CVE-2025-20195

A vulnerability in the web-based management interface of Cisco IOS XE Software could allow an unauthenticated, remote attacker to perform a CSRF attack and execute commands on the CLI of an affected device.

This vulnerability is due to insufficient CSRF protections for the web-based management interface of an affected device. An attacker could exploit this vulnerability by persuading an already authenticated user to follow a crafted link. A successful exploit could allow the attacker to clear the syslog, parser, and licensing logs on the affected device if the targeted user has privileges to clear those logs.

Published: May 7, 2025
Updated: May 8, 2025
CVE: CVE-2025-20195
Severity: Low
Exploit:

CVSS v3:

Severity: Low
Score: 4.3
AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

CWEs:

CWE-352

Affected Software
References

Software	From	Fixed in
cisco / ios_xe	16.2.1	16.2.1.x
cisco / ios_xe	16.1.3	16.1.3.x
cisco / ios_xe	16.1.2	16.1.2.x
cisco / ios_xe	16.6.1	16.6.1.x
cisco / ios_xe	16.1.1	16.1.1.x
cisco / ios_xe	16.4.1	16.4.1.x
cisco / ios_xe	16.2.2	16.2.2.x
cisco / ios_xe	16.3.1	16.3.1.x
cisco / ios_xe	16.3.2	16.3.2.x
cisco / ios_xe	16.3.3	16.3.3.x
cisco / ios_xe	16.3.1a	16.3.1a.x
cisco / ios_xe	16.3.4	16.3.4.x
cisco / ios_xe	16.3.5b	16.3.5b.x
cisco / ios_xe	16.3.6	16.3.6.x
cisco / ios_xe	16.4.2	16.4.2.x
cisco / ios_xe	16.5.1	16.5.1.x
cisco / ios_xe	16.5.1a	16.5.1a.x
cisco / ios_xe	16.5.1b	16.5.1b.x
cisco / ios_xe	16.3.5	16.3.5.x
cisco / ios_xe	16.3.7	16.3.7.x
cisco / ios_xe	16.3.8	16.3.8.x
cisco / ios_xe	16.4.3	16.4.3.x
cisco / ios_xe	16.5.2	16.5.2.x
cisco / ios_xe	16.5.3	16.5.3.x
cisco / ios_xe	16.6.2	16.6.2.x
cisco / ios_xe	16.6.3	16.6.3.x
cisco / ios_xe	16.7.1	16.7.1.x
cisco / ios_xe	16.7.1a	16.7.1a.x
cisco / ios_xe	16.7.1b	16.7.1b.x
cisco / ios_xe	16.7.2	16.7.2.x
cisco / ios_xe	16.7.3	16.7.3.x
cisco / ios_xe	16.8.1	16.8.1.x
cisco / ios_xe	16.8.1a	16.8.1a.x
cisco / ios_xe	16.8.1b	16.8.1b.x
cisco / ios_xe	16.8.1s	16.8.1s.x
cisco / ios_xe	16.8.1c	16.8.1c.x
cisco / ios_xe	16.8.1d	16.8.1d.x
cisco / ios_xe	16.8.2	16.8.2.x
cisco / ios_xe	16.8.1e	16.8.1e.x
cisco / ios_xe	16.9.1	16.9.1.x
cisco / ios_xe	16.9.1b	16.9.1b.x
cisco / ios_xe	16.9.1s	16.9.1s.x
cisco / ios_xe	16.3.9	16.3.9.x
cisco / ios_xe	16.3.10	16.3.10.x
cisco / ios_xe	16.6.4	16.6.4.x
cisco / ios_xe	16.6.5	16.6.5.x
cisco / ios_xe	16.6.4a	16.6.4a.x
cisco / ios_xe	16.6.5a	16.6.5a.x
cisco / ios_xe	16.6.6	16.6.6.x
cisco / ios_xe	16.6.7	16.6.7.x
cisco / ios_xe	16.6.8	16.6.8.x
cisco / ios_xe	16.7.4	16.7.4.x
cisco / ios_xe	16.8.3	16.8.3.x
cisco / ios_xe	16.9.2	16.9.2.x
cisco / ios_xe	16.9.1a	16.9.1a.x
