**Name of the Vulnerable Software and Affected Versions:**

Cisco Identity Services Engine (ISE) versions 3.3 and 3.4

Cisco ISE-PIC versions 3.3 and 3.4

**Description:**

A critical vulnerability exists in a specific API within Cisco ISE and Cisco ISE-PIC due to insufficient validation of user-supplied input. This allows an unauthenticated, remote attacker to execute arbitrary code on the underlying operating system with root privileges by submitting a crafted API request. No valid credentials are required for exploitation.

**Recommendations:**

Cisco Identity Services Engine version 3.3: Upgrade to Patch 7 or later.

Cisco Identity Services Engine version 3.4: Upgrade to Patch 2 or later.

Cisco ISE-PIC version 3.3: Upgrade to Patch 7 or later.

Cisco ISE-PIC version 3.4: Upgrade to Patch 2 or later.