Search criteria
75 vulnerabilities found for catalyst_center by cisco
FKIE_CVE-2025-20353
Vulnerability from fkie_nvd - Published: 2025-11-13 17:15 - Updated: 2025-11-19 16:56
Severity ?
Summary
A vulnerability in the web-based management interface of Cisco Catalyst Center could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface of an affected device.
This vulnerability is due to insufficient validation of user input. An attacker could exploit this vulnerability by persuading a user of the web-based management interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | catalyst_center | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:catalyst_center:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5C88A587-FFF4-493C-823F-F958374FC6B6",
"versionEndExcluding": "2.3.7.10",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based management interface of Cisco Catalyst Center could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface of an affected device.\r\n\r\nThis vulnerability is due to insufficient validation of user input. An attacker could exploit this vulnerability by persuading a user of the web-based management interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information."
}
],
"id": "CVE-2025-20353",
"lastModified": "2025-11-19T16:56:28.930",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"source": "psirt@cisco.com",
"type": "Secondary"
}
]
},
"published": "2025-11-13T17:15:46.017",
"references": [
{
"source": "psirt@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-dnac-xss-weXtVZ59"
}
],
"sourceIdentifier": "psirt@cisco.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "psirt@cisco.com",
"type": "Secondary"
}
]
}
FKIE_CVE-2025-20346
Vulnerability from fkie_nvd - Published: 2025-11-13 17:15 - Updated: 2025-11-19 17:16
Severity ?
Summary
A vulnerability in Cisco Catalyst Center could allow an authenticated, remote attacker to execute operations that should require Administrator privileges. The attacker would need valid read-only user credentials.
This vulnerability is due to improper role-based access control (RBAC). An attacker could exploit this vulnerability by logging in to an affected system and modifying certain policy configurations. A successful exploit could allow the attacker to modify policy configurations that are reserved for the Administrator role. To exploit this vulnerability, the attacker must have valid credentials for a user account with at least the role of Observer.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | catalyst_center | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:catalyst_center:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5C88A587-FFF4-493C-823F-F958374FC6B6",
"versionEndExcluding": "2.3.7.10",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in Cisco Catalyst Center could allow an authenticated, remote attacker to execute operations that should require Administrator privileges. The attacker would need valid read-only user credentials.\r\n\r\nThis vulnerability is due to improper role-based access control (RBAC). An attacker could exploit this vulnerability by logging in to an affected system and modifying certain policy configurations. A successful exploit could allow the attacker to modify policy configurations that are reserved for the Administrator role. To exploit this vulnerability, the attacker must have valid credentials for a user account with at least the role of Observer."
}
],
"id": "CVE-2025-20346",
"lastModified": "2025-11-19T17:16:36.880",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4,
"source": "psirt@cisco.com",
"type": "Secondary"
}
]
},
"published": "2025-11-13T17:15:45.630",
"references": [
{
"source": "psirt@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-privesc-catc-rYjReeLU"
}
],
"sourceIdentifier": "psirt@cisco.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-269"
}
],
"source": "psirt@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2025-20349
Vulnerability from fkie_nvd - Published: 2025-11-13 17:15 - Updated: 2025-11-19 17:07
Severity ?
6.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
A vulnerability in the REST API of Cisco Catalyst Center could allow an authenticated, remote attacker to execute arbitrary commands in a restricted container as the root user.
This vulnerability is due to insufficient validation of user-supplied input in REST API request parameters. An attacker could exploit this vulnerability by sending a crafted API request to an affected device. A successful exploit could allow the attacker to inject arbitrary commands that would then be executed in a restricted container with root privileges. To exploit this vulnerability, the attacker must have valid credentials for a user account with at least the role of Observer.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | catalyst_center | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:catalyst_center:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5C88A587-FFF4-493C-823F-F958374FC6B6",
"versionEndExcluding": "2.3.7.10",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the REST API of Cisco Catalyst Center could allow an authenticated, remote attacker to execute arbitrary commands in a restricted container as the root user.\r\n\r\nThis vulnerability is due to insufficient validation of user-supplied input in REST API request parameters. An attacker could exploit this vulnerability by sending a crafted API request to an affected device. A successful exploit could allow the attacker to inject arbitrary commands that would then be executed in a restricted container with root privileges. To exploit this vulnerability, the attacker must have valid credentials for a user account with at least the role of Observer."
}
],
"id": "CVE-2025-20349",
"lastModified": "2025-11-19T17:07:43.197",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.4,
"source": "psirt@cisco.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2025-11-13T17:15:45.817",
"references": [
{
"source": "psirt@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-dnac-ci-ZWLQVSwT"
}
],
"sourceIdentifier": "psirt@cisco.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-78"
}
],
"source": "psirt@cisco.com",
"type": "Secondary"
}
]
}
FKIE_CVE-2025-20223
Vulnerability from fkie_nvd - Published: 2025-05-07 18:15 - Updated: 2025-07-23 14:53
Severity ?
Summary
A vulnerability in Cisco Catalyst Center, formerly Cisco DNA Center, could allow an authenticated, remote attacker to read and modify data in a repository that belongs to an internal service of an affected device.
This vulnerability is due to insufficient enforcement of access control on HTTP requests. An attacker could exploit this vulnerability by submitting a crafted HTTP request to an affected device. A successful exploit could allow the attacker to read and modify data that is handled by an internal service on the affected device.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | catalyst_center | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:catalyst_center:*:*:*:*:*:*:*:*",
"matchCriteriaId": "789E7FF9-0284-468B-A480-F2144934302C",
"versionEndExcluding": "2.3.7.7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in Cisco Catalyst Center, formerly Cisco DNA Center, could allow an authenticated, remote attacker to read and modify data in a repository that belongs to an internal service of an affected device.\r\n\r This vulnerability is due to insufficient enforcement of access control on HTTP requests. An attacker could exploit this vulnerability by submitting a crafted HTTP request to an affected device. A successful exploit could allow the attacker to read and modify data that is handled by an internal service on the affected device."
},
{
"lang": "es",
"value": "Una vulnerabilidad en Cisco Catalyst Center, anteriormente Cisco DNA Center, podr\u00eda permitir que un atacante remoto autenticado lea y modifique datos en un repositorio perteneciente a un servicio interno de un dispositivo afectado. Esta vulnerabilidad se debe a un control de acceso insuficiente en las solicitudes HTTP. Un atacante podr\u00eda explotar esta vulnerabilidad enviando una solicitud HTTP manipulada a un dispositivo afectado. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante leer y modificar datos gestionados por un servicio interno del dispositivo afectado."
}
],
"id": "CVE-2025-20223",
"lastModified": "2025-07-23T14:53:16.167",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"exploitabilityScore": 1.2,
"impactScore": 3.4,
"source": "psirt@cisco.com",
"type": "Secondary"
}
]
},
"published": "2025-05-07T18:15:42.070",
"references": [
{
"source": "psirt@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-catc-insec-acc-mtt8EhEb"
}
],
"sourceIdentifier": "psirt@cisco.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-284"
}
],
"source": "psirt@cisco.com",
"type": "Secondary"
}
]
}
FKIE_CVE-2025-20210
Vulnerability from fkie_nvd - Published: 2025-05-07 18:15 - Updated: 2025-08-13 19:05
Severity ?
Summary
A vulnerability in the management API of Cisco Catalyst Center, formerly Cisco DNA Center, could allow an unauthenticated, remote attacker to read and modify the outgoing proxy configuration settings.
