Approved changes feed: RSS · Atom

cpe:2.3:o:cisco:ios:12.4\(25e\)jap1n:*:*:*:*:*:*:*

part: o version: 12.4(25e)jap1n update: *

VendorCisco (e1b3baff-aaf9-56a6-a68a-41e28ce616a5)
ProductIos (335bd590-b988-5d63-a96b-6de17994d578)
Edition*
Language*
Software edition*
Target software*
Target hardware*
Other*
NotesImported from NVD CPE 2.0 feed

PURL mappings

PURLSourceLast updated
No PURL mappings for this CPE yet.

Vulnerability references

IdentifiercpeApplicabilitySubmitteddb.gcve.eu detailsRationale
CVE:CVE-2025-20170 vulnerable 2026-06-08 07:08:43.744655 Details available
HIGH (7.7)
A vulnerability in the SNMP subsystem of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacker to cause a DoS condition on an affected device. This vulnerability is due to improper error handling when parsing SNMP requests. An attacker could exploit this vulnerability by sending a crafted SNMP request to an affected device. A successful exploit could allow the attacker to cause the device to reload unexpectedly, resulting in a DoS condition.  This vulnerability affects SNMP versions 1, 2c, and 3. To exploit this vulnerability through SNMP v2c or earlier, the attacker must know a valid read-write or read-only SNMP community string for the affected system. To exploit this vulnerability through SNMP v3, the attacker must have valid SNMP user credentials for the affected system.
Published: 2025-02-05T16:39:11.660Z
Updated: 2025-02-05T16:56:20.675Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2025-20169 vulnerable 2026-06-08 07:08:42.497879 Details available
HIGH (7.7)
A vulnerability in the SNMP subsystem of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacker to cause a DoS condition on an affected device. This vulnerability is due to improper error handling when parsing SNMP requests. An attacker could exploit this vulnerability by sending a crafted SNMP request to an affected device. A successful exploit could allow the attacker to cause the device to reload unexpectedly, resulting in a DoS condition.  This vulnerability affects SNMP versions 1, 2c, and 3. To exploit this vulnerability through SNMP v2c or earlier, the attacker must know a valid read-write or read-only SNMP community string for the affected system. To exploit this vulnerability through SNMP v3, the attacker must have valid SNMP user credentials for the affected system.
Published: 2025-02-05T16:40:24.267Z
Updated: 2025-02-05T16:52:06.424Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2021-34705 vulnerable 2026-06-08 05:32:15.674083 Cisco IOS and IOS XE Software FXO Interface Destination Pattern Bypass Vulnerability
MEDIUM (5.3)
A vulnerability in the Voice Telephony Service Provider (VTSP) service of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to bypass configured destination patterns and dial arbitrary numbers. This vulnerability is due to insufficient validation of dial strings at Foreign Exchange Office (FXO) interfaces. An attacker could exploit this vulnerability by sending a malformed dial string to an affected device via either the ISDN protocol or SIP. A successful exploit could allow the attacker to conduct toll fraud, resulting in unexpected financial impact to affected customers.
Published: 2021-09-23T02:26:09.005Z
Updated: 2024-09-16T18:33:27.582Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2017-12228 vulnerable 2026-06-08 05:08:45.596568 Details available
A vulnerability in the Cisco Network Plug and Play application of Cisco IOS 12.4 through 15.6 and Cisco IOS XE 3.3 through 16.4 could allow an unauthenticated, remote attacker to gain unauthorized access to sensitive data by using an invalid certificate. The vulnerability is due to insufficient certificate validation by the affected software. An attacker could exploit this vulnerability by supplying a crafted certificate to an affected device. A successful exploit could allow the attacker to conduct man-in-the-middle attacks to decrypt confidential information on user connections to the affected software. Cisco Bug IDs: CSCvc33171.
Published: 2017-09-28T07:00:00.000Z
Updated: 2024-08-05T18:28:16.694Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2016-1409 vulnerable 2026-06-08 05:07:30.786441 Details available
The Neighbor Discovery (ND) protocol implementation in the IPv6 stack in Cisco IOS XE 2.1 through 3.17S, IOS XR 2.0.0 through 5.3.2, and NX-OS allows remote attackers to cause a denial of service (packet-processing outage) via crafted ND messages, aka Bug ID CSCuz66542, as exploited in the wild in May 2016.
Published: 2016-05-29T22:00:00.000Z
Updated: 2024-08-05T22:55:14.367Z
Reference links
Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.