CVE-2025-20196

MEDIUM EPSS 27.8%
Published May 7, 20251y ago · Modified Jun 17, 20261w ago
5.3 CVSS 3.1
Medium
Find Similar
Published May 7, 2025 1y ago
Last Modified Jun 17, 2026 1w ago

Description

A vulnerability in the Cisco IOx application hosting environment of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause the Cisco IOx application hosting environment to stop responding, resulting in a denial of service (DoS) condition. This vulnerability is due to the improper handling of HTTP requests. An attacker could exploit this vulnerability by sending crafted HTTP requests to an affected device. A successful exploit could allow the attacker to cause the Cisco IOx application hosting environment to stop responding. The IOx process will need to be manually restarted to recover services.

CVSS Details

Base Score
5.3
Exploitability
3.9
Impact
1.4
Vector string
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Attack Vector Network
Attack Complexity Low
Privileges Required None
User Interaction None
Scope Unchanged
Confidentiality None
Integrity None
Availability Low

Threat Intelligence

EPSS Exploit Probability
27.8% percentile
Exploit & Patch Status
No Known Exploit
No Patch Available

Weaknesses 1

CWE-307

Affected Products 189

VendorProductVersionRange
ciscoios_xe16.1.1any
ciscoios_xe16.1.2any
ciscoios_xe16.1.3any
ciscoios_xe16.2.1any
ciscoios_xe16.2.2any
ciscoios_xe16.3.1any
ciscoios_xe16.3.1aany
ciscoios_xe16.3.2any
ciscoios_xe16.3.3any
ciscoios_xe16.3.4any
ciscoios_xe16.3.5any
ciscoios_xe16.3.5bany
ciscoios_xe16.3.6any
ciscoios_xe16.3.7any
ciscoios_xe16.3.8any
ciscoios_xe16.3.9any
ciscoios_xe16.3.10any
ciscoios_xe16.3.11any
ciscoios_xe16.4.1any
ciscoios_xe16.4.2any
ciscoios_xe16.4.3any
ciscoios_xe16.5.1any
ciscoios_xe16.5.1aany
ciscoios_xe16.5.1bany
ciscoios_xe16.5.2any
ciscoios_xe16.5.3any
ciscoios_xe17.1.1any
ciscoios_xe17.1.1aany
ciscoios_xe17.1.1sany
ciscoios_xe17.1.1tany
ciscoios_xe17.1.3any
ciscoios_xe17.2.1any
ciscoios_xe17.2.1aany
ciscoios_xe17.2.1rany
ciscoios_xe17.2.1vany
ciscoios_xe17.2.2any
ciscoios_xe17.2.3any
ciscoios_xe17.3.1any
ciscoios_xe17.3.1aany
ciscoios_xe17.3.1wany
ciscoios_xe17.3.1xany
ciscoios_xe17.3.1zany
ciscoios_xe17.3.2any
ciscoios_xe17.3.2aany
ciscoios_xe17.3.3any
ciscoios_xe17.3.4any
ciscoios_xe17.3.4aany
ciscoios_xe17.3.4bany
ciscoios_xe17.3.4cany
ciscoios_xe17.3.5any
ciscoios_xe17.3.5aany
ciscoios_xe17.3.5bany
ciscoios_xe17.3.6any
ciscoios_xe17.3.7any
ciscoios_xe17.3.8any
ciscoios_xe17.3.8aany
ciscoios_xe17.4.1any
ciscoios_xe17.4.1aany
ciscoios_xe17.4.1bany
ciscoios_xe17.4.2any
ciscoios_xe17.4.2aany
ciscoios_xe17.5.1any
ciscoios_xe17.5.1aany
ciscoios_xe17.6.1any
ciscoios_xe17.6.1aany
ciscoios_xe17.6.1wany
ciscoios_xe17.6.1xany
ciscoios_xe17.6.1yany
ciscoios_xe17.6.1zany
ciscoios_xe17.6.1z1any
ciscoios_xe17.6.2any
ciscoios_xe17.6.3any
ciscoios_xe17.6.3aany
ciscoios_xe17.6.4any
ciscoios_xe17.6.5any
ciscoios_xe17.6.5aany
ciscoios_xe17.6.6any
ciscoios_xe17.6.6aany
ciscoios_xe17.6.7any
ciscoios_xe17.6.8any
