CVE-2025-20191 (GCVE-0-2025-20191)
Vulnerability from cvelistv5 – Published: 2025-05-07 17:18 – Updated: 2025-05-07 19:46
VLAI?
Summary
A vulnerability in the Switch Integrated Security Features (SISF) of Cisco IOS Software, Cisco IOS XE Software, Cisco NX-OS Software, and Cisco Wireless LAN Controller (WLC) AireOS Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device.
This vulnerability is due to the incorrect handling of DHCPv6 packets. An attacker could exploit this vulnerability by sending a crafted DHCPv6 packet to an affected device. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition.
Severity ?
7.4 (High)
CWE
- CWE-805 - Buffer Access with Incorrect Length Value
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Cisco | Cisco NX-OS Software |
Affected:
8.2(5)
Affected: 7.3(5)D1(1) Affected: 8.4(2) Affected: 8.4(3) Affected: 9.2(3) Affected: 9.2(2v) Affected: 7.3(4)D1(1) Affected: 8.2(1) Affected: 9.2(1) Affected: 9.2(2t) Affected: 9.2(3y) Affected: 7.0(3)I7(6z) Affected: 9.3(2) Affected: 7.0(3)I7(3z) Affected: 7.0(3)IM7(2) Affected: 7.0(3)I7(5a) Affected: 8.1(1) Affected: 8.2(2) Affected: 8.3(2) Affected: 7.3(2)D1(3a) Affected: 9.2(4) Affected: 8.1(2) Affected: 7.3(3)D1(1) Affected: 8.2(3) Affected: 7.0(3)I7(2) Affected: 7.0(3)I7(3) Affected: 8.4(1) Affected: 7.3(0)DX(1) Affected: 7.3(2)D1(1) Affected: 9.3(1) Affected: 7.0(3)I7(6) Affected: 7.3(2)D1(2) Affected: 8.2(4) Affected: 7.0(3)I7(4) Affected: 7.0(3)I7(7) Affected: 9.3(1z) Affected: 9.2(2) Affected: 8.1(2a) Affected: 7.3(2)D1(3) Affected: 7.0(3)I7(5) Affected: 7.0(3)I7(1) Affected: 7.0(3)IA7(2) Affected: 7.0(3)IA7(1) Affected: 8.3(1) Affected: 7.3(1)D1(1) Affected: 7.3(0)D1(1) Affected: 9.3(3) Affected: 7.3(2)D1(1d) Affected: 7.0(3)I7(8) Affected: 9.3(4) Affected: 7.3(6)D1(1) Affected: 8.2(6) Affected: 9.3(5) Affected: 7.0(3)I7(9) Affected: 9.3(6) Affected: 10.1(2) Affected: 10.1(1) Affected: 8.4(4) Affected: 7.3(7)D1(1) Affected: 9.3(5w) Affected: 8.2(7) Affected: 9.3(7) Affected: 9.3(7k) Affected: 7.0(3)I7(9w) Affected: 10.2(1) Affected: 7.3(8)D1(1) Affected: 9.3(7a) Affected: 8.2(7a) Affected: 9.3(8) Affected: 8.4(4a) Affected: 8.4(5) Affected: 7.0(3)I7(10) Affected: 8.2(8) Affected: 10.2(1q) Affected: 10.2(2) Affected: 9.3(9) Affected: 10.1(2t) Affected: 7.3(9)D1(1) Affected: 10.2(3) Affected: 8.4(6) Affected: 10.2(3t) Affected: 9.3(10) Affected: 10.2(2a) Affected: 8.2(9) Affected: 10.3(1) Affected: 10.2(4) Affected: 8.4(7) Affected: 10.3(2) Affected: 8.4(6a) Affected: 9.3(11) Affected: 10.3(3) Affected: 10.2(5) Affected: 8.2(10) Affected: 9.3(12) Affected: 10.2(3v) Affected: 10.4(1) Affected: 8.4(8) Affected: 10.3(99w) Affected: 10.2(6) Affected: 10.3(3w) Affected: 10.3(99x) Affected: 10.3(3o) Affected: 8.4(9) Affected: 10.3(4) Affected: 10.3(3p) Affected: 10.3(4a) Affected: 10.4(2) Affected: 10.3(3q) Affected: 9.3(13) Affected: 8.2(11) Affected: 10.3(5) Affected: 10.2(7) Affected: 10.4(3) Affected: 10.3(3x) Affected: 10.3(4g) Affected: 10.2(8) Affected: 10.3(3r) Affected: 9.3(14) Affected: 10.3(4h) |
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-20191",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-07T18:56:29.479638Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-05-07T19:46:53.825Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Cisco NX-OS Software",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "8.2(5)"
},
{
"status": "affected",
"version": "7.3(5)D1(1)"
},
{
"status": "affected",
"version": "8.4(2)"
},
{
"status": "affected",
"version": "8.4(3)"
},
{
"status": "affected",
"version": "9.2(3)"
},
{
"status": "affected",
"version": "9.2(2v)"
},
{
"status": "affected",
"version": "7.3(4)D1(1)"
},
{
"status": "affected",
"version": "8.2(1)"
},
{
"status": "affected",
"version": "9.2(1)"
},
{
