CISCO-CVE-2025-20142

HIGH8.6

Cisco IOS XR Software for ASR 9000 Series Routers L2VPN Denial of Service Vulnerability

Published Mar 12, 2025

Modified 11 months ago

Affected Packages

Cisco IOS XR

CiscoIOSXR

Affected versions:

6.7.26.7.36.7.356.8.16.8.26.9.16.9.27.1.157.1.27.1.25+24 more

CVSS Analysis

CVSS v3.1

8.6

Exploitability

Attack Vector

NetworkAV:N

Attack Complexity

LowAC:L

Privileges Required

NonePR:N

User Interaction

NoneUI:N

Scope

ChangedS:C

Impact

Confidentiality

NoneC:N

Integrity

NoneI:N

Availability

HighA:H

8.6/CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

Upstream

Ecosystems

Timeline

PublishedMar 12, 2025

ModifiedMar 12, 2025