ciscoios_xe17.6.8aany
ciscoios_xe17.7.1any
ciscoios_xe17.7.1aany
ciscoios_xe17.7.1bany
ciscoios_xe17.7.2any
ciscoios_xe17.8.1any
ciscoios_xe17.8.1aany
ciscoios_xe17.9.1any
ciscoios_xe17.9.1aany
ciscoios_xe17.9.1wany
ciscoios_xe17.9.1xany
ciscoios_xe17.9.1x1any
ciscoios_xe17.9.1yany
ciscoios_xe17.9.1y1any
ciscoios_xe17.9.2any
ciscoios_xe17.9.2aany
ciscoios_xe17.9.3any
ciscoios_xe17.9.3aany
ciscoios_xe17.9.4any
ciscoios_xe17.9.4aany
ciscoios_xe17.9.5any
ciscoios_xe17.9.5aany
ciscoios_xe17.9.5bany
ciscoios_xe17.9.5eany
ciscoios_xe17.9.5fany
ciscoios_xe17.9.6any
ciscoios_xe17.9.6aany
ciscoios_xe17.10.1any
ciscoios_xe17.10.1aany
ciscoios_xe17.10.1bany
ciscoios_xe17.11.1any
ciscoios_xe17.11.1aany
ciscoios_xe17.11.99swany
ciscoios_xe17.12.1any
ciscoios_xe17.12.1aany
ciscoios_xe17.12.1wany
ciscoios_xe17.12.1xany
ciscoios_xe17.12.1yany
ciscoios_xe17.12.1zany
ciscoios_xe17.12.1z1any
ciscoios_xe17.12.1z2any
ciscoios_xe17.12.1z4any
ciscoios_xe17.12.2any
ciscoios_xe17.12.2aany
ciscoios_xe17.12.3any
ciscoios_xe17.12.3aany
ciscoios_xe17.12.4any
ciscoios_xe17.12.4aany
ciscoios_xe17.12.4bany
ciscoios_xe17.13.1any
ciscoios_xe17.13.1aany
ciscoios_xe17.14.1any
ciscoios_xe17.14.1aany
ciscoios_xe17.15.2any
ciscoios_xe17.15.2aany
ciscoios_xe17.15.2bany
ciscoios_xe17.15.2cany
ciscocgr1000_firmware* <15.9\(3\)m12
ciscocgr1000*any
ciscoir510_wpan_firmware*any
ciscoir510_wpan*any
ciscoic3000_industrial_compute_gateway_firmware* <1.5.2
ciscoic3000_industrial_compute_gateway*any
cisco807_industrial_integrated_services_router_firmware* <15.9\(3\)m11
cisco807_industrial_integrated_services_router*any
cisco809_industrial_integrated_services_router_firmware* <15.9\(3\)m11
cisco809_industrial_integrated_services_router*any
cisco829_industrial_integrated_services_router_firmware* <15.9\(3\)m11
cisco829_industrial_integrated_services_router*any
ciscoios_xe* <17.15.2
ciscocatalyst_9100*any
ciscocatalyst_9105*any
ciscocatalyst_9105ax*any
ciscocatalyst_9105axi*any
ciscocatalyst_9105axw*any
ciscocatalyst_9105i*any
ciscocatalyst_9105w*any
ciscocatalyst_9115*any
ciscocatalyst_9115_ap*any
ciscocatalyst_9115ax*any
ciscocatalyst_9115axe*any
ciscocatalyst_9115axi*any
ciscocatalyst_9117*any
ciscocatalyst_9117_ap*any
ciscocatalyst_9117ax*any
ciscocatalyst_9117axi*any
ciscocatalyst_9120*any
ciscocatalyst_9120_ap*any
ciscocatalyst_9120ax*any
ciscocatalyst_9120axe*any
ciscocatalyst_9120axi*any
ciscocatalyst_9120axp*any
ciscocatalyst_9124*any
ciscocatalyst_9124ax*any
ciscocatalyst_9124axd*any
ciscocatalyst_9124axi*any
ciscocatalyst_9124d*any
ciscocatalyst_9124e*any
ciscocatalyst_9124i*any
ciscocatalyst_9130*any
ciscocatalyst_9130_ap*any
ciscocatalyst_9130ax*any
ciscocatalyst_9130axe*any
ciscocatalyst_9130axi*any
ciscocatalyst_9136*any
ciscocatalyst_9162*any
ciscocatalyst_9164*any
ciscocatalyst_9166*any
ciscocatalyst_9166d1*any

References 1

  • sec.cloudapps.cisco.com https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iox-dos-95Fqnf7b
    Vendor Advisory

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.