Description
A vulnerability in Cisco IOS XE Software for Cisco Meraki could allow a remote, unauthenticated attacker to view confidential device information.

This vulnerability is due to a device configuration upload being performed over an insecure tunnel. An attacker could exploit this vulnerability by conducting an on-path attack between the affected device and the Cisco Meraki Dashboard. A successful exploit could allow the attacker to view sensitive device configuration information.
Published: 2026-03-25
Score: 6.1 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Remote unauthenticated disclosure of device configuration
Action: Immediate Patch
AI Analysis

Impact

A configuration‑upload process in Cisco IOS XE Software for Cisco Meraki uses an insecure tunnel between the device and the Cisco Meraki Dashboard, allowing anyone who can intercept that traffic to read confidential device configuration data. This represents a lack of encryption or authentication in transit, matching CWE‑319, and exposes sensitive operational information that could be leveraged for further attacks.

Affected Systems

Cisco IOS XE Software on Cisco Meraki devices are affected; the advisory does not list specific firmware or release versions, so administrators must verify that their installations run builds that are pending a patch or update from Cisco and follow the vendor’s guidance to identify vulnerable builds.

Risk and Exploitability

The CVSS base score of 6.1 indicates moderate severity. The description states that an attacker on the network path between the device and the dashboard can exploit the flaw; this inference is drawn from the mention of an "on‑path attack" and is not directly listed elsewhere. No EPSS score is available, and the vulnerability is not in the CISA KEV catalog. Because no public patch or workaround is referenced, the risk remains until a vendor update is applied or the device is isolated from the dashboard network segment.

Generated by OpenCVE AI on March 25, 2026 at 19:55 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply the latest Cisco IOS XE firmware update for Cisco Meraki devices as released by Cisco.
  • If an update is not yet available, isolate the Meraki device from the Cisco Meraki Dashboard network segment or force dashboard access over a secure VPN tunnel.
  • Continuously monitor network traffic for signs of on‑path interception and review device logs for abnormal configuration‑upload activity.

Generated by OpenCVE AI on March 25, 2026 at 19:55 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Thu, 26 Mar 2026 12:00:00 +0000

Type Values Removed Values Added
First Time appeared Cisco
Cisco ios Xe Software
Vendors & Products Cisco
Cisco ios Xe Software

Wed, 25 Mar 2026 22:00:00 +0000

Type Values Removed Values Added
Title Unencrypted Configuration Upload Allows Device Information Disclosure in Cisco Meraki

Wed, 25 Mar 2026 18:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Wed, 25 Mar 2026 16:15:00 +0000

Type Values Removed Values Added
Description A vulnerability in Cisco IOS XE Software for Cisco Meraki could allow a remote, unauthenticated attacker to view confidential device information. This vulnerability is due to a device configuration upload being performed over an insecure tunnel. An attacker could exploit this vulnerability by conducting an on-path attack between the affected device and the Cisco Meraki Dashboard. A successful exploit could allow the attacker to view sensitive device configuration information.
Weaknesses CWE-319
References
Metrics cvssV3_1

{'score': 6.1, 'vector': 'CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:N/A:N'}

Subscriptions

Cisco Ios Xe Software
cve-icon MITRE

Status: PUBLISHED

Assigner: cisco

Published:

Updated: 2026-03-25T17:41:48.709Z

Reserved: 2025-10-08T11:59:15.376Z

Link: CVE-2026-20115

cve-icon Vulnrichment

Updated: 2026-03-25T17:41:23.488Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2026-03-25T16:16:16.533

Modified: 2026-03-26T15:13:15.790

Link: CVE-2026-20115

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-03-26T11:42:42Z

Weaknesses