Approved changes feed: RSS · Atom

cpe:2.3:o:cisco:ios:15.2\(4\)m8:*:*:*:*:*:*:*

part: o version: 15.2(4)m8 update: *

VendorCisco (e1b3baff-aaf9-56a6-a68a-41e28ce616a5)
ProductIos (335bd590-b988-5d63-a96b-6de17994d578)
Edition*
Language*
Software edition*
Target software*
Target hardware*
Other*
NotesImported from NVD CPE 2.0 feed

PURL mappings

PURLSourceLast updated
No PURL mappings for this CPE yet.

Vulnerability references

IdentifiercpeApplicabilitySubmitteddb.gcve.eu detailsRationale
CVE:CVE-2025-20352 vulnerable 2026-06-08 07:08:48.350875 Details available
HIGH (7.7)
A vulnerability in the Simple Network Management Protocol (SNMP) subsystem of Cisco IOS Software and Cisco IOS XE Software could allow the following: An authenticated, remote attacker with low privileges could cause a denial of service (DoS) condition on an affected device that is running Cisco IOS Software or Cisco IOS XE Software. To cause the DoS, the attacker must have the SNMPv2c or earlier read-only community string or valid SNMPv3 user credentials. An authenticated, remote attacker with high privileges could execute code as the root user on an affected device that is running Cisco IOS XE Software. To execute code as the root user, the attacker must have the SNMPv1 or v2c read-only community string or valid SNMPv3 user credentials and administrative or privilege 15 credentials on the affected device. An attacker could exploit this vulnerability by sending a crafted SNMP packet to an affected device over IPv4 or IPv6 networks. This vulnerability is due to a stack overflow condition in the SNMP subsystem of the affected software. A successful exploit could allow a low-privileged attacker to cause the affected system to reload, resulting in a DoS condition, or allow a high-privileged attacker to execute arbitrary code as the root user and obtain full control of the affected system. Note: This vulnerability affects all versions of SNMP.
Published: 2025-09-24T17:10:42.891Z
Updated: 2026-02-26T17:48:03.098Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2025-20175 vulnerable 2026-06-08 07:08:45.253733 Details available
HIGH (7.7)
A vulnerability in the SNMP subsystem of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacker to cause a DoS condition on an affected device. This vulnerability is due to improper error handling when parsing SNMP requests. An attacker could exploit this vulnerability by sending a crafted SNMP request to an affected device. A successful exploit could allow the attacker to cause the device to reload unexpectedly, resulting in a DoS condition.  This vulnerability affects SNMP versions 1, 2c, and 3. To exploit this vulnerability through SNMP v2c or earlier, the attacker must know a valid read-write or read-only SNMP community string for the affected system. To exploit this vulnerability through SNMP v3, the attacker must have valid SNMP user credentials for the affected system.
Published: 2025-02-05T16:39:51.163Z
Updated: 2025-02-05T16:54:57.276Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2025-20173 vulnerable 2026-06-08 07:08:45.101656 Details available
HIGH (7.7)
A vulnerability in the SNMP subsystem of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacker to cause a DoS condition on an affected device. This vulnerability is due to improper error handling when parsing SNMP requests. An attacker could exploit this vulnerability by sending a crafted SNMP request to an affected device. A successful exploit could allow the attacker to cause the device to reload unexpectedly, resulting in a DoS condition.  This vulnerability affects SNMP versions 1, 2c, and 3. To exploit this vulnerability through SNMP v2c or earlier, the attacker must know a valid read-write or read-only SNMP community string for the affected system. To exploit this vulnerability through SNMP v3, the attacker must have valid SNMP user credentials for the affected system.
Published: 2025-02-05T16:35:23.109Z
Updated: 2025-03-13T12:59:55.686Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2025-20172 vulnerable 2026-06-08 07:08:44.862141 Details available
HIGH (7.7)
