How severe is CVE-2025-20151?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 4.3 out of 10.

What type of vulnerability is CVE-2025-20151?

This is classified as CWE-16, which is a common weakness in software security.

CVE-2025-20151 - MEDIUM Severity | CVSS 4.3

Vulnerability Description

A vulnerability in the implementation of the Simple Network Management Protocol Version 3 (SNMPv3) feature of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacker to poll an affected device using SNMP, even if the device is configured to deny SNMP traffic from an unauthorized source or the SNMPv3 username is removed from the configuration. This vulnerability exists because of the way that the SNMPv3 configuration is stored in the Cisco IOS Software and Cisco IOS XE Software startup configuration. An attacker could exploit this vulnerability by polling an affected device from a source address that should have been denied. A successful exploit could allow the attacker to perform SNMP operations from a source that should be denied. Note: The attacker has no control of the SNMPv3 configuration. To exploit this vulnerability, the attacker must have valid SNMPv3 user credentials. For more information, see the section of this advisory.

Related Vulnerabilities

CVE-2019-19091

MEDIUM

CVSS:4.3(Medium)

For ABB eSOMS versions 4.0 to 6.0.3, HTTPS responses contain comments with sensitive information about the application. An attacker might use this detail information to specifically craft the attack.

CWE-162019

CVE-2020-1769

MEDIUM

CVSS:4.3(Medium)

In the login screens (in agent and customer interface), Username and Password fields use autocomplete, which might be considered as security issue. This issue affects: ((OTRS)) Community Edition: 5.0....

CWE-162020

CVE-2017-12306

MEDIUM

CVSS:4.4(Medium)

A vulnerability in the upgrade process of Cisco Spark Board could allow an authenticated, local attacker to install an unverified upgrade package, aka Signature Verification Bypass. The vulnerability ...

CWE-162017

CVE-2019-19090

LOW

CVSS:3.5(Low)

For ABB eSOMS versions 4.0 to 6.0.2, the Secure Flag is not set in the HTTP response header. Unencrypted connections might access the cookie information, thus making it susceptible to eavesdropping.

CWE-162019

CVE-2019-19092

LOW

CVSS:3.5(Low)

ABB eSOMS versions 4.0 to 6.0.3 use ASP.NET Viewstate without Message Authentication Code (MAC). Alterations to Viewstate might thus not be noticed.

CWE-162019

CVE-2018-15448

MEDIUM

CVSS:5.3(Medium)

A vulnerability in the user management functions of Cisco Registered Envelope Service could allow an unauthenticated, remote attacker to discover sensitive user information. The attacker could use thi...

CWE-162018