Details of VAR-202505-0456

ID

VAR-202505-0456

CVE

CVE-2025-20196

TITLE

Vulnerability in multiple Cisco Systems products regarding improper restriction of excessive authentication attempts

Trust: 0.8

sources: JVNDB: JVNDB-2025-008864

DESCRIPTION

A vulnerability in the Cisco IOx application hosting environment of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause the Cisco IOx application hosting environment to stop responding, resulting in a denial of service (DoS) condition. This vulnerability is due to the improper handling of HTTP requests. An attacker could exploit this vulnerability by sending crafted HTTP requests to an affected device. A successful exploit could allow the attacker to cause the Cisco IOx application hosting environment to stop responding. The IOx process will need to be manually restarted to recover services

Trust: 1.62

sources: NVD: CVE-2025-20196 // JVNDB: JVNDB-2025-008864

AFFECTED PRODUCTS

vendor:	cisco	model:	ios xe	scope:	eq	version:	17.3.5	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	17.1.3	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	17.6.1a	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	17.3.5a	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	17.6.1y	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	17.6.3a	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	17.6.4	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	17.12.1y	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	17.3.4a	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	17.8.1	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	17.6.1	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	17.12.1z1	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	17.12.3	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	17.9.4a	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	17.3.4	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	17.6.1w	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	17.12.1	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	17.9.1x1	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	17.6.6	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	17.6.7	Trust: 1.0
vendor:	cisco	model:	ir510 wpan	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	17.9.1y	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	17.5.1	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	17.7.1	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.3.10	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	17.6.1z	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	17.3.1z	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	17.11.99sw	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	17.9.5e	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	17.15.2a	Trust: 1.0
vendor:	cisco	model:	829 industrial integrated services router	scope:	lt	version:	15.9\(3\)m11	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.1.3	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	17.15.2c	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	17.2.3	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	17.9.4	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.5.1	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	17.12.1z2	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	17.3.2	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	17.3.1w	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.3.1	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	17.9.5	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	17.12.1z	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	17.9.2a	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	17.9.5b	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.1.2	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	17.12.1w	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	17.3.6	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	17.6.1x	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	17.6.1z1	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	17.6.5	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	17.7.1a	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	17.12.3a	Trust: 1.0
vendor:	cisco	model:	cgr1000	scope:	lt	version:	15.9\(3\)m12	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.3.2	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	17.12.1a	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	17.12.4a	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.2.1	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.3.9	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	17.9.2	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	17.9.3a	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	17.12.1x	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	17.10.1	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	17.3.8	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.1.1	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	17.9.1y1	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	17.6.2	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.3.7	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	17.13.1	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	17.15.2	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	17.3.1a	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	17.12.1z4	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	17.2.1a	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.3.8	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	17.9.6	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	17.6.8a	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	17.12.4	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	17.8.1a	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	17.6.5a	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	17.2.1v	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	17.3.4b	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	17.2.1r	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.5.1a	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	17.6.6a	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.4.3	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	17.3.1x	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.3.5	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	17.15.2b	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	17.12.4b	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	17.2.1	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	17.4.2a	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	17.11.1a	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	17.1.1	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	17.1.1s	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	17.7.2	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	17.14.1a	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	lt	version:	17.15.2	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	17.3.4c	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.3.11	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	17.9.1a	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	17.3.8a	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	17.9.6a	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	17.10.1a	Trust: 1.0
vendor:	cisco	model:	807 industrial integrated services router	scope:	lt	version:	15.9\(3\)m11	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	17.3.1	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	17.3.5b	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	17.10.1b	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	17.4.2	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	17.13.1a	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.3.4	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	17.6.8	Trust: 1.0
vendor:	cisco	model:	809 industrial integrated services router	scope:	lt	version:	15.9\(3\)m11	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	17.9.5f	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	17.9.1w	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.5.2	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	17.9.1x	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.5.3	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.3.5b	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.3.3	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	17.5.1a	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	17.11.1	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	17.2.2	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.3.6	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	17.6.3	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.4.1	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	17.4.1	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.3.1a	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.5.1b	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	17.1.1a	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.2.2	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	17.3.2a	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	16.4.2	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	17.4.1b	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	17.4.1a	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	17.9.3	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	17.14.1	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	17.12.2	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	17.12.2a	Trust: 1.0
vendor:	cisco	model:	ic3000 industrial compute gateway	scope:	lt	version:	1.5.2	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	17.1.1t	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	17.3.3	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	17.9.1	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	17.9.5a	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	17.3.7	Trust: 1.0
vendor:	cisco	model:	ios xe	scope:	eq	version:	17.7.1b	Trust: 1.0
vendor:	シスコシステムズ	model:	cisco 1000 シリーズ connected grid ルータ	scope:	-	version:	-	Trust: 0.8
vendor:	シスコシステムズ	model:	cisco 829 産業用サービス統合型ルータ	scope:	-	version:	-	Trust: 0.8
vendor:	シスコシステムズ	model:	cisco 807 産業用サービス統合型ルータ	scope:	-	version:	-	Trust: 0.8
vendor:	シスコシステムズ	model:	cisco ir510 wpan	scope:	-	version:	-	Trust: 0.8
vendor:	シスコシステムズ	model:	cisco ios xe	scope:	-	version:	-	Trust: 0.8
vendor:	シスコシステムズ	model:	cisco 809 産業用サービス統合型ルータ	scope:	-	version:	-	Trust: 0.8
vendor:	シスコシステムズ	model:	cisco ic3000 産業用コンピューティングゲートウェイ	scope:	-	version:	-	Trust: 0.8

