8.1
CVE-2025-20160
- EPSS 0.08%
- Veröffentlicht 24.09.2025 18:15:34
- Zuletzt bearbeitet 26.09.2025 14:32:53
- Quelle psirt@cisco.com
- Teams Watchlist Login
- Unerledigt Login
A vulnerability in the implementation of the TACACS+ protocol in Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to view sensitive data or bypass authentication. This vulnerability exists because the system does not properly check whether the required TACACS+ shared secret is configured. A machine-in-the-middle attacker could exploit this vulnerability by intercepting and reading unencrypted TACACS+ messages or impersonating the TACACS+ server and falsely accepting arbitrary authentication requests. A successful exploit could allow the attacker to view sensitive information in a TACACS+ message or bypass authentication and gain access to the affected device.
Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD
Diese Information steht angemeldeten Benutzern zur Verfügung. Login
Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).
HerstellerCisco
≫
Produkt
IOS
Version
15.2(6)E1
Status
affected
Version
15.2(4)E6
Status
affected
Version
15.2(6)E2
Status
affected
Version
15.2(4)E7
Status
affected
Version
15.2(7)E
Status
affected
Version
15.2(4)E8
Status
affected
Version
15.2(6)E2a
Status
affected
Version
15.2(6)E2b
Status
affected
Version
15.2(7)E1
Status
affected
Version
15.2(7)E0a
Status
affected
Version
15.2(7)E0b
Status
affected
Version
15.2(7)E0s
Status
affected
Version
15.2(6)E3
Status
affected
Version
15.2(4)E9
Status
affected
Version
15.2(7)E2
Status
affected
Version
15.2(7a)E0b
Status
affected
Version
15.2(4)E10
Status
affected
Version
15.2(7)E3
Status
affected
Version
15.2(7)E1a
Status
affected
Version
15.2(7b)E0b
Status
affected
Version
15.2(7)E2a
Status
affected
Version
15.2(4)E10a
Status
affected
Version
15.2(7)E4
Status
affected
Version
15.2(7)E3k
Status
affected
Version
15.2(8)E
Status
affected
Version
15.2(8)E1
Status
affected
Version
15.2(7)E5
Status
affected
Version
15.2(7)E6
Status
affected
Version
15.2(8)E2
Status
affected
Version
15.2(4)E10d
Status
affected
Version
15.2(7)E7
Status
affected
Version
15.2(8)E3
Status
affected
Version
15.2(7)E8
Status
affected
Version
15.2(8)E4
Status
affected
Version
15.2(7)E9
Status
affected
Version
15.2(8)E5
Status
affected
Version
15.2(8)E6
Status
affected
Version
15.2(7)E10
Status
affected
Version
15.2(7)E11
Status
affected
Version
15.2(8)E7
Status
affected
Version
15.2(7)E12
Status
affected
Version
15.5(3)S8
Status
affected
Version
15.5(3)S9
Status
affected
Version
15.5(3)S10
Status
affected
Version
15.5(3)S9a
Status
affected
Version
15.2(6)EB
Status
affected
Version
15.5(3)M7
Status
affected
Version
15.5(3)M8
Status
affected
Version
15.5(3)M9
Status
affected
Version
15.5(3)M10
Status
affected
Version
15.6(2)SP5
Status
affected
Version
15.6(2)SP6
Status
affected
Version
15.6(2)SP7
Status
affected
Version
15.6(2)SP8
Status
affected
Version
15.6(2)SP9
Status
affected
Version
15.6(3)M4
Status
affected
Version
15.6(3)M5
Status
affected
Version
15.6(3)M6
Status
affected
Version
15.6(3)M7
Status
affected
Version
15.6(3)M6a
Status
affected
Version
15.6(3)M6b
Status
affected
Version
15.6(3)M8
Status
affected
Version
15.6(3)M9
Status
affected
Version
15.5(1)SY2
Status
affected
Version
15.5(1)SY3
Status
affected
Version
15.5(1)SY4
Status