"status": "affected",
"version": "9.2(2t)"
},
{
"status": "affected",
"version": "9.2(3y)"
},
{
"status": "affected",
"version": "7.0(3)I7(6z)"
},
{
"status": "affected",
"version": "9.3(2)"
},
{
"status": "affected",
"version": "7.0(3)I7(3z)"
},
{
"status": "affected",
"version": "7.0(3)IM7(2)"
},
{
"status": "affected",
"version": "7.0(3)I7(5a)"
},
{
"status": "affected",
"version": "8.1(1)"
},
{
"status": "affected",
"version": "8.2(2)"
},
{
"status": "affected",
"version": "8.3(2)"
},
{
"status": "affected",
"version": "7.3(2)D1(3a)"
},
{
"status": "affected",
"version": "9.2(4)"
},
{
"status": "affected",
"version": "8.1(2)"
},
{
"status": "affected",
"version": "7.3(3)D1(1)"
},
{
"status": "affected",
"version": "8.2(3)"
},
{
"status": "affected",
"version": "7.0(3)I7(2)"
},
{
"status": "affected",
"version": "7.0(3)I7(3)"
},
{
"status": "affected",
"version": "8.4(1)"
},
{
"status": "affected",
"version": "7.3(0)DX(1)"
},
{
"status": "affected",
"version": "7.3(2)D1(1)"
},
{
"status": "affected",
"version": "9.3(1)"
},
{
"status": "affected",
"version": "7.0(3)I7(6)"
},
{
"status": "affected",
"version": "7.3(2)D1(2)"
},
{
"status": "affected",
"version": "8.2(4)"
},
{
"status": "affected",
"version": "7.0(3)I7(4)"
},
{
"status": "affected",
"version": "7.0(3)I7(7)"
},
{
"status": "affected",
"version": "9.3(1z)"
},
{
"status": "affected",
"version": "9.2(2)"
},
{
"status": "affected",
"version": "8.1(2a)"
},
{
"status": "affected",
"version": "7.3(2)D1(3)"
},
{
"status": "affected",
"version": "7.0(3)I7(5)"
},
{
"status": "affected",
"version": "7.0(3)I7(1)"
},
{
"status": "affected",
"version": "7.0(3)IA7(2)"
},
{
"status": "affected",
"version": "7.0(3)IA7(1)"
},
{
"status": "affected",
"version": "8.3(1)"
},
{
"status": "affected",
"version": "7.3(1)D1(1)"
},
{
"status": "affected",
"version": "7.3(0)D1(1)"
},
{
"status": "affected",
"version": "9.3(3)"
},
{
"status": "affected",
"version": "7.3(2)D1(1d)"
},
{
"status": "affected",
"version": "7.0(3)I7(8)"
},
{
"status": "affected",
"version": "9.3(4)"
},
{
"status": "affected",
"version": "7.3(6)D1(1)"
},
{
"status": "affected",
"version": "8.2(6)"
},
{
"status": "affected",
"version": "9.3(5)"
},
{
"status": "affected",
"version": "7.0(3)I7(9)"
},
{
"status": "affected",
"version": "9.3(6)"
},
{
"status": "affected",
"version": "10.1(2)"
},
{
"status": "affected",
"version": "10.1(1)"
},
{
"status": "affected",
"version": "8.4(4)"
},
{
"status": "affected",
"version": "7.3(7)D1(1)"
},
{
"status": "affected",
"version": "9.3(5w)"
},
{
"status": "affected",
"version": "8.2(7)"
},
{
"status": "affected",
"version": "9.3(7)"
},
{
"status": "affected",
"version": "9.3(7k)"
},
{
"status": "affected",
"version": "7.0(3)I7(9w)"
},
{
"status": "affected",
"version": "10.2(1)"
},
{
"status": "affected",
"version": "7.3(8)D1(1)"
},
{
"status": "affected",
"version": "9.3(7a)"
},
{
"status": "affected",
"version": "8.2(7a)"
},
{
"status": "affected",
"version": "9.3(8)"
},
{
"status": "affected",
"version": "8.4(4a)"
},
{
"status": "affected",
"version": "8.4(5)"
},
{
"status": "affected",
"version": "7.0(3)I7(10)"
},
{
"status": "affected",
"version": "8.2(8)"
},
{
"status": "affected",
"version": "10.2(1q)"
},
{
"status": "affected",
"version": "10.2(2)"
},
{
"status": "affected",
"version": "9.3(9)"
},
{
"status": "affected",
"version": "10.1(2t)"
},
{
"status": "affected",
"version": "7.3(9)D1(1)"
},
{
"status": "affected",
"version": "10.2(3)"
},
{
"status": "affected",
"version": "8.4(6)"
},
{
"status": "affected",
"version": "10.2(3t)"
},
{
"status": "affected",
"version": "9.3(10)"
},
{
"status": "affected",
"version": "10.2(2a)"
},
{
"status": "affected",
"version": "8.2(9)"
},
{
"status": "affected",
"version": "10.3(1)"
},
{
"status": "affected",
