CISCO-CVE-2026-20113

MEDIUM5.3

Cisco IOx Application Hosting Environment Carriage Return Line Feed (CRLF) Injection Vulnerability

Published Mar 25, 2026

Modified 1 months ago

Affected Packages

Cisco IOS XE

CiscoIOSXE

Affected versions:

16.10.116.10.1a16.10.1b16.10.1c16.10.1d16.10.1e16.10.1f16.10.1g16.10.1s16.10.2+244 more

CVSS Analysis

CVSS v3.1

5.3

Exploitability

Attack Vector

NetworkAV:N

Attack Complexity

LowAC:L

Privileges Required

NonePR:N

User Interaction

NoneUI:N

Scope

UnchangedS:U

Impact

Confidentiality

NoneC:N

Integrity

LowI:L

Availability

NoneA:N

5.3/CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

Upstream

Ecosystems

Timeline

PublishedMar 25, 2026

ModifiedMar 25, 2026