VDB
GCVE-VVD-NCSC-2025-146
GCVE-VVD-NCSC-2025-146
Advisory PublishedCVSS 4.7/10
Cisco heeft kwetsbaarheden verholpen in Cisco IOS XE Software.
Weaknesses (CWE)
CWE-284Improper Access ControlCWE-789Memory Allocation with Excessive Size ValueCWE-20Improper Input ValidationCWE-400Uncontrolled Resource ConsumptionCWE-347Improper Verification of Cryptographic SignatureCWE-787Out-of-bounds WriteCWE-78Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')CWE-798Use of Hard-coded CredentialsCWE-762Mismatched Memory Management RoutinesCWE-232Improper Handling of Undefined ValuesCWE-805Buffer Access with Incorrect Length Value
Risk Scores
CVSS 3.1
4.7/10
Medium · CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N
Affected Products
| Vendor | Product | Versions | Platforms |
|---|---|---|---|
| Cisco | vers:cisco/3.16.5bs | — | — |
| Cisco | vers:cisco/3.16.2bs | — | — |
| Cisco | vers:cisco/3.16.4cs | — | — |
| Cisco | vers:cisco/3.13.9s | — | — |
| Cisco | vers:cisco/16.6.10 | — | — |
| Cisco | vers:cisco/3.16.1as | — | — |
| Cisco | vers:cisco/16.12.9 | — | — |
| Cisco | vers:cisco/3.16.8s | — | — |
| Cisco | vers:cisco/3.16.3s | — | — |
| Cisco | vers:cisco/16.8.3 | — | — |
| Cisco | vers:cisco/3.11.9e | — | — |
| Cisco | vers:cisco/16.4.3 | — | — |
| Cisco | vers:cisco/3.16.1s | — | — |
| Cisco | vers:cisco/3.16.6s | — | — |
| Cisco | vers:cisco/16.5.3 | — | — |
| Cisco | vers:cisco/3.12.4s | — | — |
| Cisco | vers:cisco/3.16.4s | — | — |
| Cisco | vers:cisco/3.16.5as | — | — |
| Cisco | vers:cisco/3.14.4s | — | — |
| Cisco | vers:cisco/16.11.2 | — | — |
| Cisco | vers:cisco/3.16.5s | — | — |
| Cisco | vers:cisco/3.16.10s | — | — |
| Cisco | vers:cisco/3.16.2as | — | — |
| Cisco | vers:cisco/16.2.2 | — | — |
| Cisco | vers:cisco/3.16.7as | — | — |
| Cisco | vers:cisco/3.16.4gs | — | — |
| Cisco | vers:cisco/3.16.4as | — | — |
| Cisco | vers:cisco/3.15.4s | — | — |
| Cisco | vers:cisco/3.16.2s | — | — |
| Cisco | vers:cisco/3.16.10bs | — | — |
| Cisco | vers:cisco/3.16.9s | — | — |
| Cisco | vers:cisco/16.1.3 | — | — |
| Cisco | vers:cisco/3.16.7s | — | — |
| Cisco | vers:cisco/3.16.3as | — | — |
| Cisco | vers:cisco/3.16.4es | — | — |
| Cisco | vers:cisco/3.16.4ds | — | — |
| Cisco | vers:cisco/3.16.6bs | — | — |
| Cisco | vers:cisco/16.10.3 | — | — |
| Cisco | vers:cisco/3.16.7bs | — | — |
| Cisco | vers:cisco/3.16.4bs | — | — |
| Cisco | vers:cisco/3.10.9s | — | — |
| Cisco | vers:cisco/16.3.11 | — | — |
Aliases
CVE-2025-20137CVE-2025-20182CVE-2025-20162CVE-2025-20188CVE-2025-20186CVE-2025-20189CVE-2025-20140CVE-2025-20202CVE-2025-20192CVE-2025-20154CVE-2025-20194CVE-2025-20181CVE-2025-20190
Transitive aliases