This vulnerability is due to the lack of authentication in an API endpoint. An attacker could exploit this vulnerability by sending a request to the affected API of a Catalyst Center device. A successful exploit could allow the attacker to view or modify the outgoing proxy configuration, which could disrupt internet traffic from Cisco Catalyst Center or may allow the attacker to intercept outbound internet traffic.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | catalyst_center | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:catalyst_center:*:*:*:*:*:*:*:*",
"matchCriteriaId": "82E4F91B-C188-473E-8B68-8FB39016D2A8",
"versionEndExcluding": "2.3.7.9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the management API of Cisco Catalyst Center, formerly Cisco DNA Center, could allow an unauthenticated, remote attacker to read and modify the outgoing proxy configuration settings.\r\n\r\nThis vulnerability is due to the lack of authentication in an API endpoint. An attacker could exploit this vulnerability by sending a request to the affected API of a Catalyst Center device. A successful exploit could allow the attacker to view or modify the outgoing proxy configuration, which could disrupt internet traffic from Cisco Catalyst Center or may allow the attacker to intercept outbound internet traffic."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la API de administraci\u00f3n de Cisco Catalyst Center, anteriormente Cisco DNA Center, podr\u00eda permitir que un atacante remoto no autenticado lea y modifique la configuraci\u00f3n del proxy saliente. Esta vulnerabilidad se debe a la falta de autenticaci\u00f3n en un endpoint de la API. Un atacante podr\u00eda explotar esta vulnerabilidad enviando una solicitud a la API afectada de un dispositivo Catalyst Center. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante ver o modificar la configuraci\u00f3n del proxy saliente, lo que podr\u00eda interrumpir el tr\u00e1fico de internet de Cisco Catalyst Center o interceptar el tr\u00e1fico saliente."
}
],
"id": "CVE-2025-20210",
"lastModified": "2025-08-13T19:05:32.047",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.4,
"source": "psirt@cisco.com",
"type": "Secondary"
}
]
},
"published": "2025-05-07T18:15:41.240",
"references": [
{
"source": "psirt@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-dnac-api-nBPZcJCM"
}
],
"sourceIdentifier": "psirt@cisco.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-306"
}
],
"source": "psirt@cisco.com",
"type": "Secondary"
}
]
}
FKIE_CVE-2024-20350
Vulnerability from fkie_nvd - Published: 2024-09-25 17:15 - Updated: 2025-07-30 16:08
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
8.1 (High) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
8.1 (High) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
A vulnerability in the SSH server of Cisco Catalyst Center, formerly Cisco DNA Center, could allow an unauthenticated, remote attacker to impersonate a Cisco Catalyst Center appliance.
This vulnerability is due to the presence of a static SSH host key. An attacker could exploit this vulnerability by performing a machine-in-the-middle attack on SSH connections, which could allow the attacker to intercept traffic between SSH clients and a Cisco Catalyst Center appliance. A successful exploit could allow the attacker to impersonate the affected appliance, inject commands into the terminal session, and steal valid user credentials.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:catalyst_center:1.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EE85EC8B-8F95-4D16-A99A-B5BF21AAA2BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:catalyst_center:1.4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A8E8C372-6C4C-4E4B-8882-045BBD38E428",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:catalyst_center:2.1.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "30381FB2-1AA0-4D59-9A4C-82C53376B3B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:catalyst_center:2.1.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "2FC7F470-054B-43E6-8B3A-0553E520CFBA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:catalyst_center:2.1.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D8C7C39F-E6DA-42E3-932C-2DAEEC0FD1F5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:catalyst_center:2.1.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "2B1E9FAE-2769-47C0-A15A-6EAFA33D2F31",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:catalyst_center:2.1.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "412B8010-83BA-469D-8F82-EA7EB0F0733B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:catalyst_center:2.1.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "DBB83C74-8D66-46D5-980B-ADB3B43EF4E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:catalyst_center:2.1.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "D07AACA6-A0B7-411D-96A5-1B33844AB464",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:catalyst_center:2.1.2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "12512A8E-0294-4810-9B12-393DC0E3FEA2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:catalyst_center:2.1.2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "8205598B-8A18-4334-B7AA-8984FE343F30",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:catalyst_center:2.2.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "39DFED3A-70E2-4EA7-A1EF-2213A31BD58C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:catalyst_center:2.2.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "8BE272E6-A054-4F39-B354-0381E73622B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:catalyst_center:2.2.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FC183929-918E-445F-929C-1C02B8781538",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:catalyst_center:2.2.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "475C27B1-C740-4A8F-80D6-93D66E16EF31",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:catalyst_center:2.2.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "2FEE2C67-7D11-466B-BE94-1B656940BD49",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:catalyst_center:2.2.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "02431720-D4FC-4074-8EB9-BAD9E6D83905",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:catalyst_center:2.2.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "671B8897-2AD2-4799-A728-9B25DCF2BC9F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:catalyst_center:2.2.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "E4C84825-B16C-4CAB-8308-939DE9D471B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:catalyst_center:2.2.2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "F26C092A-12F2-4670-98F7-F7CC50A2A75B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:catalyst_center:2.2.2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "C616589C-BCC5-4803-BFD2-D53649ACB994",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:catalyst_center:2.2.2.9:*:*:*:*:*:*:*",
"matchCriteriaId": "DC28749F-6CEE-4C6B-A382-B3525B15D37D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:catalyst_center:2.2.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4D046C9E-6DC7-497B-B0D1-5E9703818474",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:catalyst_center:2.2.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "410E9FD8-06C4-4FC4-B1DD-6068DE85A773",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:catalyst_center:2.2.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "1FB6FFCE-5605-4CAD-9593-F549C34D1461",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:catalyst_center:2.2.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "B62467B6-229E-4909-8F09-E066AA7F8A02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:catalyst_center:2.2.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "EC0A39D0-7648-4F41-BD72-2BF47DC73CB6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:catalyst_center:2.3.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7E390EAB-12F5-4E53-AAE0-0D59CBA3FF6B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:catalyst_center:2.3.2.1-airgap:*:*:*:*:*:*:*",
"matchCriteriaId": "F0BB980C-C298-4B9D-81D1-44C5E9672A15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:catalyst_center:2.3.2.1-airgap-ca:*:*:*:*:*:*:*",
"matchCriteriaId": "3FE84595-E140-4CBD-8E1F-D246F2366BD4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:catalyst_center:2.3.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "246E7876-AA00-432F-B1FD-DC7CCBDFF35A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:catalyst_center:2.3.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "23D6DDEF-6F1F-4B08-8AF7-7568F7F22005",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:catalyst_center:2.3.3.0-airgap:*:*:*:*:*:*:*",
"matchCriteriaId": "FBF90F9A-8969-44CE-B448-C93CC883749B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:catalyst_center:2.3.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "DFD896C8-C023-419E-9C7F-4FE961D34E3C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:catalyst_center:2.3.3.1-airgap:*:*:*:*:*:*:*",