affected
Version
15.5(1)SY5
Status
affected
Version
15.5(1)SY6
Status
affected
Version
15.5(1)SY7
Status
affected
Version
15.5(1)SY8
Status
affected
Version
15.5(1)SY9
Status
affected
Version
15.5(1)SY10
Status
affected
Version
15.5(1)SY11
Status
affected
Version
15.5(1)SY12
Status
affected
Version
15.5(1)SY13
Status
affected
Version
15.5(1)SY14
Status
affected
Version
15.5(1)SY15
Status
affected
Version
15.7(3)M3
Status
affected
Version
15.7(3)M2
Status
affected
Version
15.7(3)M4
Status
affected
Version
15.7(3)M5
Status
affected
Version
15.7(3)M4a
Status
affected
Version
15.7(3)M4b
Status
affected
Version
15.7(3)M6
Status
affected
Version
15.7(3)M7
Status
affected
Version
15.7(3)M8
Status
affected
Version
15.7(3)M9
Status
affected
Version
15.8(3)M
Status
affected
Version
15.8(3)M1
Status
affected
Version
15.8(3)M0a
Status
affected
Version
15.8(3)M0b
Status
affected
Version
15.8(3)M2
Status
affected
Version
15.8(3)M1a
Status
affected
Version
15.8(3)M3
Status
affected
Version
15.8(3)M2a
Status
affected
Version
15.8(3)M4
Status
affected
Version
15.8(3)M3a
Status
affected
Version
15.8(3)M3b
Status
affected
Version
15.8(3)M5
Status
affected
Version
15.8(3)M6
Status
affected
Version
15.8(3)M7
Status
affected
Version
15.8(3)M8
Status
affected
Version
15.8(3)M9
Status
affected
Version
15.9(3)M
Status
affected
Version
15.9(3)M1
Status
affected
Version
15.9(3)M0a
Status
affected
Version
15.9(3)M2
Status
affected
Version
15.9(3)M3
Status
affected
Version
15.9(3)M2a
Status
affected
Version
15.9(3)M3a
Status
affected
Version
15.9(3)M4
Status
affected
Version
15.9(3)M3b
Status
affected
Version
15.9(3)M5
Status
affected
Version
15.9(3)M4a
Status
affected
Version
15.9(3)M6
Status
affected
Version
15.9(3)M7
Status
affected
Version
15.9(3)M6a
Status
affected
Version
15.9(3)M6b
Status
affected
Version
15.9(3)M8
Status
affected
Version
15.9(3)M7a
Status
affected
Version
15.9(3)M9
Status
affected
Version
15.9(3)M8b
Status
affected
Version
15.9(3)M10
Status
affected
Version
15.9(3)M11
Status
affected
HerstellerCisco
≫
Produkt
Cisco IOS XE Software
Version
3.16.8S
Status
affected
Version
3.16.9S
Status
affected
Version
3.16.10S
Status
affected
Version
3.8.6E
Status
affected
Version
3.8.7E
Status
affected
Version
3.8.8E
Status
affected
Version
3.8.9E
Status
affected
Version
3.8.10E
Status
affected
Version
3.8.10eE
Status
affected
Version
3.18.5SP
Status
affected
Version
3.18.6SP
Status
affected
Version
3.18.7SP
Status
affected
Version
3.18.8aSP
Status
affected
Version
3.18.9SP
Status
affected
Version
16.6.5
Status
affected
Version
16.6.5a
Status
affected
Version
16.6.6
Status
affected
Version
16.6.7
Status
affected
Version
16.6.8
Status
affected
Version
16.6.9
Status
affected
Version
16.6.10
Status
affected
Version
16.8.1
Status
affected
Version
16.8.1a
Status
affected
Version
16.8.1b
Status
affected
Version
16.8.1s
Status
affected
Version
16.8.1c
Status
affected
Version
16.8.1d
Status
affected
Version
16.8.2
Status
affected
Version
16.8.1e
Status
affected
Version
16.8.3
Status
affected
Version
16.9.1
Status
affected
Version
16.9.2
Status
affected
Version
16.9.1a
Status
affected
Version
16.9.1b
Status
affected
Version
16.9.1s
Status
affected
Version
16.9.3
Status
affected
Version
16.9.4
Status
affected
Version
16.9.3a
Status
affected
Version
16.9.5
Status
affected
Version
16.9.5f
Status
affected
