- Vulnerability/
- cisco-sa-snmpv3-qKEYvzsy
cisco-sa-snmpv3-qKEYvzsy: Cisco IOS and IOS XE Software SNMPv3 Configuration Restriction Vulnerability
First published: Wed May 07 2025(Updated: )
A vulnerability in the implementation of the Simple Network Management Protocol Version 3 (SNMPv3) feature of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacker to poll an affected device using SNMP, even if the device is configured to deny SNMP traffic from an unauthorized source or the SNMPv3 username is removed from the configuration.This vulnerability exists because of the way that the SNMPv3 configuration is stored in the Cisco IOS Software and Cisco IOS XE Software startup configuration. An attacker could exploit this vulnerability by polling an affected device from a source address that should have been denied. A successful exploit could allow the attacker to perform SNMP operations from a source that should be denied.Note: The attacker has no control of the SNMPv3 configuration. To exploit this vulnerability, the attacker must have valid SNMPv3 user credentials.For more information, see the Details section of this advisory.Cisco has not released software updates that address this vulnerability. However, there is a new method for configuring SNMPv3 so that it will not be affected by this vulnerability. There are workarounds that address this vulnerability.This advisory is available at the following link:https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snmpv3-qKEYvzsyThis advisory is part of the May 2025 release of the Cisco IOS and IOS XE Software Security Advisory Bundled Publication. For a complete list of the advisories and links to them, see Cisco Event Response: May 2025 Semiannual Cisco IOS and IOS XE Software Security Advisory Bundled Publication.
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Cisco IOS | ||
| Cisco IOS XE |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of cisco-sa-snmpv3-qKEYvzsy?
The severity of cisco-sa-snmpv3-qKEYvzsy is rated as high due to the potential for unauthorized access to sensitive information.
How do I fix cisco-sa-snmpv3-qKEYvzsy?
To fix cisco-sa-snmpv3-qKEYvzsy, ensure that SNMPv3 is securely configured and apply the latest security patches provided by Cisco.
What devices are affected by cisco-sa-snmpv3-qKEYvzsy?
Devices running vulnerable versions of Cisco IOS Software and Cisco IOS XE Software are affected by cisco-sa-snmpv3-qKEYvzsy.
Can cisco-sa-snmpv3-qKEYvzsy be exploited remotely?
Yes, cisco-sa-snmpv3-qKEYvzsy can be exploited remotely by an authenticated attacker.
What measures should be taken to mitigate the risks of cisco-sa-snmpv3-qKEYvzsy?
Mitigation measures for cisco-sa-snmpv3-qKEYvzsy include reviewing SNMP configurations and restricting access to trusted IP addresses.
- collector/cisco-recent
- source/Cisco
- agent/severity
- agent/title
- agent/references
- agent/source
- agent/last-modified-date
- agent/description
- agent/first-publish-date
- agent/type
- agent/event
- agent/softwarecombine
- agent/tags
- agent/guess-ai
- agent/software-canonical-lookup
- vendor/cisco
- canonical/cisco ios
- canonical/cisco ios xe