"matchCriteriaId": "F6390F5F-A064-456D-88A8-8D9AC09F5352",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:catalyst_center:2.3.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "1BE81455-F2D1-4A8E-A92F-86DF3B06C743",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:catalyst_center:2.3.3.3-airgap:*:*:*:*:*:*:*",
"matchCriteriaId": "6593A2FB-375A-4AB6-B29B-5EA0B2ED7753",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:catalyst_center:2.3.3.3-airgap-ca:*:*:*:*:*:*:*",
"matchCriteriaId": "B9C6A830-3CAE-4C8A-9F90-3E07625A8D99",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:catalyst_center:2.3.3.4:-:*:*:*:*:*:*",
"matchCriteriaId": "129B0CC5-1300-4E86-9219-E405E2B106B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:catalyst_center:2.3.3.4:hotfix1:*:*:*:*:*:*",
"matchCriteriaId": "3FFB4136-C74F-492F-AA19-F7F99167CA33",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:catalyst_center:2.3.3.4-airgap:*:*:*:*:*:*:*",
"matchCriteriaId": "07A16861-1F5C-4D05-AF35-44A2E5349444",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:catalyst_center:2.3.3.4-airgap-mdnac:*:*:*:*:*:*:*",
"matchCriteriaId": "06CE21F1-555E-4E4B-A834-7848816BDFE4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:catalyst_center:2.3.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "25B64552-856E-4E23-A19B-DC56A64CA773",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:catalyst_center:2.3.3.5-airgap:*:*:*:*:*:*:*",
"matchCriteriaId": "5586EC13-BF29-4E60-B6DB-D80770784237",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:catalyst_center:2.3.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "6BBF60C4-96EC-438F-BCDB-DE627E403FCB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:catalyst_center:2.3.3.6-70045:hotfix1:*:*:*:*:*:*",
"matchCriteriaId": "6419BDFE-CC6E-4909-93BB-F3D80AE7BB1F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:catalyst_center:2.3.3.6-airgap:*:*:*:*:*:*:*",
"matchCriteriaId": "C24EF7E9-1903-4D4B-A1B1-D9D6F6D483BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:catalyst_center:2.3.3.6-airgap-mdnac:*:*:*:*:*:*:*",
"matchCriteriaId": "DD9331B0-BB75-44B5-8FCE-413DC5FB9D5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:catalyst_center:2.3.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "5CE78F01-EB7E-416D-9E37-BD7A44C9ADB7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:catalyst_center:2.3.3.7-72323:*:*:*:*:*:*:*",
"matchCriteriaId": "622F9B5F-157E-4633-A2AE-82C571CF77CE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:catalyst_center:2.3.3.7-72328-airgap:*:*:*:*:*:*:*",
"matchCriteriaId": "58C9096F-3AAF-4C42-BEBE-A455E2B65008",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:catalyst_center:2.3.3.7-72328-mdnac:*:*:*:*:*:*:*",
"matchCriteriaId": "388AFA5E-CAAE-4F83-90D2-1D82E0B967AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:catalyst_center:2.3.3.7-airgap:*:*:*:*:*:*:*",
"matchCriteriaId": "E9A899CD-44A2-430B-B981-CABA0708FFC7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:catalyst_center:2.3.3.7-airgap-mdnac:*:*:*:*:*:*:*",
"matchCriteriaId": "21B5A02F-8DC3-40B9-9C27-DD6DBB9121A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:catalyst_center:2.3.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "80114D6D-ADCA-48F6-B22E-1D5FBDB9BA68",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:catalyst_center:2.3.4.0-airgap:*:*:*:*:*:*:*",
"matchCriteriaId": "C5285200-FA02-4F4D-8F23-997ED6DE3E95",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:catalyst_center:2.3.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "9C4E796D-8487-443D-A276-E85A8A9FAF96",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:catalyst_center:2.3.4.3-airgap:*:*:*:*:*:*:*",
"matchCriteriaId": "EDE02CC9-F585-4A0D-B7F2-C30C2198CEF7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:catalyst_center:2.3.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F0C5AF23-41DC-4C33-BF41-CABA4B50D997",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:catalyst_center:2.3.5.0-airgap:*:*:*:*:*:*:*",
"matchCriteriaId": "B3D0CC6C-CF41-47C8-8C93-3C96E57A9A76",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:catalyst_center:2.3.5.0-airgap-mdnac:*:*:*:*:*:*:*",
"matchCriteriaId": "298A4F68-FCE4-4A6A-BF56-4CF913DA9F3D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:catalyst_center:2.3.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "4F1418C9-A4E8-40E7-AD72-0F10F0439412",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:catalyst_center:2.3.5.3-airgap:*:*:*:*:*:*:*",
"matchCriteriaId": "0BD1C910-CA57-4B84-A36F-ED5D764865DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:catalyst_center:2.3.5.3-airgap-mdnac:*:*:*:*:*:*:*",
"matchCriteriaId": "7B5066DD-C764-45BE-99F1-2F16BFF27243",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:catalyst_center:2.3.5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "E9955454-ED62-4C8C-A968-69C7EBDAED30",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:catalyst_center:2.3.5.4-airgap:*:*:*:*:*:*:*",
"matchCriteriaId": "677D1D7F-D930-4FA8-8113-DC3E2A392E87",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:catalyst_center:2.3.5.4-airgap-mdnac:*:*:*:*:*:*:*",
"matchCriteriaId": "63BCFB1D-915B-4406-8D17-CAB639CF949D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:catalyst_center:2.3.5.5:*:*:*:*:*:*:*",
"matchCriteriaId": "2F9DD001-C5D9-4D2B-ADEA-A5EF76A53DDE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:catalyst_center:2.3.5.5-70026:hotfix51:*:*:*:*:*:*",
"matchCriteriaId": "7CDB28B8-3B28-47FF-9640-C7A7CC929914",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:catalyst_center:2.3.5.5-70026:hotfix52:*:*:*:*:*:*",
"matchCriteriaId": "9F37A61B-A8D4-4441-B093-E8A2B6384F80",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:catalyst_center:2.3.5.5-70026:hotfix53:*:*:*:*:*:*",
"matchCriteriaId": "697E1FB9-35F4-452F-A6FF-B1CF292936E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:catalyst_center:2.3.5.5-70026:hotfix70:*:*:*:*:*:*",
"matchCriteriaId": "B8DCEED3-50CB-4CF8-B7A7-7D606B091E3B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:catalyst_center:2.3.5.5-airgap:*:*:*:*:*:*:*",
"matchCriteriaId": "2F0AE74D-6E64-4C12-A77F-83737A5D179F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:catalyst_center:2.3.5.5-airgap-mdnac:*:*:*:*:*:*:*",
"matchCriteriaId": "C0FA75EA-B731-4CF8-AA9B-1302693966AF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:catalyst_center:2.3.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0E7E8E9D-DD50-4084-B6D4-4B84872546F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:catalyst_center:2.3.6.0-airgap:*:*:*:*:*:*:*",
"matchCriteriaId": "0A9B98FA-95E5-4BB7-86D6-0E21D6D5D51B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:catalyst_center:2.3.7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F5008264-1A35-4FDF-958A-D72002688A1F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:catalyst_center:2.3.7.0-airgap:*:*:*:*:*:*:*",
"matchCriteriaId": "546F959A-2A63-4B50-9F6C-8381B00232E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:catalyst_center:2.3.7.0-airgap-mdnac:*:*:*:*:*:*:*",
"matchCriteriaId": "FCCD2D31-80E3-484A-9926-5A1AAD7DD2FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:catalyst_center:2.3.7.0-va:*:*:*:*:*:*:*",
"matchCriteriaId": "7C650869-7523-4913-9ED1-10CA069A5F57",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:catalyst_center:2.3.7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "56CF6A09-91F3-4F86-B5FA-F339F224C51F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:catalyst_center:2.3.7.3-airgap:*:*:*:*:*:*:*",
"matchCriteriaId": "3D182944-46D0-47BB-9DBA-F4B6AEE9F7BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:catalyst_center:2.3.7.3-airgap-mdnac:*:*:*:*:*:*:*",
"matchCriteriaId": "57E01082-47AD-445D-A301-46C33CDBCCFA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:catalyst_center:2.3.7.4:*:*:*:*:*:*:*",
"matchCriteriaId": "78FE3B3A-BD6E-4104-B85C-B9E7E742F612",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:catalyst_center:2.3.7.4-airgap:*:*:*:*:*:*:*",
"matchCriteriaId": "9FBFE7ED-990D-4D7D-B0FB-5E7ADA02571B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:catalyst_center:2.3.7.4-airgap-mdnac:*:*:*:*:*:*:*",
"matchCriteriaId": "05B65BAF-9B19-4BB1-A3F7-83ED272BF78A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the SSH server of Cisco Catalyst Center, formerly Cisco DNA Center, could allow an unauthenticated, remote attacker to impersonate a Cisco Catalyst Center appliance.\r\n\r\nThis vulnerability is due to the presence of a static SSH host key. An attacker could exploit this vulnerability by performing a machine-in-the-middle attack on SSH connections, which could allow the attacker to intercept traffic between SSH clients and a Cisco Catalyst Center appliance. A successful exploit could allow the attacker to impersonate the affected appliance, inject commands into the terminal session, and steal valid user credentials."