NCSC-2025-0146BDU:2025-10331WID-SEC-W-2025-0977GHSA-rwj7-gqqr-3hm7cisco-sa-iosxe-privesc-su7scvdpcisco-sa-sisf-dos-ZGwt4DdYcisco-sa-dnac-api-nBPZcJCMCVE-2025-20193GHSA-x37r-wqwh-97qmBDU:2025-10325CISCO-SA-WEBUI-MULTI-ARNHM4V6GHSA-fwqm-27rg-83qhGHSA-p3qm-wvjx-4jgfGHSA-cxrm-7jrj-hp84GHSA-4c6g-3rgr-jvfhCISCO-SA-IOS-HTTP-PRIVESC-WCRD5E3GHSA-95h6-vgwg-qcqcBDU:2025-10336CNVD-2025-11550BDU:2025-10324CISCO-SA-IOX-DOS-95FQNF7BGHSA-3grg-fvvv-2qrmCISCO-SA-IPSGACL-PG6QFZKCISCO-SA-WLC-WNCD-P6GVT6HLWID-SEC-W-2025-0979CISCO-SA-ASR903-RSP3-ARP-DOS-WMFZDVJZCISCO-SA-DNAC-API-NBPZCJCMCVE-2025-20195CVE-2025-20216CNVD-2025-15478WID-SEC-W-2025-0970CVE-2025-20214BDU:2025-10335CISCO-SA-VMANAGE-XSS-XHN8M5JTcisco-sa-catalyst-tls-PqnD5KEJCISCO-SA-SDWANARBFILE-2ZKHKZWJCISCO-SA-VMANAGE-HTML-INJ-GXVTK6ZJcisco-sa-catc-insec-acc-mtt8EhEbGHSA-mqph-g74f-5j5fcisco-sa-iox-dos-95Fqnf7bWID-SEC-W-2025-0972cisco-sa-twamp-kV4FHugnWID-SEC-W-2025-0968GHSA-489q-h7v6-2626cisco-sa-netconf-nacm-bypass-TGZV9pmQBDU:2025-10319CVE-2025-20122BDU:2025-05297GHSA-q4xx-mxw3-33fmGHSA-4f7p-398v-2rw7CISCO-SA-CATALYST-TLS-PQND5KEJWID-SEC-W-2025-0971CISCO-SA-EWLC-USER-DEL-HQXMPUDJcisco-sa-ewlc-cdp-dos-fpeks9KBDU:2025-10323GHSA-rxxw-x8j3-4f4fCVE-2025-20223CVE-2025-20197cisco-sa-webui-cmdinj-gVn3OKNCcisco-sa-iosxe-ikev1-dos-XHk3HzFCCISCO-SA-SDWAN-PRIVIESC-WCK7BMMTGHSA-cp9m-fgrv-j66xcisco-sa-bootstrap-KfgxYgdhGHSA-v76p-4wxx-wrpqCISCO-SA-NETCONF-NACM-BYPASS-TGZV9PMQGHSA-349j-r63j-r5g7GHSA-vq58-8wp2-wc83cisco-sa-sdwanarbfile-2zKhKZwJGHSA-7fcv-r33w-mf96CVE-2025-20191CISCO-SA-IOSXE-PRIVESC-SU7SCVDPCVE-2025-20155CISCO-SA-IOSXE-DHCPSN-DOS-XBN8MTKScisco-sa-multiprod-ikev2-dos-gPctUqv2GHSA-gjc9-7q7f-25qwWID-SEC-W-2025-0965CVE-2025-20201CISCO-SA-SISF-DOS-ZGWT4DDYCVE-2025-20213CVE-2025-20198cisco-sa-iosxe-dhcpsn-dos-xBn8MtksWID-SEC-W-2025-0973GHSA-5jcx-7jcf-9fw2BDU:2025-10327GHSA-pxp6-97q7-w6wmCISCO-SA-TWAMP-KV4FHUGNWID-SEC-W-2025-0980cisco-sa-asr903-rsp3-arp-dos-WmfzdvJZBDU:2025-10329cisco-sa-ipsgacl-pg6qfZkBDU:2025-10328BDU:2025-10332GHSA-gv7m-f47c-w86qBDU:2025-10334BDU:2025-10330CVE-2025-20147CVE-2025-20157cisco-sa-c2960-3560-sboot-ZtqADrHqCISCO-SA-MULTIPROD-IKEV2-DOS-GPCTUQV2CISCO-SA-BOOTSTRAP-KFGXYGDHcisco-sa-vmanage-xss-xhN8M5jtCVE-2025-20164cisco-sa-wlc-file-uplpd-rHZG9UfCGHSA-vx24-6mq3-c5cqcisco-sa-wlc-wncd-p6Gvt6HLCISCO-SA-C2960-3560-SBOOT-ZTQADRHQCISCO-SA-IOSXE-IKEV1-DOS-XHK3HZFCcisco-sa-webui-multi-ARNHM4v6cisco-sa-ios-http-privesc-wCRd5e3CVE-2025-20187CVE-2025-20210WID-SEC-W-2025-0963GHSA-mmr9-p6pg-2mp3cisco-sa-sdwan-fileoverwrite-Uc9tXWHGHSA-8w25-4r69-mq7pGHSA-fv9x-wjcx-9cgmBDU:2025-05710BDU:2025-10321CVE-2025-20200CISCO-SA-WEBUI-CMDINJ-GVN3OKNCGHSA-qxqg-ggrj-3mjfWID-SEC-W-2025-0974cisco-sa-vmanage-html-inj-GxVtK6zjBDU:2025-10322BDU:2025-10333GHSA-cxc6-3424-fr63CISCO-SA-CATC-INSEC-ACC-MTT8EHEBGHSA-hvxf-w5xq-9cvgWID-SEC-W-2025-0969BDU:2025-10320BDU:2025-08246cisco-sa-sdwan-priviesc-WCk7bmmtCISCO-SA-SDWAN-FILEOVERWRITE-UC9TXWHGHSA-2h9x-xhwj-wr94CISCO-SA-WLC-FILE-UPLPD-RHZG9UFCCVE-2025-20196CVE-2025-20199GHSA-p84x-683q-c49jGHSA-ffcc-cqg6-6f7vBDU:2025-10326GHSA-f6m6-q8c2-48mmcisco-sa-ewlc-user-del-hQxMpUDjCISCO-SA-EWLC-CDP-DOS-FPEKS9K
Browse GCVE Records
100 records in the GCVE database · Updated April 16, 2026
No matching records found.
Explore Further
Investigate this vulnerability in the interactive console or download the raw GCVE record.