CVE-2025-20151

CWE-16CWE-12844 documents4 sources
Severity
4.3MEDIUM
EPSS
0.2%
top 56.32%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Cisco Cisco IOS XE Catalyst Sd-wanCisco IOS XE Sd-wan
Timeline
PublishedMay 7

Description

A vulnerability in the implementation of the Simple Network Management Protocol Version 3 (SNMPv3) feature of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacker to poll an affected device using SNMP, even if the device is configured to deny SNMP traffic from an unauthorized source or the SNMPv3 username is removed from the configuration. This vulnerability exists because of the way that the SNMPv3 configuration is stored in the Cisco IOS Software and Cisc

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:NExploitability: 2.8 | Impact: 1.4

Affected Packages2 packages

NVDcisco/ios_xe_sd-wan30 versions+29
CVEListV5cisco/cisco_ios_xe_catalyst_sd-wan30 versions+29

🔴Vulnerability Details

2
GHSA
GHSA-v3x4-26xj-qrvg: A vulnerability in the implementation of the Simple Network Management Protocol Version 3 (SNMPv3) feature of Cisco IOS Software and Cisco IOS XE Soft2025-05-07
CVEList
Cisco IOS and IOS XE Software SNMPv3 Configuration Restriction Vulnerability2025-05-07

📋Vendor Advisories

1
Cisco
Cisco IOS and IOS XE Software SNMPv3 Configuration Restriction Vulnerability2025-05-07
CVE-2025-20151 (MEDIUM CVSS 4.3) | A vulnerability in the implementati | cvebase.io