Analysis Summary

CVE-2025-20204 CVSS:4.8

Cisco Identity Services Engine (ISE) is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote authenticated attacker could exploit this vulnerability to inject malicious script into a Web page which would be executed in a victim's Web browser within the security context of the hosting Web site, once the page is viewed.

CVE-2025-20205 CVSS:4.8

Cisco Identity Services Engine (ISE) is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote authenticated attacker could exploit this vulnerability to inject malicious script into a Web page which would be executed in a victim's Web browser within the security context of the hosting Web site, once the page is viewed.

CVE-2025-20207 CVSS:4.3

Cisco Secure Email and Web Manager, Cisco Secure Email Gateway, and Cisco Secure Web Appliance could allow a remote attacker to obtain sensitive information caused by not protecting confidential information at rest in response to SNMP poll requests.

CVE-2025-20199 CVSS:4.6

A vulnerability in the CLI of Cisco IOS XE Software could allow an authenticated, local attacker with privilege level 15 to elevate privileges to root on the underlying operating system of an affected device.

CVE-2025-20200 CVSS:6.7

A vulnerability in the CLI of Cisco IOS XE Software could allow an authenticated, local attacker with privilege level 15 to elevate privileges to root on the underlying operating system of an affected device.

CVE-2025-20191 CVSS:7.4

A vulnerability in the Switch Integrated Security Features (SISF) of Cisco IOS Software, Cisco IOS XE Software, Cisco NX-OS Software, and Cisco Wireless LAN Controller (WLC) AireOS Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device.

CVE-2025-20192 CVSS:7.7

A vulnerability in the Internet Key Exchange version 1 (IKEv1) implementation of Cisco IOS XE Software could allow an authenticated, remote attacker to cause a denial of service (DoS) condition. The attacker must have valid IKEv1 VPN credentials to exploit this vulnerability.

CVE-2025-20193 CVSS:6.7

A vulnerability in the web-based management interface of Cisco IOS XE Software could allow an authenticated, low-privileged, remote attacker to perform an injection attack against an affected device.

CVE-2025-20194 CVSS:5.4

A vulnerability in the web-based management interface of Cisco IOS XE Software could allow an authenticated, low-privileged, remote attacker to perform an injection attack against an affected device.

CVE-2025-20195 CVSS:4.3

A vulnerability in the web-based management interface of Cisco IOS XE Software could allow an unauthenticated, remote attacker to perform a CSRF attack and execute commands on the CLI of an affected device.

CVE-2025-20196 CVSS:5.3

A vulnerability in the Cisco IOx application hosting environment of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause the Cisco IOx application hosting environment to stop responding, resulting in a denial of service (DoS) condition

Impact

• Code Execution
• Denial of Service
• Cross-Site Scripting
• Privilege Escalation

Indicators of Compromise

CVE

• CVE-2025-20204
• CVE-2025-20205
• CVE-2025-20207
• CVE-2025-20199
• CVE-2025-20200
• CVE-2025-20191
• CVE-2025-20192
• CVE-2025-20193
• CVE-2025-20194
• CVE-2025-20195
• CVE-2025-20196

Affected Vendors

Remediation

Refer to Cisco Security Advisory for patch, upgrade, or suggested workaround information.

CVE-2025-20204

CVE-2025-20205

CVE-2025-20207

CVE-2025-20199

CVE-2025-20200

CVE-2025-20191

CVE-2025-20192

CVE-2025-20193

CVE-2025-20194

CVE-2025-20195

CVE-2025-20196