sources: JVNDB: JVNDB-2025-008864 // NVD: CVE-2025-20196

CVSS

SEVERITY

CVSSV2

CVSSV3

psirt@cisco.com:	CVE-2025-20196
value:	MEDIUM
Trust: 1.0
OTHER:	JVNDB-2025-008864
value:	MEDIUM
Trust: 0.8

psirt@cisco.com:	CVE-2025-20196
baseSeverity:	MEDIUM
baseScore:	5.3
vectorString:	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	LOW
exploitabilityScore:	3.9
impactScore:	1.4
version:	3.1
Trust: 1.0
OTHER:	JVNDB-2025-008864
baseSeverity:	MEDIUM
baseScore:	5.3
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	LOW
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: JVNDB: JVNDB-2025-008864 // NVD: CVE-2025-20196

PROBLEMTYPE DATA

problemtype:	CWE-307	Trust: 1.0
problemtype:	Inappropriate limitation of excessive authentication attempts (CWE-307) [ others ]	Trust: 0.8

sources: JVNDB: JVNDB-2025-008864 // NVD: CVE-2025-20196

PATCH

title:

cisco-sa-iox-dos-95Fqnf7b

url:

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iox-dos-95Fqnf7b

Trust: 0.8

sources: JVNDB: JVNDB-2025-008864

EXTERNAL IDS

db:	NVD	id:	CVE-2025-20196	Trust: 2.6
db:	JVNDB	id:	JVNDB-2025-008864	Trust: 0.8

sources: JVNDB: JVNDB-2025-008864 // NVD: CVE-2025-20196

REFERENCES

url:	https://sec.cloudapps.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-iox-dos-95fqnf7b	Trust: 1.0
url:	https://nvd.nist.gov/vuln/detail/cve-2025-20196	Trust: 0.8

sources: JVNDB: JVNDB-2025-008864 // NVD: CVE-2025-20196

SOURCES

db:	JVNDB	id:	JVNDB-2025-008864
db:	NVD	id:	CVE-2025-20196

LAST UPDATE DATE

2025-07-16T19:35:15.798000+00:00

SOURCES UPDATE DATE

db:	JVNDB	id:	JVNDB-2025-008864	date:	2025-07-15T01:41:00
db:	NVD	id:	CVE-2025-20196	date:	2025-07-11T14:55:33.920

SOURCES RELEASE DATE

db:	JVNDB	id:	JVNDB-2025-008864	date:	2025-07-15T00:00:00
db:	NVD	id:	CVE-2025-20196	date:	2025-05-07T18:15:39.927