Vulnerabilites related to cisco - 807_industrial_integrated_services_router
Vulnerability from fkie_nvd
Published
2022-04-15 15:15
Modified
2024-11-21 06:43
Severity ?
5.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:H/A:N
4.8 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
4.8 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
Summary
Multiple vulnerabilities in the Cisco IOx application hosting environment on multiple Cisco platforms could allow an attacker to inject arbitrary commands into the underlying host operating system, execute arbitrary code on the underlying host operating system, install applications without being authenticated, or conduct a cross-site scripting (XSS) attack against a user of the affected software. For more information about these vulnerabilities, see the Details section of this advisory.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:cgr1000_compute_module:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EBD4C0D6-AB7B-48B5-B1BD-8EBAEAC51524",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:ic3000_industrial_compute_gateway:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6E9AF42D-A861-4585-8FA6-28BD3623681E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:ir510_operating_system:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A90577A5-5077-4A3C-87D8-63A77B7FBE30",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.2\\(5\\)e1:*:*:*:*:*:*:*",
"matchCriteriaId": "E027FB12-862F-413E-AA2B-4BBD90AE3650",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.2\\(5\\)e2c:*:*:*:*:*:*:*",
"matchCriteriaId": "E7131776-5DEB-4B96-8483-B81B538E24FA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.2\\(6\\)e0a:*:*:*:*:*:*:*",
"matchCriteriaId": "C5B78669-3B28-4F1D-993D-85282A7D0E96",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.2\\(6\\)e1:*:*:*:*:*:*:*",
"matchCriteriaId": "D3C73A3A-4B84-476F-AC3C-81DCB527E29A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.2\\(6\\)e2a:*:*:*:*:*:*:*",
"matchCriteriaId": "1758F264-96F9-4EE9-9CA9-AD5407885547",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.2\\(7\\)e:*:*:*:*:*:*:*",
"matchCriteriaId": "6437E689-A049-4D48-AB7A-49CA7EBDE8B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.2\\(7\\)e0b:*:*:*:*:*:*:*",
"matchCriteriaId": "A4C12918-E5BB-465E-9DA4-06B7351DD805",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.2\\(7\\)e0s:*:*:*:*:*:*:*",
"matchCriteriaId": "4862C453-8BD7-4D53-B2D6-CE3E44A4915A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.6\\(1\\)t1:*:*:*:*:*:*:*",
"matchCriteriaId": "EF662E36-0831-4892-850F-844B0E0B54DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.6\\(1\\)t2:*:*:*:*:*:*:*",
"matchCriteriaId": "1E71F49D-E405-4AB4-9188-DA7B338DFD7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.6\\(1\\)t3:*:*:*:*:*:*:*",
"matchCriteriaId": "204B0A52-F6AB-406B-B46D-E92F2D7D87F7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.6\\(2\\)t:*:*:*:*:*:*:*",
"matchCriteriaId": "09578DDF-5D13-47C1-9BD1-A1A8B9B0C87D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.6\\(2\\)t0a:*:*:*:*:*:*:*",
"matchCriteriaId": "6DDCF08B-3A61-4B3D-BF35-ABB5F11EA7E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.6\\(2\\)t1:*:*:*:*:*:*:*",
"matchCriteriaId": "5BBF8B70-DFBE-4F6E-83F0-171F03E97606",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.6\\(2\\)t2:*:*:*:*:*:*:*",
"matchCriteriaId": "CA55D660-66C6-4278-8C27-25DB2712CC1A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.6\\(2\\)t3:*:*:*:*:*:*:*",
"matchCriteriaId": "5609B342-D98E-4850-A0FE-810699A80A1F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.6\\(3\\)m:*:*:*:*:*:*:*",
"matchCriteriaId": "8320F23D-F6BE-405B-B645-1CEB984E8267",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.6\\(3\\)m0a:*:*:*:*:*:*:*",
"matchCriteriaId": "4CE2670E-8C17-448D-A5BD-5A4FBCAEC35A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.6\\(3\\)m1:*:*:*:*:*:*:*",
"matchCriteriaId": "C7C5C705-6A8C-4834-9D24-CFE26A232C15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.6\\(3\\)m1a:*:*:*:*:*:*:*",
"matchCriteriaId": "691BA27E-77AB-4A30-916D-3BB916B05298",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.6\\(3\\)m1b:*:*:*:*:*:*:*",
"matchCriteriaId": "CC270E40-CABA-44B4-B4DD-E9C47A97770B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.6\\(3\\)m2:*:*:*:*:*:*:*",
"matchCriteriaId": "EC1DB8C1-7F7D-4562-A317-87E925CAD524",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.6\\(3\\)m2a:*:*:*:*:*:*:*",
"matchCriteriaId": "1A1887D9-E339-4DC6-BE24-A5FF15438B2F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.6\\(3\\)m3:*:*:*:*:*:*:*",
"matchCriteriaId": "8AB2645F-C3BF-458F-9D07-6D66E1953730",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.6\\(3\\)m3a:*:*:*:*:*:*:*",
"matchCriteriaId": "1B2303A3-CAF1-4DBA-BB6E-F205C23DCE6D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.6\\(3\\)m4:*:*:*:*:*:*:*",
"matchCriteriaId": "686FD45C-7722-4D98-A6D7-C36CAC56A4AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.6\\(3\\)m5:*:*:*:*:*:*:*",
"matchCriteriaId": "871E33AC-B469-47BA-9317-DC9E3E9BF5C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.6\\(3\\)m6:*:*:*:*:*:*:*",
"matchCriteriaId": "C4091CAC-BFAA-404C-A827-4DA9EADDF621",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.6\\(3\\)m6a:*:*:*:*:*:*:*",
"matchCriteriaId": "E0DA9FCA-4166-4084-96AF-E82CC4A4DB25",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.6\\(3\\)m6b:*:*:*:*:*:*:*",
"matchCriteriaId": "369A99E0-3451-41D1-8C56-5352EA689950",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.6\\(3\\)m7:*:*:*:*:*:*:*",
"matchCriteriaId": "33D4A7FA-E4E0-49C2-97FD-A547A1612F75",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.6\\(3\\)m8:*:*:*:*:*:*:*",
"matchCriteriaId": "DA0B918F-A28C-4B5A-A566-6E588B4F6696",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.6\\(3\\)m9:*:*:*:*:*:*:*",
"matchCriteriaId": "436114F2-D906-4469-99C4-10B75253B3D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.7\\(3\\)m:*:*:*:*:*:*:*",
"matchCriteriaId": "9C8A00BF-4522-467B-A96E-5C33623DCA2D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.7\\(3\\)m0a:*:*:*:*:*:*:*",
"matchCriteriaId": "D2A434E7-B27C-4663-BE83-39A650D22D26",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.7\\(3\\)m1:*:*:*:*:*:*:*",
"matchCriteriaId": "47C106CF-CBD3-4630-8E77-EDB1643F97E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.7\\(3\\)m2:*:*:*:*:*:*:*",
"matchCriteriaId": "A1DB7943-5CE1-44F6-B093-5EA65BF71A59",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.7\\(3\\)m3:*:*:*:*:*:*:*",
"matchCriteriaId": "64404B00-4956-47B8-ACDB-88E365E97212",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.7\\(3\\)m4:*:*:*:*:*:*:*",
"matchCriteriaId": "6FE6A696-5CBC-4552-A54E-55C21BC74D7A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.7\\(3\\)m4a:*:*:*:*:*:*:*",
"matchCriteriaId": "41237041-1D82-4C6C-BF48-ECEDF9DB08C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.7\\(3\\)m4b:*:*:*:*:*:*:*",
"matchCriteriaId": "CAB72CA3-088E-4EFE-BE1C-190C64101851",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.7\\(3\\)m5:*:*:*:*:*:*:*",
"matchCriteriaId": "FA584AC4-96AB-4026-84DF-F44F3B97F7E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.7\\(3\\)m6:*:*:*:*:*:*:*",
"matchCriteriaId": "22EB41FD-4DE2-4753-A18C-C877B81B51D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.7\\(3\\)m7:*:*:*:*:*:*:*",
"matchCriteriaId": "158EDE62-04C9-471B-B243-309D49583E67",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.7\\(3\\)m8:*:*:*:*:*:*:*",
"matchCriteriaId": "D8609F10-2B43-4BDC-AAF1-80D589910EF4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.7\\(3\\)m9:*:*:*:*:*:*:*",
"matchCriteriaId": "270A1FF4-8541-4026-AE2D-7D500DC401E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.8\\(3\\)m:*:*:*:*:*:*:*",
"matchCriteriaId": "5A58C01B-459E-432F-A49F-68EC45EE6E14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.8\\(3\\)m0a:*:*:*:*:*:*:*",
"matchCriteriaId": "D8DFE673-9A5E-4369-A7BB-3DE7F8E503C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.8\\(3\\)m0b:*:*:*:*:*:*:*",
"matchCriteriaId": "4125EE35-ED52-4350-A4CE-E90EA8ED6BAD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.8\\(3\\)m1:*:*:*:*:*:*:*",
"matchCriteriaId": "56AD5BA0-4D08-4A92-88BE-60AF29BC35CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.8\\(3\\)m1a:*:*:*:*:*:*:*",
"matchCriteriaId": "2881C5EA-0AC7-4074-A4FD-9FA33E3F60A4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.8\\(3\\)m2:*:*:*:*:*:*:*",
"matchCriteriaId": "198FF520-7631-49D9-B8A8-2E64F6237CC0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.8\\(3\\)m2a:*:*:*:*:*:*:*",
"matchCriteriaId": "94E067E8-552B-4691-9F6A-C5E8766287BE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.8\\(3\\)m3:*:*:*:*:*:*:*",
"matchCriteriaId": "3C4162EC-90DE-4194-8ABC-55CCB8C24FF6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.8\\(3\\)m3a:*:*:*:*:*:*:*",
"matchCriteriaId": "405CC56E-574F-4983-B492-C8811FAF06E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.8\\(3\\)m3b:*:*:*:*:*:*:*",
"matchCriteriaId": "B1829074-66F9-4B3B-A084-B88D838CFC44",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.8\\(3\\)m4:*:*:*:*:*:*:*",
"matchCriteriaId": "6715A135-61A7-4E56-948D-8A8D5F7C98C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.8\\(3\\)m5:*:*:*:*:*:*:*",
"matchCriteriaId": "4C836C26-DBC1-42CB-9B73-9F248D4F2B6A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.8\\(3\\)m6:*:*:*:*:*:*:*",
"matchCriteriaId": "B2CC4602-D1F5-4843-991A-2903C8336251",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.8\\(3\\)m7:*:*:*:*:*:*:*",
"matchCriteriaId": "7BCCD64D-D73C-45FE-B49C-F79E23431B37",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.9\\(3\\)m:*:*:*:*:*:*:*",
"matchCriteriaId": "EEFE8A85-7F63-4E4C-A3FE-7B7E27AD1DF4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.9\\(3\\)m0a:*:*:*:*:*:*:*",
"matchCriteriaId": "0807458A-2453-4575-AE19-0DE15E04B88C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.9\\(3\\)m1:*:*:*:*:*:*:*",
"matchCriteriaId": "9BA0A0E0-A9D8-4FC3-88BD-FA0E7290A9A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.9\\(3\\)m2:*:*:*:*:*:*:*",
"matchCriteriaId": "6A1AF57E-79E9-40F2-817A-5E7D2760F1E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.9\\(3\\)m2a:*:*:*:*:*:*:*",
"matchCriteriaId": "BEF9CEA3-054B-4469-A10F-DFCB9057E5E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.9\\(3\\)m3:*:*:*:*:*:*:*",
"matchCriteriaId": "B8313597-49A9-4918-B8D5-8E53C5C9AFAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.9\\(3\\)m3a:*:*:*:*:*:*:*",
"matchCriteriaId": "31D6B0E4-92F1-42FD-92DA-887D3D38CEBD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.9\\(3\\)m3b:*:*:*:*:*:*:*",
"matchCriteriaId": "13C6DA27-2445-4850-B0EF-82EE8C01C0B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.9\\(3\\)m4:*:*:*:*:*:*:*",
"matchCriteriaId": "63BEFCC8-CC04-4C41-B31A-BF01E40FA1AE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:15.9\\(3\\)m4a:*:*:*:*:*:*:*",
"matchCriteriaId": "F0E473CF-FE4B-4DBE-9EBE-337AE415FA4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "296636F1-9242-429B-8472-90352C056106",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.3.1a:*:*:*:*:*:*:*",
"matchCriteriaId": "77993343-0394-413F-ABF9-C1215E9AD800",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "283971DD-DD58-4A76-AC2A-F316534ED416",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "A8F324A5-4830-482E-A684-AB3B6594CEAE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "E8120196-8648-49D0-8262-CD4C9C90C37A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "33E7CCE2-C685-4019-9B55-B3BECB3E5F76",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.3.5b:*:*:*:*:*:*:*",
"matchCriteriaId": "0699DD6E-BA74-4814-93AB-300329C9D032",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "C2E2D781-2684-45F1-AC52-636572A0DCA8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "479FB47B-AF2E-4FCB-8DE0-400BF325666C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.3.8:*:*:*:*:*:*:*",
"matchCriteriaId": "DF2B4C78-5C31-4F3D-9639-305E15576E79",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.3.9:*:*:*:*:*:*:*",
"matchCriteriaId": "2C09F0A2-B21F-40ED-A6A8-9A29D6E1C6A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "32BA13F4-EF9C-4368-B8B1-9FD9FAF5CEFF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.3.11:*:*:*:*:*:*:*",
"matchCriteriaId": "13CB889F-B064-4CAC-99AC-903745ACA566",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "77E8AF15-AB46-4EAB-8872-8C55E8601599",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "957318BE-55D4-4585-AA52-C813301D01C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "8F11B703-8A0F-47ED-AA70-951FF78B94A4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FE7B2557-821D-4E05-B5C3-67192573D97D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.5.1a:*:*:*:*:*:*:*",
"matchCriteriaId": "5EE6EC32-51E4-43A3-BFB9-A0D842D08E87",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.5.1b:*:*:*:*:*:*:*",