A vulnerability in the SNMP subsystem of Cisco IOS Software, Cisco IOS XE Software, and Cisco IOS XR Software could allow an authenticated, remote attacker to cause a DoS condition on an affected device. This vulnerability is due to improper error handling when parsing SNMP requests. An attacker could exploit this vulnerability by sending a crafted SNMP request to an affected device. For Cisco IOS and IOS XE Software, a successful exploit could allow the attacker to cause the device to reload unexpectedly, resulting in a DoS condition. For Cisco IOS XR Software, a successful exploit could allow the attacker to cause the SNMP process to restart, resulting in an interrupted SNMP response from an affected device. Devices that are running Cisco IOS XR Software will not reload.  This vulnerability affects SNMP versions 1, 2c, and 3. To exploit this vulnerability through SNMP v2c or earlier, the attacker must know a valid read-write or read-only SNMP community string for the affected system. To exploit this vulnerability through SNMP v3, the attacker must have valid SNMP user credentials for the affected system.
Published: 2025-02-05T16:37:29.828Z
Updated: 2025-03-13T12:58:43.080Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2025-20171 vulnerable 2026-06-08 07:08:43.957633 Details available
HIGH (7.7)
A vulnerability in the SNMP subsystem of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacker to cause a DoS condition on an affected device. This vulnerability is due to improper error handling when parsing SNMP requests. An attacker could exploit this vulnerability by sending a crafted SNMP request to an affected device. A successful exploit could allow the attacker to cause the device to reload unexpectedly, resulting in a DoS condition.  This vulnerability affects SNMP versions 1, 2c, and 3. To exploit this vulnerability through SNMP v2c or earlier, the attacker must know a valid read-write or read-only SNMP community string for the affected system. To exploit this vulnerability through SNMP v3, the attacker must have valid SNMP user credentials for the affected system.
Published: 2025-02-05T16:38:46.229Z
Updated: 2025-03-13T15:06:38.137Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2025-20170 vulnerable 2026-06-08 07:08:43.781617 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2025-20169 vulnerable 2026-06-08 07:08:42.838931 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2024-20433 vulnerable 2026-06-08 06:27:27.516564 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2024-20312 vulnerable 2026-06-08 06:27:22.221930 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2024-20308 vulnerable 2026-06-08 06:27:21.557222 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2023-20186 vulnerable 2026-06-08 05:52:41.318502 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2023-20109 vulnerable 2026-06-08 05:52:40.086879 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2023-20080 vulnerable 2026-06-08 05:52:39.019992 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2022-20920 vulnerable 2026-06-08 05:39:57.016805 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2021-34705 vulnerable 2026-06-08 05:32:15.803723 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2020-3230 vulnerable 2026-06-08 05:25:54.079000 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2020-3204 vulnerable 2026-06-08 05:25:53.373823 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2020-3201 vulnerable 2026-06-08 05:25:53.143868 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2020-3200 vulnerable 2026-06-08 05:25:51.875364 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2019-1761 vulnerable 2026-06-08 05:13:29.020000 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2019-1752 vulnerable 2026-06-08 05:13:28.414346 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2019-1737 vulnerable 2026-06-08 05:13:27.337332 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2017-6770 vulnerable 2026-06-08 05:09:54.674915 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2017-6744 vulnerable 2026-06-08 05:09:52.597233 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2017-3863 vulnerable 2026-06-08 05:09:37.681882 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2017-3862 vulnerable 2026-06-08 05:09:37.668943 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2017-3861 vulnerable 2026-06-08 05:09:37.657559 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2017-3860 vulnerable 2026-06-08 05:09:37.609127 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2017-12228 vulnerable 2026-06-08 05:08:45.685423 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2016-6392 vulnerable 2026-06-08 05:08:02.020368 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2016-6381 vulnerable 2026-06-08 05:08:01.867531 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2016-6380 vulnerable 2026-06-08 05:08:01.732797 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2016-1409 vulnerable 2026-06-08 05:07:30.988024 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.