CISCO-CVE-2026-20125

HIGH7.7

Cisco IOS and IOS XE 3E Software Web UI Denial of Service Vulnerability

Published Mar 25, 2026

Modified 1 months ago

Affected Packages

Cisco IOS

CiscoIOS

Affected versions:

12.2(25)EZ12.2(25)EZ112.2(33)CY12.2(33)CY112.2(33)CY212.2(33)SCG12.2(33)SCG112.2(33)SCG212.2(33)SCG312.2(33)SCG4+1043 more

Cisco IOS XE

CiscoIOSXE

Affected versions:

3.10.0E3.10.0S3.10.0cE3.10.10S3.10.1E3.10.1S3.10.1aE3.10.1sE3.10.1xbS3.10.1xcS+186 more

CVSS Analysis

CVSS v3.1

7.7

Exploitability

Attack Vector

NetworkAV:N

Attack Complexity

LowAC:L

Privileges Required

LowPR:L

User Interaction

NoneUI:N

Scope

ChangedS:C

Impact

Confidentiality

NoneC:N

Integrity

NoneI:N

Availability

HighA:H

7.7/CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H

Upstream

Ecosystems

Timeline

PublishedMar 25, 2026

ModifiedMar 25, 2026