"matchCriteriaId": "187F699A-AF2F-42B0-B855-27413140C384",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "7E0B905E-4D92-4FD6-B2FF-41FF1F59A948",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "62EDEC28-661E-42EF-88F0-F62D0220D2E5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F821EBD7-91E2-4460-BFAF-18482CF6CB8C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E36D2D24-8F63-46DE-AC5F-8DE33332EBC6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "C9B825E6-5929-4890-BDBA-4CF4BD2314C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.6.4:*:*:*:*:*:*:*",
"matchCriteriaId": "65020120-491D-46CD-8C73-974B6F4C11E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.6.4a:*:*:*:*:*:*:*",
"matchCriteriaId": "7ADDCD0A-6168-45A0-A885-76CC70FE2FC7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.6.4s:*:*:*:*:*:*:*",
"matchCriteriaId": "3F35C623-6043-43A6-BBAA-478E185480CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "D83E34F4-F4DD-49CC-9C95-93F9D4D26B42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.6.5a:*:*:*:*:*:*:*",
"matchCriteriaId": "D2833EAE-94C8-4279-A244-DDB6E2D15DC2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.6.5b:*:*:*:*:*:*:*",
"matchCriteriaId": "4B688E46-5BAD-4DEC-8B13-B184B141B169",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.6.6:*:*:*:*:*:*:*",
"matchCriteriaId": "8C8F50DB-3A80-4D89-9F7B-86766D37338B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.6.7:*:*:*:*:*:*:*",
"matchCriteriaId": "DBFC70A2-87BC-4898-BCF3-57F7B1DD5F10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.6.7a:*:*:*:*:*:*:*",
"matchCriteriaId": "3F13F583-F645-4DF0-A075-B4F19D71D128",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.6.8:*:*:*:*:*:*:*",
"matchCriteriaId": "CB8DA556-ABF3-48D0-95B8-E57DBE1B5A09",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.6.9:*:*:*:*:*:*:*",
"matchCriteriaId": "01B53828-C520-4845-9C14-6C7D50EAA3A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.6.10:*:*:*:*:*:*:*",
"matchCriteriaId": "20F23DB7-6F8E-470A-9B43-0ACEEF331C38",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "623BF701-ADC9-4F24-93C5-043A6A7FEF5F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.7.1a:*:*:*:*:*:*:*",
"matchCriteriaId": "E5311FBE-12BF-41AC-B8C6-D86007834863",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.7.1b:*:*:*:*:*:*:*",
"matchCriteriaId": "52FB055E-72F9-4CB7-A51D-BF096BD1A55D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "0FBD681F-7969-42BE-A47E-7C287755DCB5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "98255E6F-3056-487D-9157-403836EFB9D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.7.4:*:*:*:*:*:*:*",
"matchCriteriaId": "521ACFB0-4FB2-44DB-AD7B-C27F9059DE66",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "57D4F634-03D5-4D9F-901C-7E9CE45F2F38",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.8.1a:*:*:*:*:*:*:*",
"matchCriteriaId": "4463A1D1-E169-4F0B-91B2-FA126BB444CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.8.1b:*:*:*:*:*:*:*",
"matchCriteriaId": "D97F69C3-CAA6-491C-A0B6-6DC12B5AB472",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.8.1c:*:*:*:*:*:*:*",
"matchCriteriaId": "CDD58C58-1B0C-4A71-8C02-F555CEF9C253",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.8.1d:*:*:*:*:*:*:*",
"matchCriteriaId": "96852D16-AF50-4C70-B125-D2349E6765D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.8.1e:*:*:*:*:*:*:*",
"matchCriteriaId": "A15B882A-BA60-4932-A55E-F4A798B30EEB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.8.1s:*:*:*:*:*:*:*",
"matchCriteriaId": "5C9C585C-A6EC-4385-B915-046C110BF95F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.8.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5EC2EE60-4A07-4D92-B9BC-BF07CF4F2BE9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.8.3:*:*:*:*:*:*:*",
"matchCriteriaId": "47DBE4ED-1CD8-4134-9B33-17A91F44F17B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "119A964D-ABC8-424D-8097-85B832A833BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.9.1a:*:*:*:*:*:*:*",
"matchCriteriaId": "0375BF9E-D04B-4E5B-9051-536806ECA44E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.9.1b:*:*:*:*:*:*:*",
"matchCriteriaId": "2266E5A2-B3F6-4389-B8E2-42CB845EC7F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.9.1c:*:*:*:*:*:*:*",
"matchCriteriaId": "012A6CF7-9104-4882-9C95-E6D4458AB778",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.9.1d:*:*:*:*:*:*:*",
"matchCriteriaId": "5AF5214D-9257-498F-A3EB-C4EC18E2FEB2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.9.1s:*:*:*:*:*:*:*",
"matchCriteriaId": "78DE7780-4E8B-4BB6-BDEB-58032EC65851",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F29CEE37-4044-4A3C-9685-C9C021FD346A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.9.2a:*:*:*:*:*:*:*",
"matchCriteriaId": "3DC5BB06-100F-42C9-8CEB-CC47FD26DDF3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.9.2s:*:*:*:*:*:*:*",
"matchCriteriaId": "5292764A-7D1C-4E04-86EF-809CB68EDD25",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.9.3:*:*:*:*:*:*:*",
"matchCriteriaId": "E1FDA817-3A50-4B9E-8F4E-F613BDB3E9EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.9.3a:*:*:*:*:*:*:*",
"matchCriteriaId": "1E16D266-108F-4F8A-998D-F1CA25F2EAAD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.9.3h:*:*:*:*:*:*:*",
"matchCriteriaId": "F84AE35F-D016-4B8F-8FE2-C2ACB200DFED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.9.3s:*:*:*:*:*:*:*",
"matchCriteriaId": "41D55481-C80E-4400-9C3D-9F6B1F7F13CE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.9.4:*:*:*:*:*:*:*",
"matchCriteriaId": "E4BF9829-F80E-4837-A420-39B291C4E17B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.9.4c:*:*:*:*:*:*:*",
"matchCriteriaId": "D07F9539-CFBE-46F7-9F5E-93A68169797D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.9.5:*:*:*:*:*:*:*",
"matchCriteriaId": "F5AB80E7-0714-44ED-9671-12C877B36A1E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.9.5f:*:*:*:*:*:*:*",
"matchCriteriaId": "10182B94-6831-461E-B0FC-9476EAB6EBEF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.9.6:*:*:*:*:*:*:*",
"matchCriteriaId": "961F8312-31B9-44E7-8858-EF8E2134F447",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.9.7:*:*:*:*:*:*:*",
"matchCriteriaId": "3D62EE1B-9A59-406C-B7DF-91B495F3ECFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.9.8:*:*:*:*:*:*:*",
"matchCriteriaId": "79CF8D4E-F82A-469C-A8C2-0C203A800A05",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.10.1:*:*:*:*:*:*:*",
"matchCriteriaId": "DB6BD18B-B9BD-452F-986E-16A6668E46B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.10.1a:*:*:*:*:*:*:*",
"matchCriteriaId": "D136D2BC-FFB5-4912-A3B1-BD96148CB9A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.10.1b:*:*:*:*:*:*:*",
"matchCriteriaId": "A22256FE-431C-4AD9-9E7F-7EAC2D81B1B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.10.1c:*:*:*:*:*:*:*",
"matchCriteriaId": "5CD5B3AB-27C2-4055-A3B7-0112D089FDA4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.10.1d:*:*:*:*:*:*:*",
"matchCriteriaId": "04081A51-E08F-4114-9276-584E836181D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.10.1e:*:*:*:*:*:*:*",
"matchCriteriaId": "ADED0D82-2A4D-4235-BFAC-5EE2D862B652",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.10.1f:*:*:*:*:*:*:*",
"matchCriteriaId": "62A46516-CEB7-48D4-879B-341963A1FA31",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.10.1g:*:*:*:*:*:*:*",
"matchCriteriaId": "D6EF98FA-6DF9-4935-9639-143E08462BC4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.10.1s:*:*:*:*:*:*:*",
"matchCriteriaId": "763664F5-E6CD-4936-B2F8-C5E2D5EA7BB6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.10.2:*:*:*:*:*:*:*",
"matchCriteriaId": "0A443E93-6C4B-4F86-BA7C-7C2A929E795A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.10.3:*:*:*:*:*:*:*",
"matchCriteriaId": "6ECEDD9D-6517-44BA-A95F-D1D5488C0E41",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.11.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E91F8704-6DAD-474A-84EA-04E4AF7BB9B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.11.1a:*:*:*:*:*:*:*",
"matchCriteriaId": "314C7763-A64D-4023-9F3F-9A821AE4151F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.11.1b:*:*:*:*:*:*:*",
"matchCriteriaId": "5820D71D-FC93-45AA-BC58-A26A1A39C936",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.11.1c:*:*:*:*:*:*:*",
"matchCriteriaId": "FC1C85DD-69CC-4AA8-B219-651D57FC3506",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.11.1s:*:*:*:*:*:*:*",
"matchCriteriaId": "DB26AE0F-85D8-4EAB-B9BD-457DD81FF0FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.11.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B53E377A-0296-4D7A-B97C-576B0026543D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.12.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C98DED36-D4B5-48D6-964E-EEEE97936700",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.12.1a:*:*:*:*:*:*:*",
"matchCriteriaId": "CD98C9E8-3EA6-4160-970D-37C389576516",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.12.1c:*:*:*:*:*:*:*",
"matchCriteriaId": "C8BEFEDA-B01A-480B-B03D-7ED5D08E4B67",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.12.1s:*:*:*:*:*:*:*",
"matchCriteriaId": "9027A528-2588-4C06-810B-5BB313FE4323",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.12.1t:*:*:*:*:*:*:*",
"matchCriteriaId": "7745ED34-D59D-49CC-B174-96BCA03B3374",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.12.1w:*:*:*:*:*:*:*",
"matchCriteriaId": "19AF4CF3-6E79-4EA3-974D-CD451A192BA9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.12.1x:*:*:*:*:*:*:*",
"matchCriteriaId": "313BD54C-073C-4F27-82D5-C99EFC3A20F7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.12.1y:*:*:*:*:*:*:*",
"matchCriteriaId": "93B96E01-3777-4C33-9225-577B469A6CE5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.12.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E5019B59-508E-40B0-9C92-2C26F58E2FBE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.12.2a:*:*:*:*:*:*:*",
"matchCriteriaId": "443D78BA-A3DA-4D1F-A4DF-2F426DC6B841",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.12.2s:*:*:*:*:*:*:*",
"matchCriteriaId": "1986DB1F-AD0A-42FE-8EC8-F18BA1AD4F99",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.12.2t:*:*:*:*:*:*:*",
"matchCriteriaId": "3C6FB4DC-814D-49D2-BBE2-3861AE985A1C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.12.3:*:*:*:*:*:*:*",
"matchCriteriaId": "D5750264-2990-4942-85F4-DB9746C5CA2B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.12.3a:*:*:*:*:*:*:*",
"matchCriteriaId": "02352FD8-2A7B-41BD-9E4A-F312ABFDF3EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.12.3s:*:*:*:*:*:*:*",
"matchCriteriaId": "B9173AD6-6658-4267-AAA7-D50D0B657528",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.12.4:*:*:*:*:*:*:*",
"matchCriteriaId": "7F02EE9D-45B1-43D6-B05D-6FF19472216B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.12.4a:*:*:*:*:*:*:*",
"matchCriteriaId": "1C1DBBCD-4C5A-43BB-8FB0-6F1AF99ED0D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.12.5:*:*:*:*:*:*:*",
"matchCriteriaId": "8FCB9440-F470-45D1-AAFA-01FB5D76B600",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.12.5a:*:*:*:*:*:*:*",
"matchCriteriaId": "3F66ECFE-B631-47AE-995F-024A4E586A85",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E306B09C-CB48-4067-B60C-5F738555EEAC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.1.1a:*:*:*:*:*:*:*",
"matchCriteriaId": "CD446C51-E713-4E46-8328-0A0477D140D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.1.1s:*:*:*:*:*:*:*",
"matchCriteriaId": "4FF0DD16-D76A-45EA-B01A-20C71AEFA3B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.1.1t:*:*:*:*:*:*:*",
"matchCriteriaId": "4BDD0CEC-4A19-438D-B2A1-8664A1D8F3C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "89369318-2E83-489F-B872-5F2E247BBF8F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "8B4D4659-A304-459F-8AB3-ED6D84B44C0F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4B7EE7C7-D6C1-4C35-8C80-EAF3FC7E7EFA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.2.1a:*:*:*:*:*:*:*",
"matchCriteriaId": "B51FA707-8DB1-4596-9122-D4BFEF17F400",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.2.1r:*:*:*:*:*:*:*",
"matchCriteriaId": "C04DF35A-1B6F-420A-8D84-74EB41BF3700",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.2.1v:*:*:*:*:*:*:*",
"matchCriteriaId": "211CC9B2-6108-4C50-AB31-DC527C43053E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "75CCB5F1-27F5-4FF9-8389-0A9ABCF7F070",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "08DCCBA3-82D2-4444-B5D3-E5FC58D024F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "128F95D7-E49F-4B36-8F47-823C0298449E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.3.1a:*:*:*:*:*:*:*",
"matchCriteriaId": "E21B3881-37E9-4C00-9336-12C9C28D1B61",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.3.1w:*:*:*:*:*:*:*",
