CISA Updates Guidance for Addressing Cisco IOS XE Web UI Vulnerabilities

Release Date

Today, CISA updated its guidance addressing two vulnerabilities, CVE-2023-20198 and CVE-2023-20273, affecting Cisco’s Internetworking Operating System (IOS) XE Software Web User Interface (UI).

The guidance now notes that Cisco has fixed these vulnerabilities for the 17.3 Cisco IOS XE software release train with version 17.3.8a. CISA urges organizations to immediately apply necessary updates.

CISA urges organizations to review:

This product is provided subject to this Notification and this Privacy & Use policy.