},
{
"lang": "es",
"value": "Una vulnerabilidad en el servidor SSH de Cisco Catalyst Center, anteriormente Cisco DNA Center, podr\u00eda permitir que un atacante remoto no autenticado se haga pasar por un dispositivo Cisco Catalyst Center. Esta vulnerabilidad se debe a la presencia de una clave de host SSH est\u00e1tica. Un atacante podr\u00eda aprovechar esta vulnerabilidad realizando un ataque de tipo m\u00e1quina intermedia en las conexiones SSH, lo que podr\u00eda permitir al atacante interceptar el tr\u00e1fico entre los clientes SSH y un dispositivo Cisco Catalyst Center. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante hacerse pasar por el dispositivo afectado, inyectar comandos en la sesi\u00f3n de terminal y robar credenciales de usuario v\u00e1lidas."
}
],
"id": "CVE-2024-20350",
"lastModified": "2025-07-30T16:08:54.540",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.6,
"impactScore": 5.9,
"source": "psirt@cisco.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.2,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-09-25T17:15:15.000",
"references": [
{
"source": "psirt@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-dnac-ssh-e4uOdASj"
}
],
"sourceIdentifier": "psirt@cisco.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-321"
}
],
"source": "psirt@cisco.com",
"type": "Secondary"
}
]
}
FKIE_CVE-2024-20333
Vulnerability from fkie_nvd - Published: 2024-03-27 17:15 - Updated: 2025-07-23 14:53
Severity ?
Summary
A vulnerability in the web-based management interface of Cisco Catalyst Center, formerly Cisco DNA Center, could allow an authenticated, remote attacker to change specific data within the interface on an affected device.
This vulnerability is due to insufficient authorization enforcement. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected device. A successful exploit could allow the attacker to change a specific field within the web-based management interface, even though they should not have access to change that field.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | catalyst_center | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:catalyst_center:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D3707C5B-81B2-4E9E-8941-562BBEFE0AA0",
"versionEndExcluding": "2.3.5.4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based management interface of Cisco Catalyst Center, formerly Cisco DNA Center, could allow an authenticated, remote attacker to change specific data within the interface on an affected device.\r\n\r This vulnerability is due to insufficient authorization enforcement. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected device. A successful exploit could allow the attacker to change a specific field within the web-based management interface, even though they should not have access to change that field."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la interfaz de administraci\u00f3n basada en web de Cisco Catalyst Center, anteriormente Cisco DNA Center, podr\u00eda permitir que un atacante remoto autenticado cambie datos espec\u00edficos dentro de la interfaz de un dispositivo afectado. Esta vulnerabilidad se debe a una aplicaci\u00f3n insuficiente de la autorizaci\u00f3n. Un atacante podr\u00eda aprovechar esta vulnerabilidad enviando una solicitud HTTP manipulada a un dispositivo afectado. Un exploit exitoso podr\u00eda permitir al atacante cambiar un campo espec\u00edfico dentro de la interfaz de administraci\u00f3n basada en web, aunque no deber\u00eda tener acceso para cambiar ese campo."
}
],
"id": "CVE-2024-20333",
"lastModified": "2025-07-23T14:53:12.207",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4,
"source": "psirt@cisco.com",
"type": "Secondary"
}
]
},
"published": "2024-03-27T17:15:53.480",
"references": [
{
"source": "psirt@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ccc-authz-bypass-5EKchJRb"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ccc-authz-bypass-5EKchJRb"
}
],
"sourceIdentifier": "psirt@cisco.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-285"
}
],
"source": "psirt@cisco.com",
"type": "Secondary"
}
]
}
FKIE_CVE-2023-20184
Vulnerability from fkie_nvd - Published: 2023-05-18 03:15 - Updated: 2025-07-23 15:26
Severity ?
5.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
4.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
4.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Summary
Multiple vulnerabilities in the API of Cisco DNA Center Software could allow an authenticated, remote attacker to read information from a restricted container, enumerate user information, or execute arbitrary commands in a restricted container as the root user. For more information about these vulnerabilities, see the Details section of this advisory.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | catalyst_center | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:catalyst_center:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3840B999-B7EE-46E0-A7C8-BEB135E77A9A",
"versionEndExcluding": "2.2.3.5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple vulnerabilities in the API of Cisco DNA Center Software could allow an authenticated, remote attacker to read information from a restricted container, enumerate user information, or execute arbitrary commands in a restricted container as the root user. For more information about these vulnerabilities, see the Details section of this advisory."
},
{
"lang": "es",
"value": "Varias vulnerabilidades en la API del software Cisco DNA Center podr\u00edan permitir que un atacante remoto autenticado lea informaci\u00f3n de un contenedor restringido, enumere informaci\u00f3n de usuario o ejecute comandos arbitrarios en un contenedor restringido como usuario root. Para obtener m\u00e1s informaci\u00f3n sobre estas vulnerabilidades, consulte la secci\u00f3n \"Detalles\" de este aviso."
}
],
"id": "CVE-2023-20184",
"lastModified": "2025-07-23T15:26:38.713",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 2.5,
"source": "psirt@cisco.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-05-18T03:15:11.150",
"references": [
{
"source": "psirt@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-dnac-multiple-kTQkGU3"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-dnac-multiple-kTQkGU3"
}
],
"sourceIdentifier": "psirt@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-285"
}
],
"source": "psirt@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-552"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2023-20183
Vulnerability from fkie_nvd - Published: 2023-05-18 03:15 - Updated: 2025-07-23 15:26
Severity ?
5.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
4.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
4.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Summary
Multiple vulnerabilities in the API of Cisco DNA Center Software could allow an authenticated, remote attacker to read information from a restricted container, enumerate user information, or execute arbitrary commands in a restricted container as the root user. For more information about these vulnerabilities, see the Details section of this advisory.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | catalyst_center | * | |
| cisco | catalyst_center | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:catalyst_center:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A043AAF2-566B-4124-BEEF-C5522606B9EC",
"versionEndExcluding": "2.3.3.7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:catalyst_center:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F455FC6D-9908-4B12-9C85-2F17910B3736",
"versionEndExcluding": "2.3.5.3",
"versionStartIncluding": "2.3.4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple vulnerabilities in the API of Cisco DNA Center Software could allow an authenticated, remote attacker to read information from a restricted container, enumerate user information, or execute arbitrary commands in a restricted container as the root user. For more information about these vulnerabilities, see the Details section of this advisory."
},
{
"lang": "es",
"value": "Varias vulnerabilidades en la API del software Cisco DNA Center podr\u00edan permitir que un atacante remoto autenticado lea informaci\u00f3n de un contenedor restringido, enumere informaci\u00f3n de usuario o ejecute comandos arbitrarios en un contenedor restringido como usuario root. Para obtener m\u00e1s informaci\u00f3n sobre estas vulnerabilidades, consulte la secci\u00f3n \"Detalles\" de este aviso."