"matchCriteriaId": "E54599DB-A85E-4EEA-9985-2CBF90E28A08",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.3.1x:*:*:*:*:*:*:*",
"matchCriteriaId": "4046C325-7EDB-4C95-AA98-541BEC8F9E0F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.3.1z:*:*:*:*:*:*:*",
"matchCriteriaId": "E5B70A3D-CBE1-4218-A7B4-F85741A57BD7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "2B270A04-9961-4E99-806B-441CD674AFBD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.3.2a:*:*:*:*:*:*:*",
"matchCriteriaId": "1360069D-0358-4746-8C3F-44C2A40988D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "C5DD2403-113B-4100-8BD4-90E1927E6648",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.3.3a:*:*:*:*:*:*:*",
"matchCriteriaId": "A35FFA44-9A59-4C20-9D86-C40B68BD5F77",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "DAF73937-BCE2-4BEF-B4B0-83212DA4A6C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.3.4a:*:*:*:*:*:*:*",
"matchCriteriaId": "2DDB1E60-C2A9-4570-BE80-F3D478A53738",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.3.4b:*:*:*:*:*:*:*",
"matchCriteriaId": "9841799A-87E2-46AE-807A-824981EAB35A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.3.4c:*:*:*:*:*:*:*",
"matchCriteriaId": "0CEF022B-271F-4017-B74B-82748D5EBA01",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5A6B707B-4543-41F1-83DF-49A93BF56FB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.4.1a:*:*:*:*:*:*:*",
"matchCriteriaId": "DC8F611B-D347-4A21-90E6-56CF4D8A35A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.4.1b:*:*:*:*:*:*:*",
"matchCriteriaId": "D9A92CE4-B4B0-4C14-AE11-8DFE511406F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.4.1c:*:*:*:*:*:*:*",
"matchCriteriaId": "298C82F9-79A6-4DB7-8432-8B3A6DA39620",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "274E3E6F-4280-4EAE-B102-1BE57FE1F1D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.4.2a:*:*:*:*:*:*:*",
"matchCriteriaId": "46B52A51-51DB-4A12-AB1D-8D9605226599",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "938B0720-8CA7-43BA-9708-5CE9EC7A565A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.5.1a:*:*:*:*:*:*:*",
"matchCriteriaId": "D4BE7166-DBD3-4CE6-A14A-725FE896B85E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4DE62C4B-7C06-4907-BADE-416C1618D2D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.6.1a:*:*:*:*:*:*:*",
"matchCriteriaId": "0C60DF3F-DBD9-4BBF-812E-4BB0C47BDF3C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:800m_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9E9F9D3C-8221-4C79-97A3-9FEA81DE977F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:807_industrial_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0EEA0369-B5B1-41FD-98EE-F7F4EAB9863D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:812_3g_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5A0EEEB5-8305-4A57-9904-D81551FB6A81",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:812_cifi_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E8D371C4-7034-4675-931D-E6A208FD901C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:819_hardened_dual_radio_802.11n_wifi_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FAF3EFC2-EF88-47E6-B174-7561A19FB543",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:819_hardened_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "30FCD835-282D-440A-833D-771F6EC7A93D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:829_industrial_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "398D63B0-F15B-409B-AFBC-DE6C94FAF815",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:860vae-w_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4C9C511D-7D5E-4758-A335-70019EBD9F8C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:861_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E109E908-78B9-44ED-8719-B057057C2185",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:861w_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "31F8D515-3D54-459F-8CE7-FFA91439C0D3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:866vae_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "510B60EF-AA4D-469F-8EEF-133F354DDF55",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:867_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EF7E6C9E-326B-42EF-86D4-4FB2C13E2BA4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:867vae_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8D562373-BD3F-4690-928F-9FE0325A3379",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:880-voice_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB62165B-6CA9-4DD8-8A36-B658F61FF9EF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:880_3g_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8A2F1852-8ADC-42E0-8D05-961A733523D1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:881-cube_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DA5ACE25-8C18-49B0-AFFC-17CB30F61930",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:881_3g_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AB6E4CF5-D944-4281-94E5-72BC5437BC62",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:881_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CFB6E8CC-89B8-490A-BFCF-FA9D55543B21",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:881w_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "480629DC-DA23-4A9E-B90F-E8AB894C9353",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:886_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BCEBDDE6-0EA0-4C2B-9A04-87236312A269",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:886va-cube_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4D3EA60A-1BA9-43E8-AF81-914846C26CC1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:886va-w_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FA7C5306-B810-4036-A241-7178F48ABE8E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:886va_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5413C7E7-F55C-4158-ABDF-2D8844B96680",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:886vag_3g_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A6745ADF-DCE3-42C3-A548-F9E44AEE88CC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:887_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FEFD38B2-348F-4EF2-A9B7-40A9AA5FF511",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:887v_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A4F9EA2E-9EE7-4F68-9765-C78F85624F2D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:887va-cube_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1563AC8D-4E4D-4126-8C5D-84B449AAEF57",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:887va-w_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B3945CCD-E6F5-412D-9935-160BCD664B10",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:887va_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B0C23393-F7BB-4BA9-81A5-C298D84EBF0B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:887vag_3g_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "61B623C2-D81B-430B-9FD2-E2764EE94809",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:887vam-w_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "828E07F6-1E92-4990-AEBC-DBFE4B5B2DE4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:887vamg_3g_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "08B77C60-06E0-47FF-8CD4-35FE5C60FF95",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:888-cube_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7E97DA13-D485-42BE-A0E9-F40A0C823735",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:888_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E984A1EA-728A-4663-8494-1787AB5D93C1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:888e-cube_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "35D9B6C7-A707-41CD-953F-5773FB3F7685",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:888e_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "716E154A-5586-4F58-8203-EC8256E00BAD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:888eg_3g_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CC0F79A-52CA-46A6-9C6A-0596718053E7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:888w_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8054E665-E4DA-4453-A34B-830B69D273A7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:891-24x_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BEA480B3-25E2-4B05-9F46-417B696789B4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:891_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "526558F9-C72D-4DDA-B0DF-CAF7B97E30C1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:891w_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B4B9D069-85C0-4299-BCAF-441A2D6227BF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:892_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "53AFBDFF-3D83-4685-82EE-A9EA4DC09241",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:892f-cube_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AB4AF464-B247-40CF-A2B5-1B278303418B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:892w_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D674C533-304A-42A4-97EE-1CA39908E888",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:cgr_1000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6D4F35B7-7A47-45B7-967C-AB749BE346AA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:cgr_1120:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1119E8B9-53A3-4724-9EEB-F4A35F9F59E1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:cgr_1240:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4089B3FB-EC0D-408D-A75E-942E23BECB72",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ic3000_industrial_compute_gateway:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0B1DEE8B-C9B3-4E45-BBBD-C3DF2A61C349",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ie-4000-16gt4g-e_industrial_ethernet_switch:-:*:*:*:*:*:*:*",
"matchCriteriaId": "45EC8751-C17A-4F75-B88A-5778E2496462",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ie-4000-16t4g-e_industrial_ethernet_switch:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0C52B1C4-A42A-42AC-ABB3-F2B289F47B8B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ie-4000-4gc4gp4g-e_industrial_ethernet_switch:-:*:*:*:*:*:*:*",
"matchCriteriaId": "19155C80-7068-4E3A-88EA-9F90C1B14ABC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ie-4000-4gs8gp4g-e_industrial_ethernet_switch:-:*:*:*:*:*:*:*",
"matchCriteriaId": "64234EBB-B47D-4B2A-A46D-2AA234E0ECC8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ie-4000-4s8p4g-e_industrial_ethernet_switch:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5C4975AA-722F-43AB-A762-88D5A00FC7EC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ie-4000-4t4p4g-e_industrial_ethernet_switch:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A76C5B3B-03FF-47C0-88B1-A5AB932D02DF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ie-4000-4tc4g-e_industrial_ethernet_switch:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BA64B716-2D79-4B4E-8007-C4575AA68E8B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ie-4000-8gs4g-e_industrial_ethernet_switch:-:*:*:*:*:*:*:*",
"matchCriteriaId": "763B3611-7EE1-455F-96C7-0A2E83D22AF1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ie-4000-8gt4g-e_industrial_ethernet_switch:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9F2D391F-27DE-48E6-9AA3-36A8C672A6AB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ie-4000-8gt8gp4g-e_industrial_ethernet_switch:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3DE4E5E0-F7E8-43BC-9AFC-159D6B2B4344",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ie-4000-8s4g-e_industrial_ethernet_switch:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0BBAC7B1-693D-40F8-90BB-6290E3DCD5A2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ie-4000-8t4g-e_industrial_ethernet_switch:-:*:*:*:*:*:*:*",
"matchCriteriaId": "43AF8063-E30D-411B-9CEC-25E336E5E4E4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ie-4010-16s12p_industrial_ethernet_switch:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3A359421-6CD3-43E0-94FC-20C76756C7EC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ie-4010-4s24p_industrial_ethernet_switch:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F0F9DF32-3E0B-47FA-912A-FCE948BA768E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:ir510_wpan:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D29EAD2C-C9A3-4129-8C4F-1C0963826FA4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple vulnerabilities in the Cisco IOx application hosting environment on multiple Cisco platforms could allow an attacker to inject arbitrary commands into the underlying host operating system, execute arbitrary code on the underlying host operating system, install applications without being authenticated, or conduct a cross-site scripting (XSS) attack against a user of the affected software. For more information about these vulnerabilities, see the Details section of this advisory."