"version": "10.2(4)"
},
{
"status": "affected",
"version": "8.4(7)"
},
{
"status": "affected",
"version": "10.3(2)"
},
{
"status": "affected",
"version": "8.4(6a)"
},
{
"status": "affected",
"version": "9.3(11)"
},
{
"status": "affected",
"version": "10.3(3)"
},
{
"status": "affected",
"version": "10.2(5)"
},
{
"status": "affected",
"version": "8.2(10)"
},
{
"status": "affected",
"version": "9.3(12)"
},
{
"status": "affected",
"version": "10.2(3v)"
},
{
"status": "affected",
"version": "10.4(1)"
},
{
"status": "affected",
"version": "8.4(8)"
},
{
"status": "affected",
"version": "10.3(99w)"
},
{
"status": "affected",
"version": "10.2(6)"
},
{
"status": "affected",
"version": "10.3(3w)"
},
{
"status": "affected",
"version": "10.3(99x)"
},
{
"status": "affected",
"version": "10.3(3o)"
},
{
"status": "affected",
"version": "8.4(9)"
},
{
"status": "affected",
"version": "10.3(4)"
},
{
"status": "affected",
"version": "10.3(3p)"
},
{
"status": "affected",
"version": "10.3(4a)"
},
{
"status": "affected",
"version": "10.4(2)"
},
{
"status": "affected",
"version": "10.3(3q)"
},
{
"status": "affected",
"version": "9.3(13)"
},
{
"status": "affected",
"version": "8.2(11)"
},
{
"status": "affected",
"version": "10.3(5)"
},
{
"status": "affected",
"version": "10.2(7)"
},
{
"status": "affected",
"version": "10.4(3)"
},
{
"status": "affected",
"version": "10.3(3x)"
},
{
"status": "affected",
"version": "10.3(4g)"
},
{
"status": "affected",
"version": "10.2(8)"
},
{
"status": "affected",
"version": "10.3(3r)"
},
{
"status": "affected",
"version": "9.3(14)"
},
{
"status": "affected",
"version": "10.3(4h)"
}
]
},
{
"defaultStatus": "unknown",
"product": "Cisco Wireless LAN Controller (WLC)",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "8.10.112.0"
},
{
"status": "affected",
"version": "8.8.120.0"
},
{
"status": "affected",
"version": "8.3.143.0"
},
{
"status": "affected",
"version": "8.3.111.0"
},
{
"status": "affected",
"version": "8.2.164.0"
},
{
"status": "affected",
"version": "8.5.109.0"
},
{
"status": "affected",
"version": "8.3.132.0"
},
{
"status": "affected",
"version": "8.5.105.0"
},
{
"status": "affected",
"version": "8.2.170.0"
},
{
"status": "affected",
"version": "8.2.160.0"
},
{
"status": "affected",
"version": "8.8.100.0"
},
{
"status": "affected",
"version": "8.9.111.0"
},
{
"status": "affected",
"version": "8.7.102.0"
},
{
"status": "affected",
"version": "8.3.102.0"
},
{
"status": "affected",
"version": "8.3.133.0"
},
{
"status": "affected",
"version": "8.3.131.0"
},
{
"status": "affected",
"version": "8.5.100.0"
},
{
"status": "affected",
"version": "8.5.131.0"
},
{
"status": "affected",
"version": "8.3.122.0"
},
{
"status": "affected",
"version": "8.5.101.0"
},
{
"status": "affected",
"version": "8.3.112.0"
},
{
"status": "affected",
"version": "8.5.120.0"
},
{
"status": "affected",
"version": "8.2.141.0"
},
{
"status": "affected",
"version": "8.3.141.0"
},
{
"status": "affected",
"version": "8.3.121.0"
},
{
"status": "affected",
"version": "8.2.151.0"
},
{
"status": "affected",
"version": "8.3.130.0"
},
{
"status": "affected",
"version": "8.5.102.0"
},
{
"status": "affected",
"version": "8.2.161.0"
},
{
"status": "affected",
"version": "8.5.151.0"
},
{
"status": "affected",
"version": "8.2.100.0"
},
{
"status": "affected",
"version": "8.5.135.0"
},
{
"status": "affected",
"version": "8.3.135.0"
},
{
"status": "affected",
"version": "8.5.140.0"
},
{
"status": "affected",
"version": "8.7.106.0"
},
{
"status": "affected",
"version": "8.9.100.0"
},
{
"status": "affected",
"version": "8.8.111.0"
},
{
"status": "affected",
"version": "8.2.110.0"
},
{
"status": "affected",
"version": "8.5.110.0"
},
{
"status": "affected",
"version": "8.2.130.0"
},
{
"status": "affected",
"version": "8.5.141.105"
},
