CVE-2026-20115

🗓️ 25 Mar 2026 16:08:01Reported by ciscoType

CVE-2026-20115: A remote attacker can view confidential device information via an insecure tunnel during configuration upload.

Reporter	Title	Published	Views	Family All 11
Circl	CVE-2026-20115	26 Mar 202603:00	–	circl
Cisco	Cisco IOS XE Software Secure Channel for Meraki Information Disclosure Vulnerability	25 Mar 202616:00	–	cisco
Tenable Nessus	Cisco IOS XE Software Secure Channel for Meraki Information Disclosure (cisco-sa-iosxe_infodis-6J847uEB)	1 Apr 202600:00	–	nessus
CNNVD	Cisco IOS XE Software 安全漏洞	25 Mar 202600:00	–	cnnvd
CVE	CVE-2026-20115	25 Mar 202616:08	–	cve
EUVD	EUVD-2026-15447	25 Mar 202618:31	–	euvd
NCSC	Vulnerabilities fixed in Cisco IOS XE Software	26 Mar 202609:50	–	ncsc
NVD	CVE-2026-20115	25 Mar 202616:16	–	nvd
Positive Technologies	PT-2026-27798	25 Mar 202600:00	–	ptsecurity
RedhatCVE	CVE-2026-20115	26 Mar 202617:00	–	redhatcve

[
  {
    "vendor": "Cisco",
    "product": "Cisco IOS XE Software",
    "versions": [
      {
        "version": "17.14.1",
        "status": "affected"
      },
      {
        "version": "17.14.1a",
        "status": "affected"
      },
      {
        "version": "17.15.1",
        "status": "affected"
      },
      {
        "version": "17.15.1w",
        "status": "affected"
      },
      {
        "version": "17.15.1a",
        "status": "affected"
      },
      {
        "version": "17.15.2",
        "status": "affected"
      },
      {
        "version": "17.15.1b",
        "status": "affected"
      },
      {
        "version": "17.15.1x",
        "status": "affected"
      },
      {
        "version": "17.15.1z",
        "status": "affected"
      },
      {
        "version": "17.15.3",
        "status": "affected"
      },
      {
        "version": "17.15.2c",
        "status": "affected"
      },
      {
        "version": "17.15.2a",
        "status": "affected"
      },
      {
        "version": "17.15.1y",
        "status": "affected"
      },
      {
        "version": "17.15.2b",
        "status": "affected"
      },
      {
        "version": "17.15.3a",
        "status": "affected"
      },
      {
        "version": "17.15.4",
        "status": "affected"
      },
      {
        "version": "17.15.3b",
        "status": "affected"
      },
      {
        "version": "17.15.4d",
        "status": "affected"
      },
      {
        "version": "17.15.4e",
        "status": "affected"
      },
      {
        "version": "17.16.1",
        "status": "affected"
      },
      {
        "version": "17.16.1a",
        "status": "affected"
      },
      {
        "version": "17.17.1",
        "status": "affected"
      },
      {
        "version": "17.18.1",
        "status": "affected"
      },
      {
        "version": "17.18.1w",
        "status": "affected"
      },
      {
        "version": "17.18.1a",
        "status": "affected"
      }
    ]
  }
]

Source	Link
sec	www.sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe_infodis-6J847uEB

25 Mar 2026 16:08Current

CVSS 3.16.1

EPSS0.00019