Version
16.9.6
Status
affected
Version
16.9.7
Status
affected
Version
16.9.8
Status
affected
Version
16.10.1
Status
affected
Version
16.10.1a
Status
affected
Version
16.10.1b
Status
affected
Version
16.10.1s
Status
affected
Version
16.10.1c
Status
affected
Version
16.10.1e
Status
affected
Version
16.10.1d
Status
affected
Version
16.10.2
Status
affected
Version
16.10.1f
Status
affected
Version
16.10.1g
Status
affected
Version
16.10.3
Status
affected
Version
3.10.1E
Status
affected
Version
3.10.2E
Status
affected
Version
3.10.3E
Status
affected
Version
16.11.1
Status
affected
Version
16.11.1a
Status
affected
Version
16.11.1b
Status
affected
Version
16.11.2
Status
affected
Version
16.11.1s
Status
affected
Version
16.12.1
Status
affected
Version
16.12.1s
Status
affected
Version
16.12.1a
Status
affected
Version
16.12.1c
Status
affected
Version
16.12.1w
Status
affected
Version
16.12.2
Status
affected
Version
16.12.1y
Status
affected
Version
16.12.2a
Status
affected
Version
16.12.3
Status
affected
Version
16.12.8
Status
affected
Version
16.12.2s
Status
affected
Version
16.12.1x
Status
affected
Version
16.12.1t
Status
affected
Version
16.12.4
Status
affected
Version
16.12.3s
Status
affected
Version
16.12.3a
Status
affected
Version
16.12.4a
Status
affected
Version
16.12.5
Status
affected
Version
16.12.6
Status
affected
Version
16.12.1z1
Status
affected
Version
16.12.5a
Status
affected
Version
16.12.5b
Status
affected
Version
16.12.1z2
Status
affected
Version
16.12.6a
Status
affected
Version
16.12.7
Status
affected
Version
16.12.9
Status
affected
Version
16.12.10
Status
affected
Version
16.12.10a
Status
affected
Version
16.12.11
Status
affected
Version
16.12.12
Status
affected
Version
16.12.13
Status
affected
Version
3.11.0E
Status
affected
Version
3.11.1E
Status
affected
Version
3.11.2E
Status
affected
Version
3.11.3E
Status
affected
Version
3.11.1aE
Status
affected
Version
3.11.4E
Status
affected
Version
3.11.3aE
Status
affected
Version
3.11.5E
Status
affected
Version
3.11.6E
Status
affected
Version
3.11.7E
Status
affected
Version
3.11.8E
Status
affected
Version
3.11.9E
Status
affected
Version
3.11.10E
Status
affected
Version
3.11.11E
Status
affected
Version
3.11.12E
Status
affected
Version
17.1.1
Status
affected
Version
17.1.1a
Status
affected
Version
17.1.1s
Status
affected
Version
17.1.1t
Status
affected
Version
17.1.3
Status
affected
Version
17.2.1
Status
affected
Version
17.2.1r
Status
affected
Version
17.2.1a
Status
affected
Version
17.2.1v
Status
affected
Version
17.2.2
Status
affected
Version
17.2.3
Status
affected
Version
17.3.1
Status
affected
Version
17.3.2
Status
affected
Version
17.3.3
Status
affected
Version
17.3.1a
Status
affected
Version
17.3.1w
Status
affected
Version
17.3.2a
Status
affected
Version
17.3.1x
Status
affected
Version
17.3.1z
Status
affected
Version
17.3.4
Status
affected
Version
17.3.5
Status
affected
Version
17.3.4a
Status
affected
Version
17.3.6
Status
affected
Version
17.3.4b
Status
affected
Version
17.3.4c
Status
affected
Version
17.3.5a
Status
affected
Version
17.3.5b
Status
affected
Version
17.3.7
Status
affected
Version
17.3.8
Status
affected
Version
17.3.8a
Status
affected
Version
17.4.1
Status
affected
Version
17.4.2
Status
affected
Version
17.4.1a
Status
affected
Version
17.4.1b
Status
affected
Version
17.4.2a
Status
affected
Version