{
"status": "affected",
"version": "8.2.121.0"
},
{
"status": "affected",
"version": "8.8.125.0"
},
{
"status": "affected",
"version": "8.3.150.0"
},
{
"status": "affected",
"version": "8.2.111.0"
},
{
"status": "affected",
"version": "8.10.105.0"
},
{
"status": "affected",
"version": "8.5.108.0"
},
{
"status": "affected",
"version": "8.3.108.0"
},
{
"status": "affected",
"version": "8.2.166.0"
},
{
"status": "affected",
"version": "8.5.103.0"
},
{
"status": "affected",
"version": "8.3.140.0"
},
{
"status": "affected",
"version": "8.6.101.0"
},
{
"status": "affected",
"version": "8.4.100.0"
},
{
"status": "affected",
"version": "8.5.160.0"
},
{
"status": "affected",
"version": "8.5.161.0"
},
{
"status": "affected",
"version": "8.8.130.0"
},
{
"status": "affected",
"version": "8.10.120.0"
},
{
"status": "affected",
"version": "8.10.121.0"
},
{
"status": "affected",
"version": "8.10.113.0"
},
{
"status": "affected",
"version": "8.10.122.0"
},
{
"status": "affected",
"version": "8.10.130.0"
},
{
"status": "affected",
"version": "8.10.141.0"
},
{
"status": "affected",
"version": "8.10.142.0"
},
{
"status": "affected",
"version": "8.5.171.0"
},
{
"status": "affected",
"version": "8.10.150.0"
},
{
"status": "affected",
"version": "8.10.151.0"
},
{
"status": "affected",
"version": "8.10.162.0"
},
{
"status": "affected",
"version": "8.5.182.0"
},
{
"status": "affected",
"version": "8.10.171.0"
},
{
"status": "affected",
"version": "8.10.180.0"
},
{
"status": "affected",
"version": "8.10.181.0"
},
{
"status": "affected",
"version": "8.10.182.0"
},
{
"status": "affected",
"version": "8.10.170.0"
},
{
"status": "affected",
"version": "8.10.183.0"
},
{
"status": "affected",
"version": "8.5.182.7"
},
{
"status": "affected",
"version": "8.5.182.105"
},
{
"status": "affected",
"version": "8.5.182.106"
},
{
"status": "affected",
"version": "8.10.185.0"
},
{
"status": "affected",
"version": "8.5.182.107"
},
{
"status": "affected",
"version": "8.5.182.11"
},
{
"status": "affected",
"version": "8.5.182.108"
},
{
"status": "affected",
"version": "8.10.190.0"
},
{
"status": "affected",
"version": "8.10.195.0"
},
{
"status": "affected",
"version": "8.5.182.12"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the Switch Integrated Security Features (SISF) of Cisco IOS Software, Cisco IOS XE Software, Cisco NX-OS Software, and Cisco Wireless LAN Controller (WLC) AireOS Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device.\r\n\r\nThis vulnerability is due to the incorrect handling of DHCPv6 packets. An attacker could exploit this vulnerability by sending a crafted DHCPv6 packet to an affected device. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-805",
"description": "Buffer Access with Incorrect Length Value",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-07T17:18:35.677Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-sisf-dos-ZGwt4DdY",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sisf-dos-ZGwt4DdY"
}
],
"source": {
"advisory": "cisco-sa-sisf-dos-ZGwt4DdY",
"defects": [
"CSCvq14413"
],
"discovery": "EXTERNAL"
},
"title": "Multiple Cisco Products Denial of Service Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2025-20191",
"datePublished": "2025-05-07T17:18:35.677Z",
"dateReserved": "2024-10-10T19:15:13.226Z",