},
{
"lang": "es",
"value": "M\u00faltiples vulnerabilidades en el entorno de alojamiento de aplicaciones Cisco IOx en varias plataformas de Cisco podr\u00edan permitir a un atacante inyectar comandos arbitrarios en el sistema operativo anfitri\u00f3n subyacente, ejecutar c\u00f3digo arbitrario en el sistema operativo anfitri\u00f3n subyacente, instalar aplicaciones sin ser autenticado o conducir un ataque de tipo cross-site scripting (XSS) contra un usuario del software afectado. Para m\u00e1s informaci\u00f3n sobre estas vulnerabilidades, consulte la secci\u00f3n Details de este aviso"
}
],
"id": "CVE-2022-20725",
"lastModified": "2024-11-21T06:43:25.270",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 6.8,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.2,
"impactScore": 4.2,
"source": "psirt@cisco.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-04-15T15:15:13.510",
"references": [
{
"source": "psirt@cisco.com",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/orangecertcc/security-research/security/advisories/GHSA-q2v9-qpmg-4qc4"
},
{
"source": "psirt@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iox-yuXQ6hFj"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/orangecertcc/security-research/security/advisories/GHSA-q2v9-qpmg-4qc4"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iox-yuXQ6hFj"
}
],
"sourceIdentifier": "psirt@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-22"
}
],
"source": "psirt@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-09-24 18:15
Modified
2024-11-21 05:31
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
9.1 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
9.1 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
Summary
A vulnerability in the implementation of the Low Power, Wide Area (LPWA) subsystem of Cisco IOS Software for Cisco 800 Series Industrial Integrated Services Routers (Industrial ISRs) and Cisco 1000 Series Connected Grid Routers (CGR1000) could allow an unauthenticated, remote attacker to gain unauthorized read access to sensitive data or cause a denial of service (DoS) condition. The vulnerability is due to a lack of input and validation checking mechanisms for virtual-LPWA (VLPWA) protocol modem messages. An attacker could exploit this vulnerability by supplying crafted packets to an affected device. A successful exploit could allow the attacker to gain unauthorized read access to sensitive data or cause the VLPWA interface of the affected device to shut down, resulting in DoS condition.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ios:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B6230A85-30D2-4934-A8A0-11499B7B09F8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:1120_connected_grid_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6835F8AD-B55D-4B57-B3B5-0095E309B2B3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:1240_connected_grid_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1AB6ACAE-8C89-48F6-95BA-DE32F4F81FE6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:807_industrial_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0EEA0369-B5B1-41FD-98EE-F7F4EAB9863D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:809_industrial_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EF4558F1-B87C-439F-AF8F-C19AACAB80E0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:829_industrial_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "398D63B0-F15B-409B-AFBC-DE6C94FAF815",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the implementation of the Low Power, Wide Area (LPWA) subsystem of Cisco IOS Software for Cisco 800 Series Industrial Integrated Services Routers (Industrial ISRs) and Cisco 1000 Series Connected Grid Routers (CGR1000) could allow an unauthenticated, remote attacker to gain unauthorized read access to sensitive data or cause a denial of service (DoS) condition. The vulnerability is due to a lack of input and validation checking mechanisms for virtual-LPWA (VLPWA) protocol modem messages. An attacker could exploit this vulnerability by supplying crafted packets to an affected device. A successful exploit could allow the attacker to gain unauthorized read access to sensitive data or cause the VLPWA interface of the affected device to shut down, resulting in DoS condition."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la implementaci\u00f3n del subsistema Low Power, Wide Area (LPWA) de Cisco IOS Software para Cisco 800 Series Industrial Integrated Services Routers (Industrial ISRs) y Cisco 1000 Series Connected Grid Routers (CGR1000), podr\u00eda permitir a un atacante remoto no autenticado conseguir acceso de lectura no autorizado a datos confidenciales o causar una condici\u00f3n de denegaci\u00f3n de servicio (DoS).\u0026#xa0;La vulnerabilidad es debido a la falta de mecanismos de comprobaci\u00f3n de entrada para mensajes de m\u00f3dem de protocolo virtual-LPWA (VLPWA).\u0026#xa0;Un atacante podr\u00eda explotar esta vulnerabilidad mediante el suministro de paquetes dise\u00f1ados hacia un dispositivo afectado.\u0026#xa0;Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante conseguir acceso de lectura no autorizado a datos confidenciales o hacer que la interfaz VLPWA del dispositivo afectado se apague, resultando una condici\u00f3n DoS."
}
],
"id": "CVE-2020-3426",
"lastModified": "2024-11-21T05:31:02.753",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.4,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "psirt@cisco.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.2,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-09-24T18:15:19.290",
"references": [
{
"source": "psirt@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-lpwa-access-cXsD7PRA"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-lpwa-access-cXsD7PRA"
}
],
"sourceIdentifier": "psirt@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "psirt@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2025-05-07 18:15
Modified
2025-07-11 14:55
Severity ?
Summary
A vulnerability in the Cisco IOx application hosting environment of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause the Cisco IOx application hosting environment to stop responding, resulting in a denial of service (DoS) condition.
This vulnerability is due to the improper handling of HTTP requests. An attacker could exploit this vulnerability by sending crafted HTTP requests to an affected device. A successful exploit could allow the attacker to cause the Cisco IOx application hosting environment to stop responding. The IOx process will need to be manually restarted to recover services.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0ED5527C-A638-4E20-9928-099E32E17743",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "1A685A9A-235D-4D74-9D6C-AC49E75709CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "43052998-0A27-4E83-A884-A94701A3F4CE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "89526731-B712-43D3-B451-D7FC503D2D65",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "302933FE-4B6A-48A3-97F0-4B943251B717",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "296636F1-9242-429B-8472-90352C056106",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.3.1a:*:*:*:*:*:*:*",
"matchCriteriaId": "77993343-0394-413F-ABF9-C1215E9AD800",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "283971DD-DD58-4A76-AC2A-F316534ED416",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "A8F324A5-4830-482E-A684-AB3B6594CEAE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "E8120196-8648-49D0-8262-CD4C9C90C37A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "33E7CCE2-C685-4019-9B55-B3BECB3E5F76",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.3.5b:*:*:*:*:*:*:*",
"matchCriteriaId": "0699DD6E-BA74-4814-93AB-300329C9D032",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "C2E2D781-2684-45F1-AC52-636572A0DCA8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "479FB47B-AF2E-4FCB-8DE0-400BF325666C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.3.8:*:*:*:*:*:*:*",
"matchCriteriaId": "DF2B4C78-5C31-4F3D-9639-305E15576E79",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.3.9:*:*:*:*:*:*:*",
"matchCriteriaId": "2C09F0A2-B21F-40ED-A6A8-9A29D6E1C6A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "32BA13F4-EF9C-4368-B8B1-9FD9FAF5CEFF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.3.11:*:*:*:*:*:*:*",
"matchCriteriaId": "13CB889F-B064-4CAC-99AC-903745ACA566",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "77E8AF15-AB46-4EAB-8872-8C55E8601599",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "957318BE-55D4-4585-AA52-C813301D01C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "8F11B703-8A0F-47ED-AA70-951FF78B94A4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FE7B2557-821D-4E05-B5C3-67192573D97D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.5.1a:*:*:*:*:*:*:*",
"matchCriteriaId": "5EE6EC32-51E4-43A3-BFB9-A0D842D08E87",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.5.1b:*:*:*:*:*:*:*",
"matchCriteriaId": "187F699A-AF2F-42B0-B855-27413140C384",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "7E0B905E-4D92-4FD6-B2FF-41FF1F59A948",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:16.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "62EDEC28-661E-42EF-88F0-F62D0220D2E5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E306B09C-CB48-4067-B60C-5F738555EEAC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.1.1a:*:*:*:*:*:*:*",
"matchCriteriaId": "CD446C51-E713-4E46-8328-0A0477D140D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.1.1s:*:*:*:*:*:*:*",
"matchCriteriaId": "4FF0DD16-D76A-45EA-B01A-20C71AEFA3B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.1.1t:*:*:*:*:*:*:*",
"matchCriteriaId": "4BDD0CEC-4A19-438D-B2A1-8664A1D8F3C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "8B4D4659-A304-459F-8AB3-ED6D84B44C0F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4B7EE7C7-D6C1-4C35-8C80-EAF3FC7E7EFA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.2.1a:*:*:*:*:*:*:*",
"matchCriteriaId": "B51FA707-8DB1-4596-9122-D4BFEF17F400",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.2.1r:*:*:*:*:*:*:*",
"matchCriteriaId": "C04DF35A-1B6F-420A-8D84-74EB41BF3700",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.2.1v:*:*:*:*:*:*:*",
"matchCriteriaId": "211CC9B2-6108-4C50-AB31-DC527C43053E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "75CCB5F1-27F5-4FF9-8389-0A9ABCF7F070",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "08DCCBA3-82D2-4444-B5D3-E5FC58D024F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "128F95D7-E49F-4B36-8F47-823C0298449E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.3.1a:*:*:*:*:*:*:*",
"matchCriteriaId": "E21B3881-37E9-4C00-9336-12C9C28D1B61",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.3.1w:*:*:*:*:*:*:*",
"matchCriteriaId": "E54599DB-A85E-4EEA-9985-2CBF90E28A08",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.3.1x:*:*:*:*:*:*:*",
"matchCriteriaId": "4046C325-7EDB-4C95-AA98-541BEC8F9E0F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.3.1z:*:*:*:*:*:*:*",
"matchCriteriaId": "E5B70A3D-CBE1-4218-A7B4-F85741A57BD7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "2B270A04-9961-4E99-806B-441CD674AFBD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.3.2a:*:*:*:*:*:*:*",
"matchCriteriaId": "1360069D-0358-4746-8C3F-44C2A40988D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "C5DD2403-113B-4100-8BD4-90E1927E6648",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "DAF73937-BCE2-4BEF-B4B0-83212DA4A6C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.3.4a:*:*:*:*:*:*:*",
"matchCriteriaId": "2DDB1E60-C2A9-4570-BE80-F3D478A53738",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.3.4b:*:*:*:*:*:*:*",
"matchCriteriaId": "9841799A-87E2-46AE-807A-824981EAB35A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.3.4c:*:*:*:*:*:*:*",
"matchCriteriaId": "0CEF022B-271F-4017-B74B-82748D5EBA01",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "6B2902D8-3A7B-4C47-9BC6-8CA4C580A346",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.3.5a:*:*:*:*:*:*:*",
"matchCriteriaId": "8871B890-78F4-4D9D-AEFF-6A393493C51E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.3.5b:*:*:*:*:*:*:*",
"matchCriteriaId": "9E489AC5-A445-44FF-AA85-F0915577384E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "917BA05C-2A18-4C68-B508-85C2B5A94416",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "06337791-7D8D-4EAA-BACC-4E270F377B3E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.3.8:*:*:*:*:*:*:*",
"matchCriteriaId": "336A8630-653C-4E28-8DE1-76CDD8573980",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.3.8a:*:*:*:*:*:*:*",
"matchCriteriaId": "0A1767AE-7D9F-4BAA-90E1-CF8314CD0B53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5A6B707B-4543-41F1-83DF-49A93BF56FB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.4.1a:*:*:*:*:*:*:*",
