd_cpes":[],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[]},"source_records":{"cve_program":{"containers":{"adp":[{"metrics":[{"other":{"content":{"id":"CVE-2026-20195","options":[{"Exploitation":"none"},{"Automatable":"yes"},{"Technical Impact":"partial"}],"role":"CISA Coordinator","timestamp":"2026-05-06T17:34:47.638851Z","version":"2.0.3"},"type":"ssvc"}}],"providerMetadata":{"dateUpdated":"2026-05-06T17:48:38.355Z","orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP"},"title":"CISA ADP Vulnrichment"}],"cna":{"affected":[{"defaultStatus":"unknown","product":"Cisco Identity Services Engine Software","vendor":"Cisco","versions":[{"status":"affected","version":"3.3.0"},{"status":"affected","version":"3.3 Patch 2"},{"status":"affected","version":"3.3 Patch 1"},{"status":"affected","version":"3.3 Patch 3"},{"status":"affected","version":"3.4.0"},{"status":"affected","version":"3.3 Patch 4"},{"status":"affected","version":"3.4 Patch 1"},{"status":"affected","version":"3.3 Patch 5"},{"status":"affected","version":"3.3 Patch 6"},{"status":"affected","version":"3.4 Patch 2"},{"status":"affected","version":"3.3 Patch 7"},{"status":"affected","version":"3.4 Patch 3"},{"status":"affected","version":"3.5.0"},{"status":"affected","version":"3.4 Patch 4"},{"status":"affected","version":"3.3 Patch 8"},{"status":"affected","version":"3.5 Patch 1"},{"status":"affected","version":"3.3 Patch 9"},{"status":"affected","version":"3.4 Patch 5"},{"status":"affected","version":"3.5 Patch 3"},{"status":"affected","version":"3.5 Patch 2"},{"status":"affected","version":"3.3 Patch 10"}]}],"descriptions":[{"lang":"en","value":"A vulnerability in an identity management API endpoint of Cisco ISE could allow an unauthenticated, remote attacker to enumerate valid user accounts on an affected device.\r\n\r\nThis vulnerability exists because error messages are observed when the affected API endpoint is called. An attacker could exploit this vulnerability by sending a series of crafted requests to the affected endpoint and analyzing the differentiated responses. A successful exploit could allow the attacker to compile a list of valid usernames on an affected system."}],"exploits":[{"lang":"en","value":"The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."}],"metrics":[{"cvssV3_1":{"attackComplexity":"LOW","attackVector":"NETWORK","availabilityImpact":"NONE","baseScore":5.3,"baseSeverity":"MEDIUM","confidentialityImpact":"LOW","integrityImpact":"NONE","privilegesRequired":"NONE","scope":"UNCHANGED","userInteraction":"NONE","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N","version":"3.1"},"format":"cvssV3_1"}],"problemTypes":[{"descriptions":[{"cweId":"CWE-204","description":"Observable Response Discrepancy","lang":"en","type":"cwe"}]}],"providerMetadata":{"dateUpdated":"2026-05-06T16:14:54.611Z","orgId":"d1c1063e-7a18-46af-9102-31f8928bc633","shortName":"cisco"},"references":[{"name":"cisco-sa-ise-unauth-bypass-uxjRXGpb","url":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-unauth-bypass-uxjRXGpb"}],"source":{"advisory":"cisco-sa-ise-unauth-bypass-uxjRXGpb","defects":["CSCwr77445"],"discovery":"EXTERNAL"},"title":"Cisco Identity Services Engine Observable Response Discrepancy Vulnerability"}},"cveMetadata":{"assignerOrgId":"d1c1063e-7a18-46af-9102-31f8928bc633","assignerShortName":"cisco","cveId":"CVE-2026-20195","datePublished":"2026-05-06T16:14:54.611Z","dateReserved":"2025-10-08T11:59:15.396Z","dateUpdated":"2026-05-06T17:48:38.355Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.2"},"nvd":{"publishedDate":"2026-05-06 17:16:21","lastModifiedDate":"2026-05-06 18:59:53","problem_types":["CWE-204","CWE-204 Observable Response Discrepancy"],"metrics":{"cvssMetricV31":[{"source":"psirt@cisco.com","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":1.4}]},"configurations":[]},"legacy_mitre":{"record":{"CveYear":"2026","CveId":"20195","Ordinal":"1","Title":"Cisco Identity Services Engine Observable Response Discrepancy V","CVE":"CVE-2026-20195","Year":"2026"},"notes":[{"CveYear":"2026","CveId":"20195","Ordinal":"1","NoteData":"A vulnerability in an identity management API endpoint of Cisco ISE could allow an unauthenticated, remote attacker to enumerate valid user accounts on an affected device.\r\n\r\nThis vulnerability exists because error messages are observed when the affected API endpoint is called. An attacker could exploit this vulnerability by sending a series of crafted requests to the affected endpoint and analyzing the differentiated responses. A successful exploit could allow the attacker to compile a list of valid usernames on an affected system.","Type":"Description","Title":"Cisco Identity Services Engine Observable Response Discrepancy V"}]}}}