"dateUpdated": "2025-05-07T19:46:53.825Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2025-20191\",\"sourceIdentifier\":\"psirt@cisco.com\",\"published\":\"2025-05-07T18:15:39.110\",\"lastModified\":\"2025-05-08T14:39:09.683\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A vulnerability in the Switch Integrated Security Features (SISF) of Cisco IOS Software, Cisco IOS XE Software, Cisco NX-OS Software, and Cisco Wireless LAN Controller (WLC) AireOS Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device.\\r\\n\\r\\nThis vulnerability is due to the incorrect handling of DHCPv6 packets. An attacker could exploit this vulnerability by sending a crafted DHCPv6 packet to an affected device. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition.\"},{\"lang\":\"es\",\"value\":\"Una vulnerabilidad en las Funciones de Seguridad Integradas del Switch (SISF) de Cisco IOS Software, Cisco IOS XE Software, Cisco NX-OS Software y Cisco Wireless LAN Controller (WLC) AireOS Software podr\u00eda permitir que un atacante adyacente no autenticado provoque una denegaci\u00f3n de servicio (DoS) en un dispositivo afectado. Esta vulnerabilidad se debe al manejo incorrecto de paquetes DHCPv6. Un atacante podr\u00eda explotar esta vulnerabilidad enviando un paquete DHCPv6 manipulado a un dispositivo afectado. Si se explota con \u00e9xito, el atacante podr\u00eda provocar la recarga del dispositivo, lo que provocar\u00eda una denegaci\u00f3n de servicio (DoS).\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"psirt@cisco.com\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H\",\"baseScore\":7.4,\"baseSeverity\":\"HIGH\",\"attackVector\":\"ADJACENT_NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.8,\"impactScore\":4.0}]},\"weaknesses\":[{\"source\":\"psirt@cisco.com\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-805\"}]}],\"references\":[{\"url\":\"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sisf-dos-ZGwt4DdY\",\"source\":\"psirt@cisco.com\"}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2025-20191\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-05-07T18:56:29.479638Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-05-07T18:56:30.730Z\"}}], \"cna\": {\"title\": \"Multiple Cisco Products Denial of Service Vulnerability\", \"source\": {\"defects\": [\"CSCvq14413\"], \"advisory\": \"cisco-sa-sisf-dos-ZGwt4DdY\", \"discovery\": \"EXTERNAL\"}, \"metrics\": [{\"format\": \"cvssV3_1\", \"cvssV3_1\": {\"scope\": \"CHANGED\", \"version\": \"3.1\", \"baseScore\": 7.4, \"attackVector\": \"ADJACENT_NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"NONE\"}}], \"affected\": [{\"vendor\": \"Cisco\", \"product\": \"Cisco NX-OS Software\", \"versions\": [{\"status\": \"affected\", \"version\": \"8.2(5)\"}, {\"status\": \"affected\", \"version\": \"7.3(5)D1(1)\"}, {\"status\": \"affected\", \"version\": \"8.4(2)\"}, {\"status\": \"affected\", \"version\": \"8.4(3)\"}, {\"status\": \"affected\", \"version\": \"9.2(3)\"}, {\"status\": \"affected\", \"version\": \"9.2(2v)\"}, {\"status\": \"affected\", \"version\": \"7.3(4)D1(1)\"}, {\"status\": \"affected\", \"version\": \"8.2(1)\"}, {\"status\": \"affected\", \"version\": \"9.2(1)\"}, {\"status\": \"affected\", \"version\": \"9.2(2t)\"}, {\"status\": \"affected\", \"version\": \"9.2(3y)\"}, {\"status\": \"affected\", \"version\": \"7.0(3)I7(6z)\"}, {\"status\": \"affected\", \"version\": \"9.3(2)\"}, {\"status\": \"affected\", \"version\": \"7.0(3)I7(3z)\"}, {\"status\": \"affected\", \"version\": \"7.0(3)IM7(2)\"}, {\"status\": \"affected\", \"version\": \"7.0(3)I7(5a)\"}, {\"status\": \"affected\", \"version\": \"8.1(1)\"}, {\"status\": \"affected\", \"version\": \"8.2(2)\"}, {\"status\": \"affected\", \"version\": \"8.3(2)\"}, {\"status\": \"affected\", \"version\": \"7.3(2)D1(3a)\"}, {\"status\": \"affected\", \"version\": \"9.2(4)\"}, {\"status\": \"affected\", \"version\": \"8.1(2)\"}, {\"status\": \"affected\", \"version\": \"7.3(3)D1(1)\"}, {\"status\": \"affected\", \"version\": \"8.2(3)\"}, {\"status\": \"affected\", \"version\": \"7.0(3)I7(2)\"}, {\"status\": \"affected\", \"version\": \"7.0(3)I7(3)\"}, {\"status\": \"affected\", \"version\": \"8.4(1)\"}, {\"status\": \"affected\", \"version\": \"7.3(0