}
],
"id": "CVE-2023-20183",
"lastModified": "2025-07-23T15:26:38.713",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 2.5,
"source": "psirt@cisco.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-05-18T03:15:11.090",
"references": [
{
"source": "psirt@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-dnac-multiple-kTQkGU3"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-dnac-multiple-kTQkGU3"
}
],
"sourceIdentifier": "psirt@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-285"
}
],
"source": "psirt@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-552"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2023-20182
Vulnerability from fkie_nvd - Published: 2023-05-18 03:15 - Updated: 2025-07-23 15:26
Severity ?
5.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
Multiple vulnerabilities in the API of Cisco DNA Center Software could allow an authenticated, remote attacker to read information from a restricted container, enumerate user information, or execute arbitrary commands in a restricted container as the root user. For more information about these vulnerabilities, see the Details section of this advisory.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | catalyst_center | * | |
| cisco | catalyst_center | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:catalyst_center:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A043AAF2-566B-4124-BEEF-C5522606B9EC",
"versionEndExcluding": "2.3.3.7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:catalyst_center:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F455FC6D-9908-4B12-9C85-2F17910B3736",
"versionEndExcluding": "2.3.5.3",
"versionStartIncluding": "2.3.4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple vulnerabilities in the API of Cisco DNA Center Software could allow an authenticated, remote attacker to read information from a restricted container, enumerate user information, or execute arbitrary commands in a restricted container as the root user. For more information about these vulnerabilities, see the Details section of this advisory."
},
{
"lang": "es",
"value": "Varias vulnerabilidades en la API del software Cisco DNA Center podr\u00edan permitir que un atacante remoto autenticado lea informaci\u00f3n de un contenedor restringido, enumere informaci\u00f3n de usuario o ejecute comandos arbitrarios en un contenedor restringido como usuario root. Para obtener m\u00e1s informaci\u00f3n sobre estas vulnerabilidades, consulte la secci\u00f3n \"Detalles\" de este aviso."
}
],
"id": "CVE-2023-20182",
"lastModified": "2025-07-23T15:26:38.713",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 2.5,
"source": "psirt@cisco.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-05-18T03:15:11.023",
"references": [
{
"source": "psirt@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-dnac-multiple-kTQkGU3"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-dnac-multiple-kTQkGU3"
}
],
"sourceIdentifier": "psirt@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-285"
}
],
"source": "psirt@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2025-20346 (GCVE-0-2025-20346)
Vulnerability from cvelistv5 – Published: 2025-11-13 16:27 – Updated: 2025-12-01 15:36
VLAI?
Summary
A vulnerability in Cisco Catalyst Center could allow an authenticated, remote attacker to execute operations that should require Administrator privileges. The attacker would need valid read-only user credentials.
This vulnerability is due to improper role-based access control (RBAC). An attacker could exploit this vulnerability by logging in to an affected system and modifying certain policy configurations. A successful exploit could allow the attacker to modify policy configurations that are reserved for the Administrator role. To exploit this vulnerability, the attacker must have valid credentials for a user account with at least the role of Observer.
Severity ?
4.3 (Medium)
CWE
- CWE-269 - Improper Privilege Management
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Digital Network Architecture Center (DNA Center) |
Affected:
2.1.1.0
Affected: 2.1.1.3 Affected: 2.1.2.0 Affected: 2.1.2.3 Affected: 2.1.2.5 Affected: 2.2.1.0 Affected: 2.1.2.6 Affected: 2.2.2.0 Affected: 2.2.2.3 Affected: 2.1.2.7 Affected: 2.2.1.3 Affected: 2.2.3.0 Affected: 2.2.2.4 Affected: 2.2.2.5 Affected: 2.2.3.3 Affected: 2.2.2.7 Affected: 2.2.2.6 Affected: 2.2.2.8 Affected: 2.2.3.4 Affected: 2.3.2.1 Affected: 2.3.2.1-AIRGAP Affected: 2.3.2.1-AIRGAP-CA Affected: 2.2.3.5 Affected: 2.3.3.3 Affected: 2.3.3.1-AIRGAP Affected: 2.3.3.1 Affected: 2.3.2.3 Affected: 2.3.3.3-AIRGAP Affected: 2.2.2.9 Affected: 2.3.3.0-AIRGAP Affected: 2.3.3.4 Affected: 2.3.3.4-AIRGAP Affected: 2.3.3.4-AIRGAP-MDNAC Affected: 2.3.3.5 Affected: 2.3.3.5-AIRGAP Affected: 2.3.4.0-AIRGAP Affected: 2.3.4.3 Affected: 2.3.4.3-AIRGAP Affected: 2.3.3.6 Affected: 2.3.3.6-AIRGAP Affected: 2.3.3.6-AIRGAP-MDNAC Affected: 2.3.5.0-AIRGAP-MDNAC Affected: VA Launchpad 1.0.3 Affected: VA Launchpad 1.0.4 Affected: 2.3.3.7 Affected: 2.3.3.7-AIRGAP Affected: 2.3.3.7-AIRGAP-MDNAC Affected: 2.3.6.0 Affected: 2.3.3.6-70045-HF1 Affected: VA Launchpad 1.2.1 Affected: 2.3.3.7-72328-AIRGAP Affected: 2.3.3.7-72323 Affected: 2.3.3.7-72328-MDNAC Affected: 2.3.5.3 Affected: 2.3.5.3-AIRGAP-MDNAC Affected: 2.3.5.3-AIRGAP Affected: 2.3.6.0-AIRGAP Affected: VA Launchpad 1.3.0 Affected: VA Launchpad 1.5.0 Affected: 2.3.7.0 Affected: 2.3.7.0-AIRGAP Affected: 2.3.7.0-AIRGAP-MDNAC Affected: 2.3.7.0-VA Affected: 2.3.5.4-AIRGAP Affected: 2.3.5.4-AIRGAP-MDNAC Affected: VA Launchpad 1.6.0 Affected: 2.3.7.3 Affected: 2.3.7.3-AIRGAP Affected: 2.3.7.3-AIRGAP-MDNAC Affected: VA Launchpad 1.7.0 Affected: 2.3.5.5-AIRGAP Affected: 2.3.5.5 Affected: 2.3.5.5-AIRGAP-MDNAC Affected: 2.3.7.4 Affected: 2.3.7.4-AIRGAP Affected: 2.3.7.5-AIRGAP Affected: VA Launchpad 1.9.0 Affected: 2.3.5.6-AIRGAP Affected: 2.3.5.6-AIRGAP-MDNAC Affected: 1.0.0.0 Affected: Cisco CCGM 1.0.0.0 Affected: 2.3.7.6-AIRGAP Affected: 2.3.7.6 Affected: 2.3.7.6-VA Affected: 2.3.5.5-70026-HF70 Affected: 2.3.5.5-70026-HF51 Affected: 2.3.5.6-70143-HF20 Affected: 2.3.7.6-AIRGAP-MDNAC Affected: 2.3.5.5-70026-HF53 Affected: 2.3.5.5-70026-HF71 Affected: 2.3.7.7 Affected: 2.3.7.7-VA Affected: 2.3.7.7-AIRGAP Affected: 2.3.7.7-AIRGAP-MDNAC Affected: 2.3.7.9-VA Affected: 2.3.7.9 Affected: 2.3.7.9-AIRGAP Affected: 2.3.7.9-AIRGAP-MDNAC Affected: Cisco CCGM 1.1.1 Affected: 2.3.7.9-70301-GSMU10 Affected: 2.3.7.9-70301-SMU1 Affected: 2.3.7.9-75403-SMU10 Affected: 2.3.7.9-75403-GSMU10 Affected: Cisco CCGM 1.2.1 Affected: 2.3.5.3-EULA Affected: 2.3.7.9.75403.10-VA Affected: 0.0.0.0 Affected: 1.16.54 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-20346",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-11-14T04:55:38.854695Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-12-01T15:36:40.791Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Cisco Digital Network Architecture Center (DNA Center)",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "2.1.1.0"
},
{
"status": "affected",
"version": "2.1.1.3"
},
{
"status": "affected",
"version": "2.1.2.0"
},
{
"status": "affected",
"version": "2.1.2.3"
},
{