17.5.1
Status
affected
Version
17.5.1a
Status
affected
Version
17.6.1
Status
affected
Version
17.6.2
Status
affected
Version
17.6.1w
Status
affected
Version
17.6.1a
Status
affected
Version
17.6.1x
Status
affected
Version
17.6.3
Status
affected
Version
17.6.1y
Status
affected
Version
17.6.1z
Status
affected
Version
17.6.3a
Status
affected
Version
17.6.4
Status
affected
Version
17.6.1z1
Status
affected
Version
17.6.5
Status
affected
Version
17.6.6
Status
affected
Version
17.6.6a
Status
affected
Version
17.6.5a
Status
affected
Version
17.6.7
Status
affected
Version
17.6.8
Status
affected
Version
17.6.8a
Status
affected
Version
17.7.1
Status
affected
Version
17.7.1a
Status
affected
Version
17.7.1b
Status
affected
Version
17.7.2
Status
affected
Version
17.10.1
Status
affected
Version
17.10.1a
Status
affected
Version
17.10.1b
Status
affected
Version
17.8.1
Status
affected
Version
17.8.1a
Status
affected
Version
17.9.1
Status
affected
Version
17.9.1w
Status
affected
Version
17.9.2
Status
affected
Version
17.9.1a
Status
affected
Version
17.9.1x
Status
affected
Version
17.9.1y
Status
affected
Version
17.9.3
Status
affected
Version
17.9.2a
Status
affected
Version
17.9.1x1
Status
affected
Version
17.9.3a
Status
affected
Version
17.9.4
Status
affected
Version
17.9.1y1
Status
affected
Version
17.9.5
Status
affected
Version
17.9.4a
Status
affected
Version
17.9.5a
Status
affected
Version
17.9.5b
Status
affected
Version
17.9.6
Status
affected
Version
17.9.6a
Status
affected
Version
17.9.7
Status
affected
Version
17.9.5e
Status
affected
Version
17.9.5f
Status
affected
Version
17.9.7a
Status
affected
Version
17.9.7b
Status
affected
Version
17.11.1
Status
affected
Version
17.11.1a
Status
affected
Version
17.12.1
Status
affected
Version
17.12.1w
Status
affected
Version
17.12.1a
Status
affected
Version
17.12.1x
Status
affected
Version
17.12.2
Status
affected
Version
17.12.3
Status
affected
Version
17.12.2a
Status
affected
Version
17.12.1y
Status
affected
Version
17.12.1z
Status
affected
Version
17.12.4
Status
affected
Version
17.12.3a
Status
affected
Version
17.12.1z1
Status
affected
Version
17.12.1z2
Status
affected
Version
17.12.4a
Status
affected
Version
17.12.5
Status
affected
Version
17.12.4b
Status
affected
Version
17.12.1z3
Status
affected
Version
17.12.5a
Status
affected
Version
17.12.1z4
Status
affected
Version
17.12.5b
Status
affected
Version
17.12.5c
Status
affected
Version
17.13.1
Status
affected
Version
17.13.1a
Status
affected
Version
17.14.1
Status
affected
Version
17.14.1a
Status
affected
Version
17.11.99SW
Status
affected
Version
17.15.1
Status
affected
Version
17.15.1w
Status
affected
Version
17.15.1a
Status
affected
Version
17.15.2
Status
affected
Version
17.15.1b
Status
affected
Version
17.15.1x
Status
affected
Version
17.15.1z
Status
affected
Version
17.15.3
Status
affected
Version
17.15.2c
Status
affected
Version
17.15.2a
Status
affected
Version
17.15.1y
Status
affected
Version
17.15.2b
Status
affected
Version
17.15.3a
Status
affected
Version
17.15.3b
Status
affected
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.08% | 0.251 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| psirt@cisco.com | 8.1 | 2.2 | 5.9 |
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
|
CWE-287 Improper Authentication
When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.