)DX(1)\"}, {\"status\": \"affected\", \"version\": \"7.3(2)D1(1)\"}, {\"status\": \"affected\", \"version\": \"9.3(1)\"}, {\"status\": \"affected\", \"version\": \"7.0(3)I7(6)\"}, {\"status\": \"affected\", \"version\": \"7.3(2)D1(2)\"}, {\"status\": \"affected\", \"version\": \"8.2(4)\"}, {\"status\": \"affected\", \"version\": \"7.0(3)I7(4)\"}, {\"status\": \"affected\", \"version\": \"7.0(3)I7(7)\"}, {\"status\": \"affected\", \"version\": \"9.3(1z)\"}, {\"status\": \"affected\", \"version\": \"9.2(2)\"}, {\"status\": \"affected\", \"version\": \"8.1(2a)\"}, {\"status\": \"affected\", \"version\": \"7.3(2)D1(3)\"}, {\"status\": \"affected\", \"version\": \"7.0(3)I7(5)\"}, {\"status\": \"affected\", \"version\": \"7.0(3)I7(1)\"}, {\"status\": \"affected\", \"version\": \"7.0(3)IA7(2)\"}, {\"status\": \"affected\", \"version\": \"7.0(3)IA7(1)\"}, {\"status\": \"affected\", \"version\": \"8.3(1)\"}, {\"status\": \"affected\", \"version\": \"7.3(1)D1(1)\"}, {\"status\": \"affected\", \"version\": \"7.3(0)D1(1)\"}, {\"status\": \"affected\", \"version\": \"9.3(3)\"}, {\"status\": \"affected\", \"version\": \"7.3(2)D1(1d)\"}, {\"status\": \"affected\", \"version\": \"7.0(3)I7(8)\"}, {\"status\": \"affected\", \"version\": \"9.3(4)\"}, {\"status\": \"affected\", \"version\": \"7.3(6)D1(1)\"}, {\"status\": \"affected\", \"version\": \"8.2(6)\"}, {\"status\": \"affected\", \"version\": \"9.3(5)\"}, {\"status\": \"affected\", \"version\": \"7.0(3)I7(9)\"}, {\"status\": \"affected\", \"version\": \"9.3(6)\"}, {\"status\": \"affected\", \"version\": \"10.1(2)\"}, {\"status\": \"affected\", \"version\": \"10.1(1)\"}, {\"status\": \"affected\", \"version\": \"8.4(4)\"}, {\"status\": \"affected\", \"version\": \"7.3(7)D1(1)\"}, {\"status\": \"affected\", \"version\": \"9.3(5w)\"}, {\"status\": \"affected\", \"version\": \"8.2(7)\"}, {\"status\": \"affected\", \"version\": \"9.3(7)\"}, {\"status\": \"affected\", \"version\": \"9.3(7k)\"}, {\"status\": \"affected\", \"version\": \"7.0(3)I7(9w)\"}, {\"status\": \"affected\", \"version\": \"10.2(1)\"}, {\"status\": \"affected\", \"version\": \"7.3(8)D1(1)\"}, {\"status\": \"affected\", \"version\": \"9.3(7a)\"}, {\"status\": \"affected\", \"version\": \"8.2(7a)\"}, {\"status\": \"affected\", \"version\": \"9.3(8)\"}, {\"status\": \"affected\", \"version\": \"8.4(4a)\"}, {\"status\": \"affected\", \"version\": \"8.4(5)\"}, {\"status\": \"affected\", \"version\": \"7.0(3)I7(10)\"}, {\"status\": \"affected\", \"version\": \"8.2(8)\"}, {\"status\": \"affected\", \"version\": \"10.2(1q)\"}, {\"status\": \"affected\", \"version\": \"10.2(2)\"}, {\"status\": \"affected\", \"version\": \"9.3(9)\"}, {\"status\": \"affected\", \"version\": \"10.1(2t)\"}, {\"status\": \"affected\", \"version\": \"7.3(9)D1(1)\"}, {\"status\": \"affected\", \"version\": \"10.2(3)\"}, {\"status\": \"affected\", \"version\": \"8.4(6)\"}, {\"status\": \"affected\", \"version\": \"10.2(3t)\"}, {\"status\": \"affected\", \"version\": \"9.3(10)\"}, {\"status\": \"affected\", \"version\": \"10.2(2a)\"}, {\"status\": \"affected\", \"version\": \"8.2(9)\"}, {\"status\": \"affected\", \"version\": \"10.3(1)\"}, {\"status\": \"affected\", \"version\": \"10.2(4)\"}, {\"status\": \"affected\", \"version\": \"8.4(7)\"}, {\"status\": \"affected\", \"version\": \"10.3(2)\"}, {\"status\": \"affected\", \"version\": \"8.4(6a)\"}, {\"status\": \"affected\", \"version\": \"9.3(11)\"}, {\"status\": \"affected\", \"version\": \"10.3(3)\"}, {\"status\": \"affected\", \"version\": \"10.2(5)\"}, {\"status\": \"affected\", \"version\": \"8.2(10)\"}, {\"status\": \"affected\", \"version\": \"9.3(12)\"}, {\"status\": \"affected\", \"version\": \"10.2(3v)\"}, {\"status\": \"affected\", \"version\": \"10.4(1)\"}, {\"status\": \"affected\", \"version\": \"8.4(8)\"}, {\"status\": \"affected\", \"version\": \"10.3(99w)\"}, {\"status\": \"affected\", \"version\": \"10.2(6)\"}, {\"status\": \"affected\", \"version\": \"10.3(3w)\"}, {\"status\": \"affected\", \"version\": \"10.3(99x)\"}, {\"status\": \"affected\", \"version\": \"10.3(3o)\"}, {\"status\": \"affected\", \"version\": \"8.4(9)\"}, {\"status\": \"affected\", \"version\": \"10.3(4)\"}, {\"status\": \"affected\", \"version\": \"10.3(3p)\"}, {\"status\": \"affected\", \"version\": \"10.3(4a)\"}, {\"status\": \"affected\", \"version\": \"10.4(2)\"}, {\"status\": \"affected\", \"version\": \"10.3(3q)\"}, {\"status\": \"affected\", \"version\": \"9.3(13)\"}, {\"status\": \"affected\", \"version\": \"8.2(11)\"}, {\"status\": \"affected\", \"version\": \"10.3(5)\"}, {\"status\": \"affected\", \"version\": \"10.2(7)\"}, {\"status\": \"affected\", \"version\": \"10.4(3)\"}, {\"status\": \"affected\", \"version\": \"10.3(3x)\"}, {\"status\": \"affected\", \"version\": \"10.3(4g)\"}, {\"status\": \"affected\", \"version\": \"10.2(8)\"}, {\"status\": \"affected\", \"version\": \"10.3(3r)\"}, {\"status\": \"affected\", \"version\": \"9.3(14)\"}, {\"status\": \"affected\", \"version\": \"10.3(4h)\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Cisco\", \"product\": \"Cisco Wireless LAN Controller (WLC)\", \"versions\": [{\"status\": \"affected\", \"version\": \"8.10.112.0\"}, {\"status\": \"affected\", \"version\": \"8.8.120.0\"}, {\"status\": \"affected\", \"version\": \"8.3.143.0\"}, {\"status\": \"affected\", \"version\": \"8.3.111.0\"}, {\"status\": \"affected\", \"version\": \"8.2.164.0\"}, {\"status\": \"affected\", \"version\": \"8.5.109.0\"}, {\"status\": \"affected\", \"version\": \"8.3.132.0\"}, {\"status\": \"affected\", \"version\": \"8.5.105.0\"}, {\"status\": \"affected\", \"version\": \"8.2.170.0\"}, {\"status\": \"affected\", \"version\": \"8.2.160.0\"}, {\"status\": \"affected\", \"version\": \"8.8.100.0\"}, {\"status\": \"affected\", \"version\": \"8.9.111.0\"}, {\"status\": \"affected\", \"version\": \"8.7.102.0\"}, {\"status\": \"affected\", \"version\": \"8.3.102.0\"}, {\"status\": \"affected\", \"version\": \"8.3.133.0\"}, {\"status\": \"affected\", \"version\": \"8.3.131.0\"}, {\"status\": \"affected\", \"version\": \"8.5.100.0\"}, {\"status\": \"affected\", \"version\": \"8.5.131.0\"}, {\"status\": \"affected\", \"version\": \"8.3.122.0\"}, {\"status\": \"affected\", \"version\": \"8.5.101.0\"}, {\"status\": \"affected\", \"version\": \"8.3.112.0\"}, {\"status\": \"affected\", \"version\": \"8.5.120.0\"}, {\"status\": \"affected\", \"version\": \"8.2.141.0\"}, {\"status\": \"affected\", \"version\": \"8.3.141.0\"}, {\"status\": \"affected\", \"version\": \"8.3.121.0\"}, {\"status\": \"affected\", \"version\": \"8.2.151.0\"}, {\"status\": \"affected\", \"version\": \"8.3.130.0\"}, {\"status\": \"affected\", \"version\": \"8.5.102.0\"}, {\"status\": \"affected\", \"version\": \"8.2.161.0\"}, {\"status\": \"affected\", \"version\": \"8.5.151.0\"}, {\"status\": \"affected\", \"version\": \"8.2.100.0\"}, {\"status\": \"affected\", \"version\": \"8.5.135.0\"}, {\"status\": \"affected\", \"version\": \"8.3.135.0\"}, {\"status\": \"affected\", \"version\": \"8.5.140.0\"}, {\"status\": \"affected\", \"version\": \"8.7.106.0\"}, {\"status\": \"affected\", \"version\": \"8.9.100.0\"}, {\"status\": \"affected\", \"version\": \"8.8.111.0\"}, {\"status\": \"affected\", \"version\": \"8.2.110.0\"}, {\"status\": \"affected\", \"version\": \"8.5.110.0\"}, {\"status\": \"affected\", \"version\": \"8.2.130.0\"}, {\"status\": \"affected\", \"version\": \"8.5.141.105\"}, {\"status\": \"affected\", \"version\": \"8.2.121.0\"}, {\"status\": \"affected\", \"version\": \"8.8.125.0\"}, {\"status\": \"affected\", \"version\": \"8.3.150.0\"}, {\"status\": \"affected\", \"version\": \"8.2.111.0\"}, {\"status\": \"affected\", \"version\": \"8.10.105.0\"}, {\"status\": \"affected\", \"version\": \"8.5.108.0\"}, {\"status\": \"affected\", \"version\": \"8.3.108.0\"}, {\"status\": \"affected\", \"version\": \"8.2.166.0\"}, {\"status\": \"affected\", \"version\": \"8.5.103.0\"}, {\"status\": \"affected\", \"version\": \"8.3.140.0\"}, {\"status\": \"affected\", \"version\": \"8.6.101.0\"}, {\"status\": \"affected\", \"version\": \"8.4.100.0\"}, {\"status\": \"affected\", \"version\": \"8.5.160.0\"}, {\"status\": \"affected\", \"version\": \"8.5.161.0\"}, {\"status\": \"affected\", \"version\": \"8.8.130.0\"}, {\"status\": \"affected\", \"version\": \"8.10.120.0\"}, {\"status\": \"affected\", \"version\": \"8.10.121.0\"}, {\"status\": \"affected\", \"version\": \"8.10.113.0\"}, {\"status\": \"affected\", \"version\": \"8.10.122.0\"}, {\"status\": \"affected\", \"version\": \"8.10.130.0\"}, {\"status\": \"affected\", \"version\": \"8.10.141.0\"}, {\"status\": \"affected\", \"version\": \"8.10.142.0\"}, {\"status\": \"affected\", \"version\": \"8.5.171.0\"}, {\"status\": \"affected\", \"version\": \"8.10.150.0\"}, {\"status\": \"affected\", \"version\": \"8.10.151.0\"}, {\"status\": \"affected\", \"version\": \"8.10.162.0\"}, {\"status\": \"affected\", \"version\": \"8.5.182.0\"}, {\"status\": \"affected\", \"version\": \"8.10.171.0\"}, {\"status\": \"affected\", \"version\": \"8.10.180.0\"}, {\"status\": \"affected\", \"version\": \"8.10.181.0\"}, {\"status\": \"affected\", \"version\": \"8.10.182.0\"}, {\"status\": \"affected\", \"version\": \"8.10.170.0\"}, {\"status\": \"affected\", \"version\": \"8.10.183.0\"}, {\"status\": \"affected\", \"version\": \"8.5.182.7\"}, {\"status\": \"affected\", \"version\": \"8.5.182.105\"}, {\"status\": \"affected\", \"version\": \"8.5.182.106\"}, {\"status\": \"affected\", \"version\": \"8.10.185.0\"}, {\"status\": \"affected\", \"version\": \"8.5.182.107\"}, {\"status\": \"affected\", \"version\": \"8.5.182.11\"}, {\"status\": \"affected\", \"version\": \"8.5.182.108\"}, {\"status\": \"affected\", \"version\": \"8.10.190.0\"}, {\"status\": \"affected\", \"version\": \"8.10.195.0\"}, {\"status\": \"affected\", \"version\": \"8.5.182.12\"}], \"defaultStatus\": \"unknown\"}], \"exploits\": [{\"lang\": \"en\", \"value\": \"The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.\"}], \"references\": [{\"url\": \"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sisf-dos-ZGwt4DdY\", \"name\": \"cisco-sa-sisf-dos-ZGwt4DdY\"}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"A vulnerability in the Switch Integrated Security Features (SISF) of Cisco IOS Software, Cisco IOS XE Software, Cisco NX-OS Software, and Cisco Wireless LAN Controller (WLC) AireOS Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device.\\r\\n\\r\\nThis vulnerability is due to the incorrect handling of DHCPv6 packets. An attacker could exploit this vulnerability by sending a crafted DHCPv6 packet to an affected device. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"cwe\", \"cweId\": \"CWE-805\", \"description\": \"Buffer Access with Incorrect Length Value\"}]}], \"providerMetadata\": {\"orgId\": \"d1c1063e-7a18-46af-9102-31f8928bc633\", \"shortName\": \"cisco\", \"dateUpdated\": \"2025-05-07T17:18:35.677Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2025-20191\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-05-07T19:46:53.825Z\", \"dateReserved\": \"2024-10-10T19:15:13.226Z\", \"assignerOrgId\": \"d1c1063e-7a18-46af-9102-31f8928bc633\", \"datePublished\": \"2025-05-07T17:18:35.677Z\", \"assignerShortName\": \"cisco\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…