Ixia Vision Product Family
Approved changes feed: RSS · Atom
cpe:2.3:a:keysight:ixia_vision_product_family:*:*:*:*:*:*:*:*
part: a version: * update: *
| Vendor | Keysight (874b7097-5e29-5e4f-b5af-f7aeb0f6109c) |
|---|---|
| Product | Ixia Vision Product Family (78c44dc8-39a0-5c00-810a-0229e8d9eb05) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2025-24525 |
vulnerable | 2026-06-03 14:59:56.247423 |
Keysight Ixia Vision Product Family Use of Hard-coded Cryptographic Key
HIGH (7.5)
Keysight Ixia Vision has an issue with hardcoded cryptographic material
which may allow an attacker to intercept or decrypt payloads sent to the
device via API calls or user authentication if the end user does not
replace the TLS certificate that shipped with the device. Remediation is
available in Version 6.9.1, released on September 23, 2025.
Published: 2025-09-30T23:04:14.688Z
Updated: 2025-10-01T15:02:51.427Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-24521 |
vulnerable | 2026-06-03 14:59:56.241180 |
Keysight Ixia Vision Product Family Improper Restriction of XML External Entity Reference
MEDIUM (4.9)
External XML entity injection allows arbitrary download of files. The
score without least privilege principle violation is as calculated
below. In combination with other issues it may facilitate further
compromise of the device. Remediation in Version 6.8.0, release date:
01-Mar-25.
Published: 2025-03-05T15:17:23.659Z
Updated: 2025-03-06T21:57:07.875Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-24494 |
vulnerable | 2026-06-03 14:59:56.196957 |
Keysight Ixia Vision Product Family Path Traversal
HIGH (7.2)
Path traversal may allow remote code execution using privileged account
(requires device admin account, cannot be performed by a regular user).
In combination with the 'Upload' functionality this could be used to
execute an arbitrary script or possibly an uploaded binary. Remediation
in Version 6.7.0, release date: 20-Oct-24.
Published: 2025-03-05T15:15:19.986Z
Updated: 2025-03-05T16:09:05.368Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-23416 |
vulnerable | 2026-06-03 14:59:42.485394 |
Keysight Ixia Vision Product Family Path Traversal
MEDIUM (4.9)
Path traversal may lead to arbitrary file deletion. The score without
least privilege principle violation is as calculated below. In
combination with other issues it may facilitate further compromise of
the device. Remediation in Version 6.8.0, release date: 01-Mar-25.
Published: 2025-03-05T15:21:16.261Z
Updated: 2025-03-05T16:23:35.837Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-21095 |
vulnerable | 2026-06-03 14:59:17.261880 |
Keysight Ixia Vision Product Family Path Traversal
MEDIUM (4.9)
Path traversal may lead to arbitrary file download. The score without
least privilege principle violation is as calculated below. In
combination with other issues it may facilitate further compromise of
the device. Remediation in Version 6.8.0, release date: 01-Mar-25.
Published: 2025-03-05T15:19:16.713Z
Updated: 2025-03-06T21:57:46.909Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.