Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

fstec логотип

BDU:2025-11712

Опубликовано: 24 сент. 2025
Источник: fstec
CVSS3: 5.3
CVSS2: 5
EPSS Низкий

Описание

Уязвимость операционных систем Cisco IOS XE сетевого устройства Catalyst 9800 связана с неполной очисткой временных или вспомогательных ресурсов. Эксплуатация уязвимости может позволить нарушителю, действующему удаленно, получить доступ к контроллеру

Вендор

Cisco Systems Inc.

Наименование ПО

Catalyst 9800

Версия ПО

- (Catalyst 9800)

Тип ПО

Сетевое средство

Операционные системы и аппаратные платформы

Cisco Systems Inc. Cisco IOS XE 16.10.1
Cisco Systems Inc. Cisco IOS XE 16.12.1
Cisco Systems Inc. Cisco IOS XE 16.10.1s
Cisco Systems Inc. Cisco IOS XE 16.10.1e
Cisco Systems Inc. Cisco IOS XE 16.11.1
Cisco Systems Inc. Cisco IOS XE 16.11.1a
Cisco Systems Inc. Cisco IOS XE 16.11.1b
Cisco Systems Inc. Cisco IOS XE 16.11.1c
Cisco Systems Inc. Cisco IOS XE 16.12.1s
Cisco Systems Inc. Cisco IOS XE 16.12.1t
Cisco Systems Inc. Cisco IOS XE 17.2.1
Cisco Systems Inc. Cisco IOS XE 17.1.1
Cisco Systems Inc. Cisco IOS XE 16.12.2s
Cisco Systems Inc. Cisco IOS XE 16.12.2t
Cisco Systems Inc. Cisco IOS XE 16.12.4
Cisco Systems Inc. Cisco IOS XE 16.12.3s
Cisco Systems Inc. Cisco IOS XE 16.12.4a
Cisco Systems Inc. Cisco IOS XE 17.1.1s
Cisco Systems Inc. Cisco IOS XE 17.1.2
Cisco Systems Inc. Cisco IOS XE 17.1.1t
Cisco Systems Inc. Cisco IOS XE 17.1.3
Cisco Systems Inc. Cisco IOS XE 17.2.1a
Cisco Systems Inc. Cisco IOS XE 17.3.1
Cisco Systems Inc. Cisco IOS XE 17.6.1
Cisco Systems Inc. Cisco IOS XE 17.9.1
Cisco Systems Inc. Cisco IOS XE 17.11.1
Cisco Systems Inc. Cisco IOS XE 17.12.1
Cisco Systems Inc. Cisco IOS XE 17.10.1
Cisco Systems Inc. Cisco IOS XE 16.12.3
Cisco Systems Inc. Cisco IOS XE 16.12.8
Cisco Systems Inc. Cisco IOS XE 16.12.5
Cisco Systems Inc. Cisco IOS XE 16.12.6
Cisco Systems Inc. Cisco IOS XE 16.12.6a
Cisco Systems Inc. Cisco IOS XE 16.12.7
Cisco Systems Inc. Cisco IOS XE 17.8.1
Cisco Systems Inc. Cisco IOS XE 17.9.2
Cisco Systems Inc. Cisco IOS XE 17.9.3
Cisco Systems Inc. Cisco IOS XE 17.9.4
Cisco Systems Inc. Cisco IOS XE 17.9.4a
Cisco Systems Inc. Cisco IOS XE 17.7.1
Cisco Systems Inc. Cisco IOS XE 17.6.5a
Cisco Systems Inc. Cisco IOS XE 17.6.6a
Cisco Systems Inc. Cisco IOS XE 17.6.6
Cisco Systems Inc. Cisco IOS XE 17.6.2
Cisco Systems Inc. Cisco IOS XE 17.6.3
Cisco Systems Inc. Cisco IOS XE 17.6.4
Cisco Systems Inc. Cisco IOS XE 17.6.5
Cisco Systems Inc. Cisco IOS XE 17.3.2
Cisco Systems Inc. Cisco IOS XE 17.3.3
Cisco Systems Inc. Cisco IOS XE 17.3.2a
Cisco Systems Inc. Cisco IOS XE 17.3.4
Cisco Systems Inc. Cisco IOS XE 17.3.5
Cisco Systems Inc. Cisco IOS XE 17.3.6
Cisco Systems Inc. Cisco IOS XE 17.3.4c
Cisco Systems Inc. Cisco IOS XE 17.3.5a
Cisco Systems Inc. Cisco IOS XE 17.3.5b
Cisco Systems Inc. Cisco IOS XE 17.3.7
Cisco Systems Inc. Cisco IOS XE 17.3.8
Cisco Systems Inc. Cisco IOS XE 17.3.8a
Cisco Systems Inc. Cisco IOS XE 17.4.1
Cisco Systems Inc. Cisco IOS XE 17.5.1
Cisco Systems Inc. Cisco IOS XE 17.12.2
Cisco Systems Inc. Cisco IOS XE 17.13.1
Cisco Systems Inc. Cisco IOS XE 17.6.7
Cisco Systems Inc. Cisco IOS XE 17.6.8

Уровень опасности уязвимости

Средний уровень опасности (базовая оценка CVSS 2.0 составляет 5)
Средний уровень опасности (базовая оценка CVSS 3.1 составляет 5,3)

Возможные меры по устранению уязвимости

Использование рекомендаций производителя:
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-9800cl-openscep-SB4xtxzP

Статус уязвимости

Подтверждена производителем

Наличие эксплойта

Данные уточняются

Информация об устранении

Уязвимость устранена

Ссылки на источники

Идентификаторы других систем описаний уязвимостей

EPSS

Процентиль: 7%
0.00028
Низкий

5.3 Medium

CVSS3

5 Medium

CVSS2

Связанные уязвимости

nvd логотип

CVE-2025-20293

CVSS3: 5.3
nvd
5 месяцев назад

A vulnerability in the Day One setup process of Cisco IOS XE Software for Catalyst 9800 Series Wireless Controllers for Cloud (9800-CL) could allow an unauthenticated, remote attacker to access the public-key infrastructure (PKI) server that is running on an affected device. This vulnerability is due to incomplete cleanup upon completion of the Day One setup process. An attacker could exploit this vulnerability by sending Simple Certificate Enrollment Protocol (SCEP) requests to an affected device. A successful exploit could allow the attacker to request a certificate from the virtual wireless controller and then use the acquired certificate to join an attacker-controlled device to the virtual wireless controller.

github логотип

GHSA-vjm2-5vch-882g

CVSS3: 5.3
github
5 месяцев назад

A vulnerability in the Day One setup process of Cisco IOS XE Software for Catalyst 9800 Series Wireless Controllers for Cloud (9800-CL) could allow an unauthenticated, remote attacker to access the public-key infrastructure (PKI) server that is running on an affected device. This vulnerability is due to incomplete cleanup upon completion of the Day One setup process. An attacker could exploit this vulnerability by sending Simple Certificate Enrollment Protocol (SCEP) requests to an affected device. A successful exploit could allow the attacker to request a certificate from the virtual wireless controller and then use the acquired certificate to join an attacker-controlled device to the virtual wireless controller.

EPSS

Процентиль: 7%
0.00028
Низкий

5.3 Medium

CVSS3

5 Medium

CVSS2