"status": "affected",
"version": "2.1.2.5"
},
{
"status": "affected",
"version": "2.2.1.0"
},
{
"status": "affected",
"version": "2.1.2.6"
},
{
"status": "affected",
"version": "2.2.2.0"
},
{
"status": "affected",
"version": "2.2.2.3"
},
{
"status": "affected",
"version": "2.1.2.7"
},
{
"status": "affected",
"version": "2.2.1.3"
},
{
"status": "affected",
"version": "2.2.3.0"
},
{
"status": "affected",
"version": "2.2.2.4"
},
{
"status": "affected",
"version": "2.2.2.5"
},
{
"status": "affected",
"version": "2.2.3.3"
},
{
"status": "affected",
"version": "2.2.2.7"
},
{
"status": "affected",
"version": "2.2.2.6"
},
{
"status": "affected",
"version": "2.2.2.8"
},
{
"status": "affected",
"version": "2.2.3.4"
},
{
"status": "affected",
"version": "2.3.2.1"
},
{
"status": "affected",
"version": "2.3.2.1-AIRGAP"
},
{
"status": "affected",
"version": "2.3.2.1-AIRGAP-CA"
},
{
"status": "affected",
"version": "2.2.3.5"
},
{
"status": "affected",
"version": "2.3.3.3"
},
{
"status": "affected",
"version": "2.3.3.1-AIRGAP"
},
{
"status": "affected",
"version": "2.3.3.1"
},
{
"status": "affected",
"version": "2.3.2.3"
},
{
"status": "affected",
"version": "2.3.3.3-AIRGAP"
},
{
"status": "affected",
"version": "2.2.2.9"
},
{
"status": "affected",
"version": "2.3.3.0-AIRGAP"
},
{
"status": "affected",
"version": "2.3.3.4"
},
{
"status": "affected",
"version": "2.3.3.4-AIRGAP"
},
{
"status": "affected",
"version": "2.3.3.4-AIRGAP-MDNAC"
},
{
"status": "affected",
"version": "2.3.3.5"
},
{
"status": "affected",
"version": "2.3.3.5-AIRGAP"
},
{
"status": "affected",
"version": "2.3.4.0-AIRGAP"
},
{
"status": "affected",
"version": "2.3.4.3"
},
{
"status": "affected",
"version": "2.3.4.3-AIRGAP"
},
{
"status": "affected",
"version": "2.3.3.6"
},
{
"status": "affected",
"version": "2.3.3.6-AIRGAP"
},
{
"status": "affected",
"version": "2.3.3.6-AIRGAP-MDNAC"
},
{
"status": "affected",
"version": "2.3.5.0-AIRGAP-MDNAC"
},
{
"status": "affected",
"version": "VA Launchpad 1.0.3"
},
{
"status": "affected",
"version": "VA Launchpad 1.0.4"
},
{
"status": "affected",
"version": "2.3.3.7"
},
{
"status": "affected",
"version": "2.3.3.7-AIRGAP"
},
{
"status": "affected",
"version": "2.3.3.7-AIRGAP-MDNAC"
},
{
"status": "affected",
"version": "2.3.6.0"
},
{
"status": "affected",
"version": "2.3.3.6-70045-HF1"
},
{
"status": "affected",
"version": "VA Launchpad 1.2.1"
},
{
"status": "affected",
"version": "2.3.3.7-72328-AIRGAP"
},
{
"status": "affected",
"version": "2.3.3.7-72323"
},
{
"status": "affected",
"version": "2.3.3.7-72328-MDNAC"
},
{
"status": "affected",
"version": "2.3.5.3"
},
{
"status": "affected",
"version": "2.3.5.3-AIRGAP-MDNAC"
},
{
"status": "affected",
"version": "2.3.5.3-AIRGAP"
},
{
"status": "affected",
"version": "2.3.6.0-AIRGAP"
},
{
"status": "affected",
"version": "VA Launchpad 1.3.0"
},
{
"status": "affected",
"version": "VA Launchpad 1.5.0"
},
{
"status": "affected",
"version": "2.3.7.0"
},
{
"status": "affected",
"version": "2.3.7.0-AIRGAP"
},
{
"status": "affected",
"version": "2.3.7.0-AIRGAP-MDNAC"
},
{
"status": "affected",
"version": "2.3.7.0-VA"
},
{
"status": "affected",
"version": "2.3.5.4-AIRGAP"
},
{
"status": "affected",
"version": "2.3.5.4-AIRGAP-MDNAC"
},
{
"status": "affected",
"version": "VA Launchpad 1.6.0"
},
{
"status": "affected",
"version": "2.3.7.3"
},
{
"status": "affected",
"version": "2.3.7.3-AIRGAP"
},
{
"status": "affected",
"version": "2.3.7.3-AIRGAP-MDNAC"
},
{
"status": "affected",
"version": "VA Launchpad 1.7.0"
},
{
"status": "affected",
"version": "2.3.5.5-AIRGAP"
},
{
"status": "affected",
"version": "2.3.5.5"
},
{
"status": "affected",
"version": "2.3.5.5-AIRGAP-MDNAC"
},
{
"status": "affected",
"version": "2.3.7.4"
},
{
"status": "affected",
"version": "2.3.7.4-AIRGAP"
},
{
"status": "affected",
"version": "2.3.7.5-AIRGAP"
},
{
"status": "affected",
"version": "VA Launchpad 1.9.0"
},
{
"status": "affected",
"version": "2.3.5.6-AIRGAP"
},
{
"status": "affected",
"version": "2.3.5.6-AIRGAP-MDNAC"
},
{
"status": "affected",
"version": "1.0.0.0"
},
{
"status": "affected",
"version": "Cisco CCGM 1.0.0.0"
},
{
"status": "affected",
"version": "2.3.7.6-AIRGAP"
},
{
"status": "affected",
"version": "2.3.7.6"
},
{
"status": "affected",
"version": "2.3.7.6-VA"
},
{
"status": "affected",
"version": "2.3.5.5-70026-HF70"
},
{
"status": "affected",
"version": "2.3.5.5-70026-HF51"
},
{
"status": "affected",
"version": "2.3.5.6-70143-HF20"
},
{
"status": "affected",
"version": "2.3.7.6-AIRGAP-MDNAC"
},
{
"status": "affected",
"version": "2.3.5.5-70026-HF53"
},
{
"status": "affected",
"version": "2.3.5.5-70026-HF71"
},
{
"status": "affected",
"version": "2.3.7.7"
},
{
"status": "affected",
"version": "2.3.7.7-VA"
},
{
"status": "affected",
"version": "2.3.7.7-AIRGAP"
},
{
"status": "affected",
"version": "2.3.7.7-AIRGAP-MDNAC"
},
{
"status": "affected",
"version": "2.3.7.9-VA"
},
{
"status": "affected",
"version": "2.3.7.9"
},
{
"status": "affected",
"version": "2.3.7.9-AIRGAP"
},
{
"status": "affected",
"version": "2.3.7.9-AIRGAP-MDNAC"
},
{
"status": "affected",
"version": "Cisco CCGM 1.1.1"
},
{
"status": "affected",
"version": "2.3.7.9-70301-GSMU10"
},
{
"status": "affected",
"version": "2.3.7.9-70301-SMU1"
},
{
"status": "affected",
"version": "2.3.7.9-75403-SMU10"
},
{
"status": "affected",
"version": "2.3.7.9-75403-GSMU10"
},
{
"status": "affected",
"version": "Cisco CCGM 1.2.1"
},
{
"status": "affected",
"version": "2.3.5.3-EULA"
},
{
"status": "affected",
"version": "2.3.7.9.75403.10-VA"
},
{
"status": "affected",
"version": "0.0.0.0"
},
{
"status": "affected",
"version": "1.16.54"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in Cisco Catalyst Center could allow an authenticated, remote attacker to execute operations that should require Administrator privileges. The attacker would need valid read-only user credentials.\r\n\r\nThis vulnerability is due to improper role-based access control (RBAC). An attacker could exploit this vulnerability by logging in to an affected system and modifying certain policy configurations. A successful exploit could allow the attacker to modify policy configurations that are reserved for the Administrator role. To exploit this vulnerability, the attacker must have valid credentials for a user account with at least the role of Observer."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-269",
"description": "Improper Privilege Management",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-13T16:27:30.871Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-privesc-catc-rYjReeLU",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-privesc-catc-rYjReeLU"
}
],
"source": {
"advisory": "cisco-sa-privesc-catc-rYjReeLU",
"defects": [
"CSCwo05088"
],
"discovery": "INTERNAL"
},
"title": "Cisco Catalyst Center Privilege Escalation Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2025-20346",
"datePublished": "2025-11-13T16:27:30.871Z",
"dateReserved": "2024-10-10T19:15:13.256Z",
"dateUpdated": "2025-12-01T15:36:40.791Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-20353 (GCVE-0-2025-20353)
Vulnerability from cvelistv5 – Published: 2025-11-13 16:18 – Updated: 2025-11-13 17:11
VLAI?
