CVE-2025-20214

🗓️ 07 May 2025 17:34:14Reported by ciscoType

CVE-2025-20214 allows unauthorized access to Cisco IOS XE data via incorrectly filtered API calls.

Reporter	Title	Published	Views	Family All 10
Circl	CVE-2025-20214	7 May 202521:31	–	circl
Cisco	Cisco IOS XE Software Model-Driven Programmability Authorization Bypass Vulnerability	7 May 202516:00	–	cisco
CNNVD	Cisco IOS XE 安全漏洞	7 May 202500:00	–	cnnvd
CVE	CVE-2025-20214	7 May 202517:34	–	cve
EUVD	EUVD-2025-13908	3 Oct 202520:07	–	euvd
NVD	CVE-2025-20214	7 May 202518:15	–	nvd
OSV	CVE-2025-20214	7 May 202518:15	–	osv
Positive Technologies	PT-2025-20277 · Cisco · Cisco Ios Xe	7 May 202500:00	–	ptsecurity
RedhatCVE	CVE-2025-20214	9 May 202518:08	–	redhatcve
Vulnrichment	CVE-2025-20214	7 May 202517:34	–	vulnrichment

[
  {
    "vendor": "Cisco",
    "product": "Cisco IOS XE Software",
    "versions": [
      {
        "version": "17.11.1",
        "status": "affected"
      },
      {
        "version": "17.11.1a",
        "status": "affected"
      },
      {
        "version": "17.12.1",
        "status": "affected"
      },
      {
        "version": "17.12.1w",
        "status": "affected"
      },
      {
        "version": "17.12.1a",
        "status": "affected"
      },
      {
        "version": "17.12.1x",
        "status": "affected"
      },
      {
        "version": "17.12.2",
        "status": "affected"
      },
      {
        "version": "17.12.2a",
        "status": "affected"
      },
      {
        "version": "17.12.1y",
        "status": "affected"
      },
      {
        "version": "17.12.1z",
        "status": "affected"
      },
      {
        "version": "17.12.1z1",
        "status": "affected"
      },
      {
        "version": "17.13.1",
        "status": "affected"
      },
      {
        "version": "17.13.1a",
        "status": "affected"
      },
      {
        "version": "17.11.99SW",
        "status": "affected"
      }
    ]
  }
]

Source	Link
sec	www.sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-netconf-nacm-bypass-TGZV9pmQ

07 May 2025 17:34Current

CVSS 3.14.3

EPSS0.00275