cisco / ios_xe	16.9.3	16.9.3.x
cisco / ios_xe	16.9.4	16.9.4.x
cisco / ios_xe	16.9.3a	16.9.3a.x
cisco / ios_xe	16.9.5	16.9.5.x
cisco / ios_xe	16.9.5f	16.9.5f.x
cisco / ios_xe	16.10.1	16.10.1.x
cisco / ios_xe	16.10.1a	16.10.1a.x
cisco / ios_xe	16.10.1b	16.10.1b.x
cisco / ios_xe	16.10.1s	16.10.1s.x
cisco / ios_xe	16.10.1c	16.10.1c.x
cisco / ios_xe	16.10.1e	16.10.1e.x
cisco / ios_xe	16.10.1d	16.10.1d.x
cisco / ios_xe	16.10.2	16.10.2.x
cisco / ios_xe	16.10.1f	16.10.1f.x
cisco / ios_xe	16.10.1g	16.10.1g.x
cisco / ios_xe	16.10.3	16.10.3.x
cisco / ios_xe	16.11.1	16.11.1.x
cisco / ios_xe	16.11.1a	16.11.1a.x
cisco / ios_xe	16.11.1b	16.11.1b.x
cisco / ios_xe	16.11.2	16.11.2.x
cisco / ios_xe	16.11.1s	16.11.1s.x
cisco / ios_xe	16.12.1	16.12.1.x
cisco / ios_xe	16.12.1s	16.12.1s.x
cisco / ios_xe	16.12.1a	16.12.1a.x
cisco / ios_xe	16.12.1c	16.12.1c.x
cisco / ios_xe	16.12.1w	16.12.1w.x
cisco / ios_xe	16.12.2	16.12.2.x
cisco / ios_xe	16.12.1y	16.12.1y.x
cisco / ios_xe	16.12.2a	16.12.2a.x
cisco / ios_xe	16.12.3	16.12.3.x
cisco / ios_xe	16.12.8	16.12.8.x
cisco / ios_xe	16.12.1x	16.12.1x.x
cisco / ios_xe	16.12.1t	16.12.1t.x
cisco / ios_xe	16.12.4	16.12.4.x
cisco / ios_xe	17.1.1	17.1.1.x
cisco / ios_xe	16.3.11	16.3.11.x
cisco / ios_xe	16.6.9	16.6.9.x
cisco / ios_xe	16.6.10	16.6.10.x
cisco / ios_xe	16.9.6	16.9.6.x
cisco / ios_xe	16.9.7	16.9.7.x
cisco / ios_xe	16.9.8	16.9.8.x
cisco / ios_xe	16.12.2s	16.12.2s.x
cisco / ios_xe	16.12.3s	16.12.3s.x
cisco / ios_xe	16.12.3a	16.12.3a.x
cisco / ios_xe	16.12.4a	16.12.4a.x
cisco / ios_xe	16.12.5	16.12.5.x
cisco / ios_xe	16.12.6	16.12.6.x
cisco / ios_xe	16.12.1z1	16.12.1z1.x
cisco / ios_xe	16.12.5a	16.12.5a.x
cisco / ios_xe	16.12.5b	16.12.5b.x
cisco / ios_xe	16.12.1z2	16.12.1z2.x
cisco / ios_xe	16.12.6a	16.12.6a.x
cisco / ios_xe	16.12.7	16.12.7.x
cisco / ios_xe	16.12.9	16.12.9.x
cisco / ios_xe	17.1.1a	17.1.1a.x
cisco / ios_xe	17.1.1s	17.1.1s.x
cisco / ios_xe	17.1.1t	17.1.1t.x
cisco / ios_xe	17.1.3	17.1.3.x
cisco / ios_xe	17.2.1	17.2.1.x
cisco / ios_xe	17.2.1r	17.2.1r.x
cisco / ios_xe	17.2.1a	17.2.1a.x
cisco / ios_xe	17.2.1v	17.2.1v.x
cisco / ios_xe	17.2.2	17.2.2.x
cisco / ios_xe	17.2.3	17.2.3.x
cisco / ios_xe	17.3.1	17.3.1.x
cisco / ios_xe	17.3.2	17.3.2.x
cisco / ios_xe	17.3.3	17.3.3.x
cisco / ios_xe	17.3.1a	17.3.1a.x
cisco / ios_xe	17.3.1w	17.3.1w.x
cisco / ios_xe	17.3.2a	17.3.2a.x
cisco / ios_xe	17.3.1x	17.3.1x.x
cisco / ios_xe	17.3.1z	17.3.1z.x
cisco / ios_xe	17.3.4	17.3.4.x
cisco / ios_xe	17.3.5	17.3.5.x
cisco / ios_xe	17.3.4a	17.3.4a.x
cisco / ios_xe	17.3.6	17.3.6.x
cisco / ios_xe	17.3.4b	17.3.4b.x
cisco / ios_xe	17.3.4c	17.3.4c.x
cisco / ios_xe	17.3.5a	17.3.5a.x