Summary
A vulnerability in the web-based management interface of Cisco Catalyst Center could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface of an affected device.
This vulnerability is due to insufficient validation of user input. An attacker could exploit this vulnerability by persuading a user of the web-based management interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information.
Severity ?
6.1 (Medium)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Digital Network Architecture Center (DNA Center) |
Affected:
2.1.1.0
Affected: 2.1.1.3 Affected: 2.1.2.0 Affected: 2.1.2.3 Affected: 2.1.2.4 Affected: 2.1.2.5 Affected: 2.2.1.0 Affected: 2.1.2.6 Affected: 2.2.2.0 Affected: 2.2.2.1 Affected: 2.2.2.3 Affected: 2.1.2.7 Affected: 2.2.1.3 Affected: 2.2.3.0 Affected: 2.2.2.4 Affected: 2.2.2.5 Affected: 2.2.3.3 Affected: 2.2.2.7 Affected: 2.2.2.6 Affected: 2.2.2.8 Affected: 2.2.3.4 Affected: 2.1.2.8 Affected: 2.3.2.1 Affected: 2.3.2.1-AIRGAP Affected: 2.3.2.1-AIRGAP-CA Affected: 2.2.3.5 Affected: 2.3.3.0 Affected: 2.3.3.3 Affected: 2.3.3.1-AIRGAP Affected: 2.3.3.1 Affected: 2.3.2.3 Affected: 2.3.3.3-AIRGAP Affected: 2.2.3.6 Affected: 2.2.2.9 Affected: 2.3.3.0-AIRGAP Affected: 2.3.3.3-AIRGAP-CA Affected: 2.3.3.4 Affected: 2.3.3.4-AIRGAP Affected: 2.3.3.4-AIRGAP-MDNAC Affected: 2.3.3.4-HF1 Affected: 2.3.4.0 Affected: 2.3.3.5 Affected: 2.3.3.5-AIRGAP Affected: 2.3.4.0-AIRGAP Affected: 2.3.4.3 Affected: 2.3.4.3-AIRGAP Affected: 2.3.3.6 Affected: 2.3.5.0 Affected: 2.3.3.6-AIRGAP Affected: 2.3.5.0-AIRGAP Affected: 2.3.3.6-AIRGAP-MDNAC Affected: 2.3.5.0-AIRGAP-MDNAC Affected: 2.3.3.7 Affected: 2.3.3.7-AIRGAP Affected: 2.3.3.7-AIRGAP-MDNAC Affected: 2.3.6.0 Affected: 2.3.3.6-70045-HF1 Affected: 2.3.3.7-72328-AIRGAP Affected: 2.3.3.7-72323 Affected: 2.3.3.7-72328-MDNAC Affected: 2.3.5.3 Affected: 2.3.5.3-AIRGAP-MDNAC Affected: 2.3.5.3-AIRGAP Affected: 2.3.6.0-AIRGAP Affected: 2.3.7.0 Affected: 2.3.7.0-AIRGAP Affected: 2.3.7.0-AIRGAP-MDNAC Affected: 2.3.5.4 Affected: 2.3.5.4-AIRGAP Affected: 2.3.5.4-AIRGAP-MDNAC Affected: 2.3.7.3 Affected: 2.3.7.3-AIRGAP Affected: 2.3.7.3-AIRGAP-MDNAC Affected: 2.3.5.5-AIRGAP Affected: 2.3.5.5 Affected: 2.3.5.5-AIRGAP-MDNAC Affected: 2.3.7.4 Affected: 2.3.7.4-AIRGAP Affected: 2.3.7.4-AIRGAP-MDNAC Affected: 2.3.7.5-AIRGAP Affected: 2.3.5.6-AIRGAP Affected: 2.3.5.6 Affected: 2.3.5.6-AIRGAP-MDNAC Affected: 2.3.7.6-AIRGAP Affected: 2.3.7.6 Affected: 2.3.5.5-70026-HF70 Affected: 2.3.5.5-70026-HF51 Affected: 2.3.5.6-70143-HF20 Affected: 2.3.7.6-AIRGAP-MDNAC Affected: 2.3.5.5-70026-HF52 Affected: 2.3.5.5-70026-HF53 Affected: 2.3.5.5-70026-HF71 Affected: 2.3.7.7 Affected: 2.3.7.7-AIRGAP Affected: 2.3.7.7-AIRGAP-MDNAC Affected: 2.3.5.5-70026-HF72 Affected: 2.3.7.9 Affected: 2.3.7.9-AIRGAP Affected: 2.3.7.9-AIRGAP-MDNAC Affected: 2.3.7.9-70301-GSMU10 Affected: 2.3.7.9-70301-SMU1 Affected: 2.3.7.9-75403-SMU10 Affected: 2.3.7.9-75403-GSMU10 Affected: 2.3.5.3-EULA |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-20353",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-11-13T17:11:03.069694Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-11-13T17:11:16.452Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Cisco Digital Network Architecture Center (DNA Center)",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "2.1.1.0"
},
{
"status": "affected",
"version": "2.1.1.3"
},
{
"status": "affected",
"version": "2.1.2.0"
},
{
"status": "affected",
"version": "2.1.2.3"
},
{
"status": "affected",
"version": "2.1.2.4"
},
{
"status": "affected",
"version": "2.1.2.5"
},
{
"status": "affected",
"version": "2.2.1.0"
},
{
"status": "affected",
"version": "2.1.2.6"
},
{
"status": "affected",
"version": "2.2.2.0"
},
{
"status": "affected",
"version": "2.2.2.1"
},
{
"status": "affected",
"version": "2.2.2.3"
},
{
"status": "affected",
"version": "2.1.2.7"
},
{
"status": "affected",
"version": "2.2.1.3"
},
{
"status": "affected",
"version": "2.2.3.0"
},
{
"status": "affected",
"version": "2.2.2.4"
},
{
"status": "affected",
"version": "2.2.2.5"
},
{
"status": "affected",
"version": "2.2.3.3"
},
{
"status": "affected",
"version": "2.2.2.7"
},
{
"status": "affected",
"version": "2.2.2.6"
},
{
"status": "affected",
"version": "2.2.2.8"
},
{
"status": "affected",
"version": "2.2.3.4"
},
{
"status": "affected",
"version": "2.1.2.8"
},
{
"status": "affected",
"version": "2.3.2.1"
},
{
"status": "affected",
"version": "2.3.2.1-AIRGAP"
},
{
"status": "affected",
"version": "2.3.2.1-AIRGAP-CA"
},
{
"status": "affected",
"version": "2.2.3.5"
},
{
"status": "affected",
"version": "2.3.3.0"
},
{
"status": "affected",
"version": "2.3.3.3"
},
{
"status": "affected",
"version": "2.3.3.1-AIRGAP"
},
{
"status": "affected",
"version": "2.3.3.1"
},
{
"status": "affected",
"version": "2.3.2.3"
},
{
"status": "affected",
"version": "2.3.3.3-AIRGAP"
},
{
"status": "affected",
"version": "2.2.3.6"
},
{
"status": "affected",
"version": "2.2.2.9"
},
{
"status": "affected",
"version": "2.3.3.0-AIRGAP"
},
{
"status": "affected",
"version": "2.3.3.3-AIRGAP-CA"
},
{
"status": "affected",
"version": "2.3.3.4"
},
{
"status": "affected",
"version": "2.3.3.4-AIRGAP"
},
{
"status": "affected",
"version": "2.3.3.4-AIRGAP-MDNAC"
},
{
"status": "affected",
"version": "2.3.3.4-HF1"
