EUVD-2025-13908

🗓️ 03 Oct 2025 20:07:09Reported by EUVDType

A Cisco IOS XE vulnerability allows unauthorized read access to configuration data via API misuse.

Reporter	Title	Published	Views	Family All 9
Circl	CVE-2025-20214	7 May 202521:31	–	circl
Cisco	Cisco IOS XE Software Model-Driven Programmability Authorization Bypass Vulnerability	7 May 202516:00	–	cisco
CNNVD	Cisco IOS XE 安全漏洞	7 May 202500:00	–	cnnvd
CVE	CVE-2025-20214	7 May 202517:34	–	cve
Cvelist	CVE-2025-20214	7 May 202517:34	–	cvelist
NVD	CVE-2025-20214	7 May 202518:15	–	nvd
Positive Technologies	PT-2025-20277 · Cisco · Cisco Ios Xe	7 May 202500:00	–	ptsecurity
RedhatCVE	CVE-2025-20214	9 May 202518:08	–	redhatcve
Vulnrichment	CVE-2025-20214	7 May 202517:34	–	vulnrichment

[
  {
    "enisaIdVendor": [
      {
        "id": "c858fcd7-e779-3b60-a6ac-73063887645b",
        "vendor": {
          "name": "Cisco"
        }
      }
    ],
    "enisaIdProduct": [
      {
        "id": "1911f5d0-d9eb-3b36-a856-d4206001938a",
        "product": {
          "name": "Cisco IOS XE Software"
        },
        "product_version": "17.12.1a"
      },
      {
        "id": "2e27df7b-fc6c-37cf-b97b-6706319145a5",
        "product": {
          "name": "Cisco IOS XE Software"
        },
        "product_version": "17.12.1z1"
      },
      {
        "id": "36a13054-3f51-30ad-a14d-c4efdb20ef17",
        "product": {
          "name": "Cisco IOS XE Software"
        },
        "product_version": "17.12.2a"
      },
      {
        "id": "3966b59b-f4f2-374c-8cd2-f0d3335143ea",
        "product": {
          "name": "Cisco IOS XE Software"
        },
        "product_version": "17.12.1y"
      },
      {
        "id": "4428836d-9721-3107-b1df-d25bb7cb7bdf",
        "product": {
          "name": "Cisco IOS XE Software"
        },
        "product_version": "17.13.1"
      },
      {
        "id": "59b16115-6728-3077-8a79-9658c8fea408",
        "product": {
          "name": "Cisco IOS XE Software"
        },
        "product_version": "17.12.2"
      },
      {
        "id": "59f540f7-585d-3086-93ed-e651baaff59e",
        "product": {
          "name": "Cisco IOS XE Software"
        },
        "product_version": "17.12.1z"
      },
      {
        "id": "6072b266-9b3c-3c81-803f-a49eff185ae8",
        "product": {
          "name": "Cisco IOS XE Software"
        },
        "product_version": "17.11.1a"
      },
      {
        "id": "9630c64b-ec03-3cf0-8321-542ca3ac36da",
        "product": {
          "name": "Cisco IOS XE Software"
        },
        "product_version": "17.12.1w"
      },
      {
        "id": "a6a4ee20-ff77-37a7-a819-ec33a3e2b9de",
        "product": {
          "name": "Cisco IOS XE Software"
        },
        "product_version": "17.11.99SW"
      },
      {
        "id": "b3cd0a31-7bd0-3362-83dd-36cc4fdba65b",
        "product": {
          "name": "Cisco IOS XE Software"
        },
        "product_version": "17.13.1a"
      },
      {
        "id": "c8ceaf33-85ec-39a9-bd1e-4843466e6fb5",
        "product": {
          "name": "Cisco IOS XE Software"
        },
        "product_version": "17.12.1"
      },
      {
        "id": "e56e734c-a3c8-398a-bd8c-5cfa59f7672b",
        "product": {
          "name": "Cisco IOS XE Software"
        },
        "product_version": "17.11.1"
      },
      {
        "id": "f1519eb5-78af-348d-b8dc-691cbce57447",
        "product": {
          "name": "Cisco IOS XE Software"
        },
        "product_version": "17.12.1x"
      }
    ]
  }
]

Source	Link
sec	www.sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-netconf-nacm-bypass-TGZV9pmQ
nvd	www.nvd.nist.gov/vuln/detail/CVE-2025-20214

03 Oct 2025 20:07Current

6.6Medium risk

Vulners AI Score6.6

CVSS 3.14.3

EPSS0.0022

SSVC