"matchCriteriaId": "DC8F611B-D347-4A21-90E6-56CF4D8A35A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.4.1b:*:*:*:*:*:*:*",
"matchCriteriaId": "D9A92CE4-B4B0-4C14-AE11-8DFE511406F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "274E3E6F-4280-4EAE-B102-1BE57FE1F1D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.4.2a:*:*:*:*:*:*:*",
"matchCriteriaId": "46B52A51-51DB-4A12-AB1D-8D9605226599",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "938B0720-8CA7-43BA-9708-5CE9EC7A565A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.5.1a:*:*:*:*:*:*:*",
"matchCriteriaId": "D4BE7166-DBD3-4CE6-A14A-725FE896B85E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4DE62C4B-7C06-4907-BADE-416C1618D2D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.6.1a:*:*:*:*:*:*:*",
"matchCriteriaId": "0C60DF3F-DBD9-4BBF-812E-4BB0C47BDF3C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.6.1w:*:*:*:*:*:*:*",
"matchCriteriaId": "26FEE2E2-DD85-4006-8895-0BDA04E8EE4C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.6.1x:*:*:*:*:*:*:*",
"matchCriteriaId": "A0CD237B-2843-4D37-87D7-AE6D1A53458A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.6.1y:*:*:*:*:*:*:*",
"matchCriteriaId": "1B80614B-6362-45F0-B305-2F137B053DCF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.6.1z:*:*:*:*:*:*:*",
"matchCriteriaId": "47B20C7E-1C9C-4EF4-91E4-388643C4B9C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.6.1z1:*:*:*:*:*:*:*",
"matchCriteriaId": "EB7966A0-D84D-47F7-AED9-D041BCDA6703",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "04D19D8C-FACF-49B4-BA99-CC3A3FDADAFB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "0B78942C-BEE1-4D18-9075-8E1D991BF621",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.6.3a:*:*:*:*:*:*:*",
"matchCriteriaId": "5B306D35-4A13-4D23-8EC2-D000E8ADCDA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.6.4:*:*:*:*:*:*:*",
"matchCriteriaId": "9F21093D-1036-4F6B-B90F-ACE1EF99EA33",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "280D24C6-A2BF-46E8-B512-6A3FA7833922",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.6.5a:*:*:*:*:*:*:*",
"matchCriteriaId": "1F903F51-ABF4-49B0-A5BA-A6B51F79666F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.6.6:*:*:*:*:*:*:*",
"matchCriteriaId": "E3F244E7-8EE9-4E58-83FA-EEDD3C8F792D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.6.6a:*:*:*:*:*:*:*",
"matchCriteriaId": "5238B1D1-740D-4B37-A0CB-1B3343E55D05",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.6.7:*:*:*:*:*:*:*",
"matchCriteriaId": "27E0750C-A622-49D6-A8EF-B59E2F8F1912",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.6.8:*:*:*:*:*:*:*",
"matchCriteriaId": "2258D93E-71AA-4964-A5DF-008E3479F2A4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.6.8a:*:*:*:*:*:*:*",
"matchCriteriaId": "608ACC60-143B-4835-B6AC-E6C3111B4078",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "38B87B17-C653-40AC-8AE4-066BB1123C88",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.7.1a:*:*:*:*:*:*:*",
"matchCriteriaId": "9012A66E-82C4-4ACF-A4BB-37EC54B87B50",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.7.1b:*:*:*:*:*:*:*",
"matchCriteriaId": "9C945710-7DC3-43D9-9FBE-F2A1B8666C73",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "849C6FF1-F7C0-4021-BCA2-A791C87E4F37",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7592C7E3-3735-425F-A276-9EE03224CD5E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.8.1a:*:*:*:*:*:*:*",
"matchCriteriaId": "1103BE75-EB64-4A9A-801E-EDE6A1F861F5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5B0C2129-8149-4362-827C-A5494C9D398B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.9.1a:*:*:*:*:*:*:*",
"matchCriteriaId": "7452C7E9-6241-42C5-9A7F-13C0BD38A2B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.9.1w:*:*:*:*:*:*:*",
"matchCriteriaId": "38C48FC4-5362-4B61-8B8C-7CAFFB81045E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.9.1x:*:*:*:*:*:*:*",
"matchCriteriaId": "2BC43383-DF99-4D38-A220-0A202623B36A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.9.1x1:*:*:*:*:*:*:*",
"matchCriteriaId": "B7E6CD08-EC7E-42C1-B2C2-CA5E154545A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.9.1y:*:*:*:*:*:*:*",
"matchCriteriaId": "DE62DC68-E882-49E7-AAD2-2F73637FFB4A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.9.1y1:*:*:*:*:*:*:*",
"matchCriteriaId": "57CD29C9-C629-48B0-ABDD-CEC3DEB6FB11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D197445E-EC12-429C-BDD4-F63FA5C1B3E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.9.2a:*:*:*:*:*:*:*",
"matchCriteriaId": "BD27DF50-9E81-4EC5-BA73-513F1DFB972C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.9.3:*:*:*:*:*:*:*",
"matchCriteriaId": "51EA3EAA-A379-467E-AF9A-FCFBACAE49C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.9.3a:*:*:*:*:*:*:*",
"matchCriteriaId": "4FC63AAF-758F-4A70-9738-96E75A0A1DDA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.9.4:*:*:*:*:*:*:*",
"matchCriteriaId": "E67BE408-8DCF-491F-9EA9-E368565C1B49",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.9.4a:*:*:*:*:*:*:*",
"matchCriteriaId": "D9CFE98A-FBA5-4837-BBD9-3C875ECEBF1B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.9.5:*:*:*:*:*:*:*",
"matchCriteriaId": "36A5F20F-3F38-4FB9-B49D-28569EB1A763",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.9.5a:*:*:*:*:*:*:*",
"matchCriteriaId": "4D2264D7-5E89-4F50-B948-FAB41D07C8BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.9.5b:*:*:*:*:*:*:*",
"matchCriteriaId": "6BB8368D-B9F9-4679-8154-1174E140CA17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.9.5e:*:*:*:*:*:*:*",
"matchCriteriaId": "78EEDF40-2CDA-4147-A9F2-A5F4B8FF35EC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.9.5f:*:*:*:*:*:*:*",
"matchCriteriaId": "40CEA4FC-B946-4D54-A45B-686FC02D5411",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.9.6:*:*:*:*:*:*:*",
"matchCriteriaId": "7BDBE176-04ED-48F0-BA9F-45BECFEDBE2A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.9.6a:*:*:*:*:*:*:*",
"matchCriteriaId": "94E52AA0-0A77-47DF-9600-7D5B8A6D09B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.10.1:*:*:*:*:*:*:*",
"matchCriteriaId": "42FAEC29-D754-49D6-85F1-F5DDFAF6E80F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.10.1a:*:*:*:*:*:*:*",
"matchCriteriaId": "CCE76032-948F-444F-BA5D-72A34D1CD382",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.10.1b:*:*:*:*:*:*:*",
"matchCriteriaId": "9A965A2A-129C-45C3-BCB1-2860F583D020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.11.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F313F2EC-F3D6-4639-934C-402DDA3DA806",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.11.1a:*:*:*:*:*:*:*",
"matchCriteriaId": "4AFB2CA6-8332-4E4D-BDB4-C3B770D3AD6C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.11.99sw:*:*:*:*:*:*:*",
"matchCriteriaId": "6F7C157F-5569-4072-805F-7AF598F6B56F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.12.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1BF0778B-015D-481B-BAC0-40667F3453D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.12.1a:*:*:*:*:*:*:*",
"matchCriteriaId": "1EEBC0EB-0DBB-4530-AFC4-AA0036469656",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.12.1w:*:*:*:*:*:*:*",
"matchCriteriaId": "66D0DB87-6BB7-4FCF-BF20-6D4D48D72B79",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.12.1x:*:*:*:*:*:*:*",
"matchCriteriaId": "E0A766E7-CF3C-4529-AFA4-D780059A66BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.12.1y:*:*:*:*:*:*:*",
"matchCriteriaId": "46B7F7EA-6512-433F-B1E4-B2F889427464",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.12.1z:*:*:*:*:*:*:*",
"matchCriteriaId": "63527910-7F55-4D40-BFE7-D497C91C334D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.12.1z1:*:*:*:*:*:*:*",
"matchCriteriaId": "6EACA43F-64DB-496B-A6B1-DB9FAF6606EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.12.1z2:*:*:*:*:*:*:*",
"matchCriteriaId": "7E147E53-B047-429F-9E3B-04FB5F777B85",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.12.1z4:*:*:*:*:*:*:*",
"matchCriteriaId": "9EDBECC5-25B6-461F-BE21-F4EA569DAEA4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.12.2:*:*:*:*:*:*:*",
"matchCriteriaId": "EE165207-A066-44C1-B78A-6EFD80023204",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.12.2a:*:*:*:*:*:*:*",
"matchCriteriaId": "4AF792BC-C270-4294-8E4E-71FAC3ACFCF8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.12.3:*:*:*:*:*:*:*",
"matchCriteriaId": "1098FCEA-6A9F-4634-A0EF-EC55ABCCEA3E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.12.3a:*:*:*:*:*:*:*",
"matchCriteriaId": "53B97B06-206B-42F0-B68F-5C5136EAD2B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.12.4:*:*:*:*:*:*:*",
"matchCriteriaId": "6281EB0F-EE0E-4B06-A7A1-29460A98A8CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.12.4a:*:*:*:*:*:*:*",
"matchCriteriaId": "07650346-67D7-4805-BF81-BB145304CC87",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.12.4b:*:*:*:*:*:*:*",
"matchCriteriaId": "9C6C0D21-ABD5-42F1-B04B-745CA6115D07",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.13.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8577AF01-F2C7-48D3-AB0B-78BD63A60029",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.13.1a:*:*:*:*:*:*:*",
"matchCriteriaId": "CD0D2D94-6470-4E4B-A1B1-0124F92AA793",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.14.1:*:*:*:*:*:*:*",
"matchCriteriaId": "31789E98-7C8D-4C5A-8A3F-FC9AFE9A248C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.14.1a:*:*:*:*:*:*:*",
"matchCriteriaId": "7A62648B-3273-4D75-8533-A5CBE1B1BCE0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.15.2:*:*:*:*:*:*:*",
"matchCriteriaId": "A18E50D1-BAF5-4C0F-9253-774089BAA2EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.15.2a:*:*:*:*:*:*:*",
"matchCriteriaId": "8FDCA684-FF44-49EB-93B5-ED6778E437BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.15.2b:*:*:*:*:*:*:*",
"matchCriteriaId": "3E0FD5B7-69E7-43CB-A658-E05557AC2D77",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.15.2c:*:*:*:*:*:*:*",
"matchCriteriaId": "3CBDBD9B-7122-413B-8671-17AEBE56C2F7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:cgr1000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3469A83B-8B72-49C8-B5EF-3845F493BB76",
"versionEndExcluding": "15.9\\(3\\)m12",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:cgr1000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3A7C73AA-7DBA-43BD-819B-1CA5228CFB0B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ir510_wpan_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CC33B8FC-C936-4672-B1A1-43AB1E956FC9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ir510_wpan:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D29EAD2C-C9A3-4129-8C4F-1C0963826FA4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ic3000_industrial_compute_gateway_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "81D2326E-20DA-4E8C-9ADB-C89A4F26C8E4",
"versionEndExcluding": "1.5.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ic3000_industrial_compute_gateway:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0B1DEE8B-C9B3-4E45-BBBD-C3DF2A61C349",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:807_industrial_integrated_services_router_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8B2047E0-CD0C-4C36-B5EE-A4F5079F0A4B",
"versionEndExcluding": "15.9\\(3\\)m11",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:807_industrial_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0EEA0369-B5B1-41FD-98EE-F7F4EAB9863D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:809_industrial_integrated_services_router_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F15D3A25-21DE-4C82-B67B-3F210CDF84E2",
"versionEndExcluding": "15.9\\(3\\)m11",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:809_industrial_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EF4558F1-B87C-439F-AF8F-C19AACAB80E0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:829_industrial_integrated_services_router_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "253D4D06-FCBB-41C9-88A5-FD0E5DFC0AD8",
"versionEndExcluding": "15.9\\(3\\)m11",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:829_industrial_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "398D63B0-F15B-409B-AFBC-DE6C94FAF815",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ios_xe:*:*:*:*:*:*:*:*",
"matchCriteriaId": "049DE827-5687-4618-AF59-7EB2E925CFB6",
"versionEndExcluding": "17.15.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:catalyst_9100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "749040C6-A21A-4EF3-8213-42EE01CFA303",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_9105:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5F3CCCFE-88CC-4F7B-8958-79CA62516EA9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_9105ax:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C76DACE3-7D3B-4FE6-8567-0C9D43FF7A7E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_9105axi:-:*:*:*:*:*:*:*",
"matchCriteriaId": "19F93DF4-67DB-4B30-AC22-60C67DF32DB2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_9105axw:-:*:*:*:*:*:*:*",
"matchCriteriaId": "59C77B06-3C22-4092-AAAB-DB099A0B16A6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_9105i:-:*:*:*:*:*:*:*",
"matchCriteriaId": "93510CF6-232E-4FBD-BF01-79070306FB97",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_9105w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "77BE20A3-964E-46D3-ACA2-B53A175027D9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_9115:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4081C532-3B10-4FBF-BB22-5BA17BC6FCF8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_9115_ap:-:*:*:*:*:*:*:*",
"matchCriteriaId": "56A3430C-9AF7-4604-AD95-FCF2989E9EB0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_9115ax:-:*:*:*:*:*:*:*",
"matchCriteriaId": "36E2B891-4F41-4D0D-BAA2-0256C0565BDE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_9115axe:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DE4C56A6-E843-498A-A17B-D3D1B01E70E7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_9115axi:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F050F416-44C3-474C-9002-321A33F288D6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_9117:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6FCE2220-E2E6-4A17-9F0A-2C927FAB4AA5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_9117_ap:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4AE36E2-E7E9-4E49-8BFF-615DACFC65C1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_9117ax:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BA8798F4-35BB-4F81-9385-B0274BFAAF15",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_9117axi:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7A699C5C-CD03-4263-952F-5074B470F20E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_9120:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A47C2D6F-8F90-4D74-AFE1-EAE954021F46",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_9120_ap:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C04889F8-3C2A-41AA-9DC9-5A4A4BBE60E7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_9120ax:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5889AFA2-752E-4EDD-A837-5C003025B25C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_9120axe:-:*:*:*:*:*:*:*",
"matchCriteriaId": "46D41CFE-784B-40EE-9431-8097428E5892",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_9120axi:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5D148A27-85B6-4883-96B5-343C8D32F23B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_9120axp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "735CA950-672C-4787-8910-48AD07868FDE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_9124:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C11EF240-7599-4138-B7A7-17E4479F5B83",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_9124ax:-:*:*:*:*:*:*:*",
"matchCriteriaId": "53852300-C1D2-4F84-B8DA-4EDBCB374075",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_9124axd:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E987C945-4D6D-4BE5-B6F0-784B7E821D11",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_9124axi:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B434C6D7-F583-4D2B-9275-38A5EC4ECC30",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_9124d:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D7E3AD79-8F3B-4E8E-8226-2B5101F1A3D2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_9124e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8B64B8AB-DD2A-4306-8546-1D64E24868F4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_9124i:-:*:*:*:*:*:*:*",
"matchCriteriaId": "54712AF5-EF16-4F83-99BB-D3B8D93AF986",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_9130:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E1C8E35A-5A9B-4D56-A753-937D5CFB5B19",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_9130_ap:-:*:*:*:*:*:*:*",
"matchCriteriaId": "248A3FFC-C33C-4336-A37C-67B6046556E5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_9130ax:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5CADEB5A-5147-4420-A825-BAB07BD60AA2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_9130axe:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4EC1F736-6240-4FA2-9FEC-D8798C9D287C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_9130axi:-:*:*:*:*:*:*:*",
"matchCriteriaId": "169E5354-07EA-4639-AB4B-20D2B9DE784C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_9136:-:*:*:*:*:*:*:*",
"matchCriteriaId": "09185C81-6FDF-4E6D-B8F7-E4B5D77909F4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_9162:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C9347227-9FA8-46B6-96EF-713543376296",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_9164:-:*:*:*:*:*:*:*",
"matchCriteriaId": "96E81F0A-5B5C-4DD3-A56F-C7BF53D4B070",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_9166:-:*:*:*:*:*:*:*",
"matchCriteriaId": "774AEB3E-5D6A-4E66-B0B4-C014A7C180E6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:catalyst_9166d1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E5133F50-F67C-4195-B18F-887EFC88FA52",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the Cisco IOx application hosting environment of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause the Cisco IOx application hosting environment to stop responding, resulting in a denial of service (DoS) condition.\r\n\r This vulnerability is due to the improper handling of HTTP requests. An attacker could exploit this vulnerability by sending crafted HTTP requests to an affected device. A successful exploit could allow the attacker to cause the Cisco IOx application hosting environment to stop responding. The IOx process will need to be manually restarted to recover services."
},
{
"lang": "es",
"value": "Una vulnerabilidad en el entorno de alojamiento de aplicaciones Cisco IOx de Cisco IOS Software y Cisco IOS XE Software podr\u00eda permitir que un atacante remoto no autenticado provoque que dicho entorno deje de responder, lo que resulta en una denegaci\u00f3n de servicio (DoS). Esta vulnerabilidad se debe a la gesti\u00f3n incorrecta de las solicitudes HTTP. Un atacante podr\u00eda explotar esta vulnerabilidad enviando solicitudes HTTP manipuladas a un dispositivo afectado. Una explotaci\u00f3n exitosa podr\u00eda permitir que el atacante deje de responder en el entorno de alojamiento de aplicaciones Cisco IOx. El proceso IOx deber\u00e1 reiniciarse manualmente para recuperar los servicios."
}
],
"id": "CVE-2025-20196",
"lastModified": "2025-07-11T14:55:33.920",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "psirt@cisco.com",
"type": "Primary"
}
]
},
"published": "2025-05-07T18:15:39.927",
"references": [
{
"source": "psirt@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iox-dos-95Fqnf7b"
}
],
"sourceIdentifier": "psirt@cisco.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-307"
}
],
"source": "psirt@cisco.com",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-02-12 04:15
Modified
2024-11-21 07:40
Severity ?
7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
A vulnerability in the Cisco IOx application hosting environment could allow an authenticated, remote attacker to execute arbitrary commands as root on the underlying host operating system. This vulnerability is due to incomplete sanitization of parameters that are passed in for activation of an application. An attacker could exploit this vulnerability by deploying and activating an application in the Cisco IOx application hosting environment with a crafted activation payload file. A successful exploit could allow the attacker to execute arbitrary commands as root on the underlying host operating system.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ic3000_industrial_compute_gateway:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C0123C40-42E9-4DA1-A333-1249D52FE05F",
"versionEndExcluding": "1.4.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:iox:-:*:*:*:*:*:*:*",
"matchCriteriaId": "41E74F18-C63E-4A10-99C2-51907E199BC0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9F708D7F-6673-489E-9B2D-796AF552D7A2",
"versionEndExcluding": "17.6.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D9FC38B1-5F12-496F-8843-F119DB2D684C",
"versionEndExcluding": "17.9.2",
"versionStartIncluding": "17.9.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:17.10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FC868609-83CD-4FBA-A842-18CD4F07D8D4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:cgr1240_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F343CE69-D1C6-4CB3-97CF-AC480FA6802D",
"versionEndExcluding": "1.16.0.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:cgr1240:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D1FE609C-8021-48C8-AF15-F176D82A9B23",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:cgr1000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F17050EB-5D47-4287-A2E7-518A811157A7",
"versionEndExcluding": "1.16.0.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:cgr1000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3A7C73AA-7DBA-43BD-819B-1CA5228CFB0B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ir510_wpan_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF8D8F3-C04A-4A32-B7DF-7649506B83D1",
"versionEndExcluding": "1.10.0.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:ir510_wpan:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D29EAD2C-C9A3-4129-8C4F-1C0963826FA4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:829_industrial_integrated_services_router_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "94A8B23B-89DC-4BD2-AC3B-E73169F42F6C",
"versionEndExcluding": "15.9\\(3\\)",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:829_industrial_integrated_services_router_firmware:15.9\\(3\\)m:*:*:*:*:*:*:*",
"matchCriteriaId": "C0E5C422-7131-49C5-B05C-11CDC97373BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:829_industrial_integrated_services_router_firmware:15.9\\(3\\)m1:*:*:*:*:*:*:*",
"matchCriteriaId": "313940F2-909D-4BAB-BC1C-CA9419F4E9A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:829_industrial_integrated_services_router_firmware:15.9\\(3\\)m2:*:*:*:*:*:*:*",
"matchCriteriaId": "887AA4F7-7A63-4FAF-89E9-B992FF8C0F46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:829_industrial_integrated_services_router_firmware:15.9\\(3\\)m2a:*:*:*:*:*:*:*",
"matchCriteriaId": "F1EEADC2-0938-48F8-8ED4-7A2643B6BAE2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:829_industrial_integrated_services_router_firmware:15.9\\(3\\)m3:*:*:*:*:*:*:*",
"matchCriteriaId": "A79FD2A7-F49F-40CA-B721-AD222DD16CA6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:829_industrial_integrated_services_router_firmware:15.9\\(3\\)m4:*:*:*:*:*:*:*",
"matchCriteriaId": "CE95BEF3-E236-4B08-A3C5-210A094AB41E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:829_industrial_integrated_services_router_firmware:15.9\\(3\\)m4a:*:*:*:*:*:*:*",
"matchCriteriaId": "4D097582-7C84-4899-93C4-B16692A41302",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:829_industrial_integrated_services_router_firmware:15.9\\(3\\)m5:*:*:*:*:*:*:*",
"matchCriteriaId": "86891B33-4B66-48C1-933B-75187404B129",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:829_industrial_integrated_services_router_firmware:15.9\\(3\\)m6a:*:*:*:*:*:*:*",
"matchCriteriaId": "372E3DB5-5296-4353-9A2B-0A8040F07BA3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:829_industrial_integrated_services_router_firmware:15.9\\(3\\)m6b:*:*:*:*:*:*:*",
"matchCriteriaId": "20FCE500-AD08-40CE-8956-2997C9200B41",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:829_industrial_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "398D63B0-F15B-409B-AFBC-DE6C94FAF815",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:807_industrial_integrated_services_router_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8FB92E03-2956-4AC1-831F-152FCBA01092",
"versionEndExcluding": "15.9\\(3\\)",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:807_industrial_integrated_services_router_firmware:15.9\\(3\\)m:*:*:*:*:*:*:*",
"matchCriteriaId": "1FA00C2A-CFC0-498B-8EA7-989FA2B78A2A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:807_industrial_integrated_services_router_firmware:15.9\\(3\\)m1:*:*:*:*:*:*:*",
"matchCriteriaId": "308D1626-255D-4266-B2E1-B6D34D7D8881",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:807_industrial_integrated_services_router_firmware:15.9\\(3\\)m2:*:*:*:*:*:*:*",
"matchCriteriaId": "FA3B170E-B248-4E9E-968B-A6320AAF3601",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:807_industrial_integrated_services_router_firmware:15.9\\(3\\)m2a:*:*:*:*:*:*:*",
