2 matches found
CVE-2025-20214
A vulnerability in the Network Configuration Access Control Module NACM of Cisco IOS XE Software could allow an authenticated, remote attacker to obtain unauthorized read access to configuration or operational data. This vulnerability exists because a subtle change in inner API call behavior caus...
CVE-2025-20214
CVE-2025-20214 affects Cisco IOS XE Software NACM. A subtle change in inner API call behavior can cause NACM-filtered results to be returned, enabling an authenticated remote attacker to read configuration or operational data via NETCONF, RESTCONF, or gNMI. The attack requires the attacker to hol...