cisco / ios_xe	17.3.5b	17.3.5b.x
cisco / ios_xe	17.3.7	17.3.7.x
cisco / ios_xe	17.4.1	17.4.1.x
cisco / ios_xe	17.4.2	17.4.2.x
cisco / ios_xe	17.4.1a	17.4.1a.x
cisco / ios_xe	17.4.1b	17.4.1b.x
cisco / ios_xe	17.4.2a	17.4.2a.x
cisco / ios_xe	17.5.1	17.5.1.x
cisco / ios_xe	17.5.1a	17.5.1a.x
cisco / ios_xe	17.6.1	17.6.1.x
cisco / ios_xe	17.6.2	17.6.2.x
cisco / ios_xe	17.6.1w	17.6.1w.x
cisco / ios_xe	17.6.1a	17.6.1a.x
cisco / ios_xe	17.6.1x	17.6.1x.x
cisco / ios_xe	17.6.3	17.6.3.x
cisco / ios_xe	17.6.1y	17.6.1y.x
cisco / ios_xe	17.6.1z	17.6.1z.x
cisco / ios_xe	17.6.3a	17.6.3a.x
cisco / ios_xe	17.6.4	17.6.4.x
cisco / ios_xe	17.6.1z1	17.6.1z1.x
cisco / ios_xe	17.6.5	17.6.5.x
cisco / ios_xe	17.6.5a	17.6.5a.x
cisco / ios_xe	17.7.1	17.7.1.x
cisco / ios_xe	17.7.1a	17.7.1a.x
cisco / ios_xe	17.7.1b	17.7.1b.x
cisco / ios_xe	17.7.2	17.7.2.x
cisco / ios_xe	17.10.1	17.10.1.x
cisco / ios_xe	17.10.1a	17.10.1a.x
cisco / ios_xe	17.10.1b	17.10.1b.x
cisco / ios_xe	17.8.1	17.8.1.x
cisco / ios_xe	17.8.1a	17.8.1a.x
cisco / ios_xe	17.9.1	17.9.1.x
cisco / ios_xe	17.9.1w	17.9.1w.x
cisco / ios_xe	17.9.2	17.9.2.x
cisco / ios_xe	17.9.1a	17.9.1a.x
cisco / ios_xe	17.9.1x	17.9.1x.x
cisco / ios_xe	17.9.1y	17.9.1y.x
cisco / ios_xe	17.9.3	17.9.3.x
cisco / ios_xe	17.9.2a	17.9.2a.x
cisco / ios_xe	17.9.1x1	17.9.1x1.x
cisco / ios_xe	17.9.3a	17.9.3a.x
cisco / ios_xe	17.9.1y1	17.9.1y1.x
cisco / ios_xe	17.11.1	17.11.1.x
cisco / ios_xe	17.11.1a	17.11.1a.x
cisco / ios_xe	17.12.1x	17.12.1x.x
cisco / ios_xe	17.12.2	17.12.2.x
cisco / ios_xe	17.12.3	17.12.3.x
cisco / ios_xe	17.12.2a	17.12.2a.x
cisco / ios_xe	17.12.1y	17.12.1y.x
cisco / ios_xe	17.13.1	17.13.1.x
cisco / ios_xe	17.13.1a	17.13.1a.x
cisco / ios_xe	17.11.99sw	17.11.99sw.x
cisco / ios_xe	16.12.10	16.12.10.x
cisco / ios_xe	16.12.10a	16.12.10a.x
cisco / ios_xe	16.12.11	16.12.11.x
cisco / ios_xe	16.12.12	16.12.12.x
cisco / ios_xe	17.3.8	17.3.8.x
cisco / ios_xe	17.3.8a	17.3.8a.x
cisco / ios_xe	17.6.6	17.6.6.x
cisco / ios_xe	17.6.6a	17.6.6a.x
cisco / ios_xe	17.6.7	17.6.7.x
cisco / ios_xe	17.9.4	17.9.4.x
cisco / ios_xe	17.9.5	17.9.5.x
cisco / ios_xe	17.9.4a	17.9.4a.x
cisco / ios_xe	17.9.5a	17.9.5a.x
cisco / ios_xe	17.9.5b	17.9.5b.x
cisco / ios_xe	17.9.5e	17.9.5e.x
cisco / ios_xe	17.9.5f	17.9.5f.x
cisco / ios_xe	17.12.1	17.12.1.x
cisco / ios_xe	17.12.1w	17.12.1w.x
cisco / ios_xe	17.12.1a	17.12.1a.x
cisco / ios_xe	17.12.1z	17.12.1z.x
cisco / ios_xe	17.12.3a	17.12.3a.x
cisco / ios_xe	17.12.1z1	17.12.1z1.x
cisco / ios_xe	17.14.1	17.14.1.x
cisco / ios_xe	17.14.1a	17.14.1a.x

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webui-multi-ARNHM4v6

Vulnerability Database

CVE-2025-20195