"matchCriteriaId": "E20439B8-530E-4C49-AFBE-5AFAC95BA994",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:807_industrial_integrated_services_router_firmware:15.9\\(3\\)m3:*:*:*:*:*:*:*",
"matchCriteriaId": "BDA253BF-10DF-4819-A165-9E9049B14D74",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:807_industrial_integrated_services_router_firmware:15.9\\(3\\)m4:*:*:*:*:*:*:*",
"matchCriteriaId": "4FA057DC-F9D9-4A96-9AAF-86303A4D21A4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:807_industrial_integrated_services_router_firmware:15.9\\(3\\)m4a:*:*:*:*:*:*:*",
"matchCriteriaId": "7DF79F40-DA37-4A36-95BD-7FDD8D41783F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:807_industrial_integrated_services_router_firmware:15.9\\(3\\)m5:*:*:*:*:*:*:*",
"matchCriteriaId": "E0DB4FDC-3152-4144-A85B-920577D65BC5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:807_industrial_integrated_services_router_firmware:15.9\\(3\\)m6a:*:*:*:*:*:*:*",
"matchCriteriaId": "564BC14B-465D-4E3D-A37A-15ED0AE65AA2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:807_industrial_integrated_services_router_firmware:15.9\\(3\\)m6b:*:*:*:*:*:*:*",
"matchCriteriaId": "5612E330-FA91-4DA5-9D74-4E262769E388",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:807_industrial_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0EEA0369-B5B1-41FD-98EE-F7F4EAB9863D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:809_industrial_integrated_services_router_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FF306339-36B4-4549-8C8D-C7530C575D9B",
"versionEndExcluding": "15.9\\(3\\)",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:809_industrial_integrated_services_router_firmware:15.9\\(3\\)m:*:*:*:*:*:*:*",
"matchCriteriaId": "AA50E936-DFBC-4B6A-9AE3-763CBD2EA2CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:809_industrial_integrated_services_router_firmware:15.9\\(3\\)m1:*:*:*:*:*:*:*",
"matchCriteriaId": "D8088D28-AA6B-4CA8-B120-9993D0C8035F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:809_industrial_integrated_services_router_firmware:15.9\\(3\\)m2:*:*:*:*:*:*:*",
"matchCriteriaId": "73D568BB-6646-4366-8D8F-87B829AC018F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:809_industrial_integrated_services_router_firmware:15.9\\(3\\)m2a:*:*:*:*:*:*:*",
"matchCriteriaId": "352566DD-EF2B-49A0-9CFF-3C67152DE403",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:809_industrial_integrated_services_router_firmware:15.9\\(3\\)m3:*:*:*:*:*:*:*",
"matchCriteriaId": "18E645F0-179C-43F4-9B12-2485B3C1924C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:809_industrial_integrated_services_router_firmware:15.9\\(3\\)m4:*:*:*:*:*:*:*",
"matchCriteriaId": "A0C1A3AB-E91B-4A59-8E49-C7E722A97F38",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:809_industrial_integrated_services_router_firmware:15.9\\(3\\)m4a:*:*:*:*:*:*:*",
"matchCriteriaId": "E5D4FD9E-A505-4819-B57D-458A24C7E0AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:809_industrial_integrated_services_router_firmware:15.9\\(3\\)m5:*:*:*:*:*:*:*",
"matchCriteriaId": "A299F13E-02DD-490E-96F7-02BF7B21A46D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:809_industrial_integrated_services_router_firmware:15.9\\(3\\)m6a:*:*:*:*:*:*:*",
"matchCriteriaId": "ACD17542-1D24-4D1B-A123-B773BA66326E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:809_industrial_integrated_services_router_firmware:15.9\\(3\\)m6b:*:*:*:*:*:*:*",
"matchCriteriaId": "0D5F1604-4189-4585-8E94-0BD1F02A125C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:809_industrial_integrated_services_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EF4558F1-B87C-439F-AF8F-C19AACAB80E0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the Cisco IOx application hosting environment could allow an authenticated, remote attacker to execute arbitrary commands as root on the underlying host operating system. This vulnerability is due to incomplete sanitization of parameters that are passed in for activation of an application. An attacker could exploit this vulnerability by deploying and activating an application in the Cisco IOx application hosting environment with a crafted activation payload file. A successful exploit could allow the attacker to execute arbitrary commands as root on the underlying host operating system."
}
],
"id": "CVE-2023-20076",
"lastModified": "2024-11-21T07:40:29.813",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9,
"source": "psirt@cisco.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-02-12T04:15:19.287",
"references": [
{
"source": "psirt@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iox-8whGn5dL"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iox-8whGn5dL"
}
],
"sourceIdentifier": "psirt@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-233"
}
],
"source": "psirt@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-78"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2020-3426 (GCVE-0-2020-3426)
Vulnerability from cvelistv5
Published
2020-09-24 18:01
Modified
2024-11-13 17:56
Severity ?
VLAI Severity ?
EPSS score ?
CWE
Summary
A vulnerability in the implementation of the Low Power, Wide Area (LPWA) subsystem of Cisco IOS Software for Cisco 800 Series Industrial Integrated Services Routers (Industrial ISRs) and Cisco 1000 Series Connected Grid Routers (CGR1000) could allow an unauthenticated, remote attacker to gain unauthorized read access to sensitive data or cause a denial of service (DoS) condition. The vulnerability is due to a lack of input and validation checking mechanisms for virtual-LPWA (VLPWA) protocol modem messages. An attacker could exploit this vulnerability by supplying crafted packets to an affected device. A successful exploit could allow the attacker to gain unauthorized read access to sensitive data or cause the VLPWA interface of the affected device to shut down, resulting in DoS condition.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco IOS 15.2(6)E4 |
Version: n/a |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T07:30:58.415Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20200924 Cisco IOS Software for Cisco Industrial Routers Virtual-LPWA Unauthorized Access Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-lpwa-access-cXsD7PRA"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2020-3426",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-13T17:12:43.554572Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-13T17:56:53.388Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco IOS 15.2(6)E4",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2020-09-24T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the implementation of the Low Power, Wide Area (LPWA) subsystem of Cisco IOS Software for Cisco 800 Series Industrial Integrated Services Routers (Industrial ISRs) and Cisco 1000 Series Connected Grid Routers (CGR1000) could allow an unauthenticated, remote attacker to gain unauthorized read access to sensitive data or cause a denial of service (DoS) condition. The vulnerability is due to a lack of input and validation checking mechanisms for virtual-LPWA (VLPWA) protocol modem messages. An attacker could exploit this vulnerability by supplying crafted packets to an affected device. A successful exploit could allow the attacker to gain unauthorized read access to sensitive data or cause the VLPWA interface of the affected device to shut down, resulting in DoS condition."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-264",
"description": "CWE-264",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-09-24T18:01:14",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20200924 Cisco IOS Software for Cisco Industrial Routers Virtual-LPWA Unauthorized Access Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-lpwa-access-cXsD7PRA"
}
],
"source": {
"advisory": "cisco-sa-ios-lpwa-access-cXsD7PRA",
"defect": [
[
"CSCvr53526"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco IOS Software for Cisco Industrial Routers Virtual-LPWA Unauthorized Access Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2020-09-24T16:00:00",
"ID": "CVE-2020-3426",
"STATE": "PUBLIC",
"TITLE": "Cisco IOS Software for Cisco Industrial Routers Virtual-LPWA Unauthorized Access Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco IOS 15.2(6)E4",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the implementation of the Low Power, Wide Area (LPWA) subsystem of Cisco IOS Software for Cisco 800 Series Industrial Integrated Services Routers (Industrial ISRs) and Cisco 1000 Series Connected Grid Routers (CGR1000) could allow an unauthenticated, remote attacker to gain unauthorized read access to sensitive data or cause a denial of service (DoS) condition. The vulnerability is due to a lack of input and validation checking mechanisms for virtual-LPWA (VLPWA) protocol modem messages. An attacker could exploit this vulnerability by supplying crafted packets to an affected device. A successful exploit could allow the attacker to gain unauthorized read access to sensitive data or cause the VLPWA interface of the affected device to shut down, resulting in DoS condition."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "7.5",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-264"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20200924 Cisco IOS Software for Cisco Industrial Routers Virtual-LPWA Unauthorized Access Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-lpwa-access-cXsD7PRA"
}
]
},
"source": {
"advisory": "cisco-sa-ios-lpwa-access-cXsD7PRA",
"defect": [
[
"CSCvr53526"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2020-3426",
"datePublished": "2020-09-24T18:01:14.219272Z",
"dateReserved": "2019-12-12T00:00:00",
"dateUpdated": "2024-11-13T17:56:53.388Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-20076 (GCVE-0-2023-20076)
Vulnerability from cvelistv5
Published
2023-02-12 00:00
Modified
2024-10-28 16:34
Severity ?
VLAI Severity ?
EPSS score ?
CWE
Summary
A vulnerability in the Cisco IOx application hosting environment could allow an authenticated, remote attacker to execute arbitrary commands as root on the underlying host operating system. This vulnerability is due to incomplete sanitization of parameters that are passed in for activation of an application. An attacker could exploit this vulnerability by deploying and activating an application in the Cisco IOx application hosting environment with a crafted activation payload file. A successful exploit could allow the attacker to execute arbitrary commands as root on the underlying host operating system.
References
| ► | URL | Tags |
|---|---|---|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T08:57:35.567Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20230201 Cisco IOx Application Hosting Environment Command Injection Vulnerability",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iox-8whGn5dL"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-20076",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-28T16:19:27.545112Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-28T16:34:17.566Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco IOS ",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2023-02-01T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the Cisco IOx application hosting environment could allow an authenticated, remote attacker to execute arbitrary commands as root on the underlying host operating system. This vulnerability is due to incomplete sanitization of parameters that are passed in for activation of an application. An attacker could exploit this vulnerability by deploying and activating an application in the Cisco IOx application hosting environment with a crafted activation payload file. A successful exploit could allow the attacker to execute arbitrary commands as root on the underlying host operating system."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that is described in this advisory. "
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-233",
"description": "CWE-233",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-04-05T00:00:00",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20230201 Cisco IOx Application Hosting Environment Command Injection Vulnerability",
"tags": [
"vendor-advisory"
],
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iox-8whGn5dL"
}
],
"source": {
"advisory": "cisco-sa-iox-8whGn5dL",
"defect": [
[
"CSCwc66882"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco IOx Application Hosting Environment Command Injection Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2023-20076",
"datePublished": "2023-02-12T00:00:00",
"dateReserved": "2022-10-27T00:00:00",
"dateUpdated": "2024-10-28T16:34:17.566Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-20725 (GCVE-0-2022-20725)
Vulnerability from cvelistv5
Published
2022-04-15 14:21
Modified
2024-11-06 16:23
Severity ?
VLAI Severity ?
EPSS score ?
CWE
Summary
Multiple vulnerabilities in the Cisco IOx application hosting environment on multiple Cisco platforms could allow an attacker to inject arbitrary commands into the underlying host operating system, execute arbitrary code on the underlying host operating system, install applications without being authenticated, or conduct a cross-site scripting (XSS) attack against a user of the affected software. For more information about these vulnerabilities, see the Details section of this advisory.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T02:24:49.219Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20220413 Cisco IOx Application Hosting Environment Vulnerabilities",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iox-yuXQ6hFj"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/orangecertcc/security-research/security/advisories/GHSA-q2v9-qpmg-4qc4"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-20725",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-06T15:58:50.327949Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-06T16:23:50.620Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco IOS",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2022-04-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple vulnerabilities in the Cisco IOx application hosting environment on multiple Cisco platforms could allow an attacker to inject arbitrary commands into the underlying host operating system, execute arbitrary code on the underlying host operating system, install applications without being authenticated, or conduct a cross-site scripting (XSS) attack against a user of the affected software. For more information about these vulnerabilities, see the Details section of this advisory."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:H/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "CWE-22",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-04-20T19:19:20",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20220413 Cisco IOx Application Hosting Environment Vulnerabilities",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iox-yuXQ6hFj"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/orangecertcc/security-research/security/advisories/GHSA-q2v9-qpmg-4qc4"
}
],
"source": {
"advisory": "cisco-sa-iox-yuXQ6hFj",
"defect": [
[
"CSCvx27640",
"CSCvy16608",
"CSCvy30903",
"CSCvy30957",
"CSCvy35913",
"CSCvy35914",
"CSCvy86583",
"CSCvy86598",
"CSCvy86602",
"CSCvy86603",
"CSCvy86604",
"CSCvy86608"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco IOx Application Hosting Environment Vulnerabilities",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2022-04-13T16:00:00",
"ID": "CVE-2022-20725",
"STATE": "PUBLIC",
"TITLE": "Cisco IOx Application Hosting Environment Vulnerabilities"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco IOS",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple vulnerabilities in the Cisco IOx application hosting environment on multiple Cisco platforms could allow an attacker to inject arbitrary commands into the underlying host operating system, execute arbitrary code on the underlying host operating system, install applications without being authenticated, or conduct a cross-site scripting (XSS) attack against a user of the affected software. For more information about these vulnerabilities, see the Details section of this advisory."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "5.5",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:H/A:N",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-22"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20220413 Cisco IOx Application Hosting Environment Vulnerabilities",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iox-yuXQ6hFj"
},
{
"name": "https://github.com/orangecertcc/security-research/security/advisories/GHSA-q2v9-qpmg-4qc4",
"refsource": "MISC",
"url": "https://github.com/orangecertcc/security-research/security/advisories/GHSA-q2v9-qpmg-4qc4"
}
]
},
"source": {
"advisory": "cisco-sa-iox-yuXQ6hFj",
"defect": [
[
"CSCvx27640",
"CSCvy16608",
"CSCvy30903",
"CSCvy30957",
"CSCvy35913",
"CSCvy35914",
"CSCvy86583",
"CSCvy86598",
"CSCvy86602",
"CSCvy86603",
"CSCvy86604",
"CSCvy86608"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2022-20725",
"datePublished": "2022-04-15T14:21:02.732370Z",
"dateReserved": "2021-11-02T00:00:00",
"dateUpdated": "2024-11-06T16:23:50.620Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-20196 (GCVE-0-2025-20196)
Vulnerability from cvelistv5
Published
2025-05-07 17:38
Modified
2025-05-07 19:42
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-307 - Improper Restriction of Excessive Authentication Attempts
Summary
A vulnerability in the Cisco IOx application hosting environment of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause the Cisco IOx application hosting environment to stop responding, resulting in a denial of service (DoS) condition.
This vulnerability is due to the improper handling of HTTP requests. An attacker could exploit this vulnerability by sending crafted HTTP requests to an affected device. A successful exploit could allow the attacker to cause the Cisco IOx application hosting environment to stop responding. The IOx process will need to be manually restarted to recover services.
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ► | Cisco | IOS |
Version: N/A |
||||||
|
|||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-20196",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-07T18:56:57.040572Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-05-07T19:42:21.616Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "IOS",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "N/A"
}
]
},
{
"product": "Cisco IOS XE Software",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "16.1.1"
},
{
"status": "affected",
"version": "16.1.2"
},
{
"status": "affected",
"version": "16.1.3"
},
{
"status": "affected",
"version": "16.2.1"
},
{
"status": "affected",
"version": "16.2.2"
},
{
"status": "affected",
"version": "16.3.1"
},
{
"status": "affected",
"version": "16.3.2"
},
{
"status": "affected",
"version": "16.3.3"
},
{
"status": "affected",
"version": "16.3.1a"
},
{
"status": "affected",
"version": "16.3.4"
},
{
"status": "affected",
"version": "16.3.5"
},
{
"status": "affected",
"version": "16.3.5b"
},
{
"status": "affected",
"version": "16.3.6"
},
{
"status": "affected",
"version": "16.3.7"
},
{
"status": "affected",
"version": "16.3.8"
},
{
"status": "affected",
"version": "16.3.9"
},
{
"status": "affected",
"version": "16.3.10"
},
{
"status": "affected",
"version": "16.3.11"
},
{
"status": "affected",
"version": "16.4.1"
},
{
"status": "affected",
"version": "16.4.2"
},
{
"status": "affected",
"version": "16.4.3"
},
{
"status": "affected",
"version": "16.5.1"
},
{
"status": "affected",
"version": "16.5.1a"
},
{
"status": "affected",
"version": "16.5.1b"
},
{
"status": "affected",
"version": "16.5.2"
},
{
"status": "affected",
"version": "16.5.3"
},
{
"status": "affected",
"version": "17.1.1"
},
{
"status": "affected",
"version": "17.1.1a"
},
{
"status": "affected",
"version": "17.1.1s"
},
{
"status": "affected",
"version": "17.1.1t"
},
{
"status": "affected",
"version": "17.1.3"
},
{
"status": "affected",
"version": "17.2.1"
},
{
"status": "affected",
"version": "17.2.1r"
},
{
"status": "affected",
"version": "17.2.1a"
},
{
"status": "affected",
"version": "17.2.1v"
},
{
"status": "affected",
"version": "17.2.2"
},
{
"status": "affected",
"version": "17.2.3"
},
{
"status": "affected",
"version": "17.3.1"
},
{
"status": "affected",
"version": "17.3.2"
},
{
"status": "affected",
"version": "17.3.3"
},
{
"status": "affected",
"version": "17.3.1a"
},
{
"status": "affected",
"version": "17.3.1w"
},
{
"status": "affected",
"version": "17.3.2a"
},
{
"status": "affected",
"version": "17.3.1x"
},
{
"status": "affected",
"version": "17.3.1z"
},
{
"status": "affected",
"version": "17.3.4"
},
{
"status": "affected",
"version": "17.3.5"
},
{
"status": "affected",
"version": "17.3.4a"
},
{
"status": "affected",
"version": "17.3.6"
},
{
"status": "affected",
"version": "17.3.4b"
},
{
"status": "affected",
"version": "17.3.4c"
},
{
"status": "affected",
"version": "17.3.5a"
},
{
"status": "affected",
"version": "17.3.5b"
},
{
"status": "affected",
"version": "17.3.7"
},
{
"status": "affected",
"version": "17.3.8"
},
{
"status": "affected",
"version": "17.3.8a"
},
{
"status": "affected",
"version": "17.4.1"
},
{
"status": "affected",
"version": "17.4.2"
},
{
"status": "affected",
"version": "17.4.1a"
},
{
"status": "affected",
"version": "17.4.1b"
},
{
"status": "affected",
"version": "17.4.2a"
},
{
"status": "affected",
"version": "17.5.1"
},
{
"status": "affected",
"version": "17.5.1a"
},
{
"status": "affected",
"version": "17.6.1"
},
{
"status": "affected",
"version": "17.6.2"
},
{
"status": "affected",
"version": "17.6.1w"
},
{
"status": "affected",
"version": "17.6.1a"
},
{
"status": "affected",
"version": "17.6.1x"
},
{
"status": "affected",
"version": "17.6.3"
},
{
"status": "affected",
"version": "17.6.1y"
},
{
"status": "affected",
"version": "17.6.1z"
},
{
"status": "affected",
"version": "17.6.3a"
},
{
"status": "affected",
"version": "17.6.4"
},
{
"status": "affected",
"version": "17.6.1z1"
},
{
"status": "affected",
"version": "17.6.5"
},
{
"status": "affected",
"version": "17.6.6"
},
{
"status": "affected",
"version": "17.6.6a"
},
{
"status": "affected",
"version": "17.6.5a"
},
{
"status": "affected",
"version": "17.6.7"
},
{
"status": "affected",
"version": "17.6.8"
},
{
"status": "affected",
"version": "17.6.8a"
},
{
"status": "affected",
"version": "17.7.1"
},
{
"status": "affected",
"version": "17.7.1a"
},
{
"status": "affected",
"version": "17.7.1b"
},
{
"status": "affected",
"version": "17.7.2"
},
{
"status": "affected",
"version": "17.10.1"
},
{
"status": "affected",
"version": "17.10.1a"
},
{
"status": "affected",
"version": "17.10.1b"
},
{
"status": "affected",
"version": "17.8.1"
},
{
"status": "affected",
"version": "17.8.1a"
},
{
"status": "affected",
"version": "17.9.1"
},
{
"status": "affected",
"version": "17.9.1w"
},
{
"status": "affected",
"version": "17.9.2"
},
{
"status": "affected",
"version": "17.9.1a"
},
{
"status": "affected",
"version": "17.9.1x"
},
{
"status": "affected",
"version": "17.9.1y"
},
{
"status": "affected",
"version": "17.9.3"
},
{
"status": "affected",
"version": "17.9.2a"
},
{
"status": "affected",
"version": "17.9.1x1"
},
{
"status": "affected",
"version": "17.9.3a"
},
{
"status": "affected",
"version": "17.9.4"
},
{
"status": "affected",
"version": "17.9.1y1"
},
{
"status": "affected",
"version": "17.9.5"
},
{
"status": "affected",
"version": "17.9.4a"
},
{
"status": "affected",
"version": "17.9.5a"
},
{
"status": "affected",
"version": "17.9.5b"
},
{
"status": "affected",
"version": "17.9.6"
},
{
"status": "affected",
"version": "17.9.6a"
},
{
"status": "affected",
"version": "17.9.5e"
},
{
"status": "affected",
"version": "17.9.5f"
},
{
"status": "affected",
"version": "17.11.1"
},
{
"status": "affected",
"version": "17.11.1a"
},
{
"status": "affected",
"version": "17.12.1"
},
{
"status": "affected",
"version": "17.12.1w"
},
{
"status": "affected",
"version": "17.12.1a"
},
{
"status": "affected",
"version": "17.12.1x"
},
{
"status": "affected",
"version": "17.12.2"
},
{
"status": "affected",
"version": "17.12.3"
},
{
"status": "affected",
"version": "17.12.2a"
},
{
"status": "affected",
"version": "17.12.1y"
},
{
"status": "affected",
"version": "17.12.1z"
},
{
"status": "affected",
"version": "17.12.4"
},
{
"status": "affected",
"version": "17.12.3a"
},
{
"status": "affected",
"version": "17.12.1z1"
},
{
"status": "affected",
"version": "17.12.1z2"
},
{
"status": "affected",
"version": "17.12.4a"
},
{
"status": "affected",
"version": "17.12.4b"
},
{
"status": "affected",
"version": "17.12.1z4"
},
{
"status": "affected",
"version": "17.13.1"
},
{
"status": "affected",
"version": "17.13.1a"
},
{
"status": "affected",
"version": "17.14.1"
},
{
"status": "affected",
"version": "17.14.1a"
},
{
"status": "affected",
"version": "17.11.99SW"
},
{
"status": "affected",
"version": "17.15.2"
},
{
"status": "affected",
"version": "17.15.2c"
},
{
"status": "affected",
"version": "17.15.2a"
},
{
"status": "affected",
"version": "17.15.2b"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the Cisco IOx application hosting environment of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause the Cisco IOx application hosting environment to stop responding, resulting in a denial of service (DoS) condition.\r\n\r This vulnerability is due to the improper handling of HTTP requests. An attacker could exploit this vulnerability by sending crafted HTTP requests to an affected device. A successful exploit could allow the attacker to cause the Cisco IOx application hosting environment to stop responding. The IOx process will need to be manually restarted to recover services."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-307",
"description": "Improper Restriction of Excessive Authentication Attempts",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-07T17:38:10.585Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-iox-dos-95Fqnf7b",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iox-dos-95Fqnf7b"
}
],
"source": {
"advisory": "cisco-sa-iox-dos-95Fqnf7b",
"defects": [
"CSCwj81278"
],
"discovery": "INTERNAL"
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2025-20196",
"datePublished": "2025-05-07T17:38:10.585Z",
"dateReserved": "2024-10-10T19:15:13.227Z",
"dateUpdated": "2025-05-07T19:42:21.616Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}