},
{
"status": "affected",
"version": "2.3.4.0"
},
{
"status": "affected",
"version": "2.3.3.5"
},
{
"status": "affected",
"version": "2.3.3.5-AIRGAP"
},
{
"status": "affected",
"version": "2.3.4.0-AIRGAP"
},
{
"status": "affected",
"version": "2.3.4.3"
},
{
"status": "affected",
"version": "2.3.4.3-AIRGAP"
},
{
"status": "affected",
"version": "2.3.3.6"
},
{
"status": "affected",
"version": "2.3.5.0"
},
{
"status": "affected",
"version": "2.3.3.6-AIRGAP"
},
{
"status": "affected",
"version": "2.3.5.0-AIRGAP"
},
{
"status": "affected",
"version": "2.3.3.6-AIRGAP-MDNAC"
},
{
"status": "affected",
"version": "2.3.5.0-AIRGAP-MDNAC"
},
{
"status": "affected",
"version": "2.3.3.7"
},
{
"status": "affected",
"version": "2.3.3.7-AIRGAP"
},
{
"status": "affected",
"version": "2.3.3.7-AIRGAP-MDNAC"
},
{
"status": "affected",
"version": "2.3.6.0"
},
{
"status": "affected",
"version": "2.3.3.6-70045-HF1"
},
{
"status": "affected",
"version": "2.3.3.7-72328-AIRGAP"
},
{
"status": "affected",
"version": "2.3.3.7-72323"
},
{
"status": "affected",
"version": "2.3.3.7-72328-MDNAC"
},
{
"status": "affected",
"version": "2.3.5.3"
},
{
"status": "affected",
"version": "2.3.5.3-AIRGAP-MDNAC"
},
{
"status": "affected",
"version": "2.3.5.3-AIRGAP"
},
{
"status": "affected",
"version": "2.3.6.0-AIRGAP"
},
{
"status": "affected",
"version": "2.3.7.0"
},
{
"status": "affected",
"version": "2.3.7.0-AIRGAP"
},
{
"status": "affected",
"version": "2.3.7.0-AIRGAP-MDNAC"
},
{
"status": "affected",
"version": "2.3.5.4"
},
{
"status": "affected",
"version": "2.3.5.4-AIRGAP"
},
{
"status": "affected",
"version": "2.3.5.4-AIRGAP-MDNAC"
},
{
"status": "affected",
"version": "2.3.7.3"
},
{
"status": "affected",
"version": "2.3.7.3-AIRGAP"
},
{
"status": "affected",
"version": "2.3.7.3-AIRGAP-MDNAC"
},
{
"status": "affected",
"version": "2.3.5.5-AIRGAP"
},
{
"status": "affected",
"version": "2.3.5.5"
},
{
"status": "affected",
"version": "2.3.5.5-AIRGAP-MDNAC"
},
{
"status": "affected",
"version": "2.3.7.4"
},
{
"status": "affected",
"version": "2.3.7.4-AIRGAP"
},
{
"status": "affected",
"version": "2.3.7.4-AIRGAP-MDNAC"
},
{
"status": "affected",
"version": "2.3.7.5-AIRGAP"
},
{
"status": "affected",
"version": "2.3.5.6-AIRGAP"
},
{
"status": "affected",
"version": "2.3.5.6"
},
{
"status": "affected",
"version": "2.3.5.6-AIRGAP-MDNAC"
},
{
"status": "affected",
"version": "2.3.7.6-AIRGAP"
},
{
"status": "affected",
"version": "2.3.7.6"
},
{
"status": "affected",
"version": "2.3.5.5-70026-HF70"
},
{
"status": "affected",
"version": "2.3.5.5-70026-HF51"
},
{
"status": "affected",
"version": "2.3.5.6-70143-HF20"
},
{
"status": "affected",
"version": "2.3.7.6-AIRGAP-MDNAC"
},
{
"status": "affected",
"version": "2.3.5.5-70026-HF52"
},
{
"status": "affected",
"version": "2.3.5.5-70026-HF53"
},
{
"status": "affected",
"version": "2.3.5.5-70026-HF71"
},
{
"status": "affected",
"version": "2.3.7.7"
},
{
"status": "affected",
"version": "2.3.7.7-AIRGAP"
},
{
"status": "affected",
"version": "2.3.7.7-AIRGAP-MDNAC"
},
{
"status": "affected",
"version": "2.3.5.5-70026-HF72"
},
{
"status": "affected",
"version": "2.3.7.9"
},
{
"status": "affected",
"version": "2.3.7.9-AIRGAP"
},
{
"status": "affected",
"version": "2.3.7.9-AIRGAP-MDNAC"
},
{
"status": "affected",
"version": "2.3.7.9-70301-GSMU10"
},
{
"status": "affected",
"version": "2.3.7.9-70301-SMU1"
},
{
"status": "affected",
"version": "2.3.7.9-75403-SMU10"
},
{
"status": "affected",
"version": "2.3.7.9-75403-GSMU10"
},
{
"status": "affected",
"version": "2.3.5.3-EULA"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based management interface of Cisco Catalyst Center could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface of an affected device.\r\n\r\nThis vulnerability is due to insufficient validation of user input. An attacker could exploit this vulnerability by persuading a user of the web-based management interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-13T16:27:42.137Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-dnac-xss-weXtVZ59",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-dnac-xss-weXtVZ59"
}
],
"source": {
"advisory": "cisco-sa-dnac-xss-weXtVZ59",
"defects": [
"CSCwn51440"
],
"discovery": "INTERNAL"
},
"title": "Cisco Catalyst Center Cross-Site Scripting Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2025-20353",
"datePublished": "2025-11-13T16:18:12.708Z",
"dateReserved": "2024-10-10T19:15:13.257Z",
"dateUpdated": "2025-11-13T17:11:16.452Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-20349 (GCVE-0-2025-20349)
Vulnerability from cvelistv5 – Published: 2025-11-13 16:18 – Updated: 2025-11-14 04:55
VLAI?
Summary
A vulnerability in the REST API of Cisco Catalyst Center could allow an authenticated, remote attacker to execute arbitrary commands in a restricted container as the root user.
This vulnerability is due to insufficient validation of user-supplied input in REST API request parameters. An attacker could exploit this vulnerability by sending a crafted API request to an affected device. A successful exploit could allow the attacker to inject arbitrary commands that would then be executed in a restricted container with root privileges. To exploit this vulnerability, the attacker must have valid credentials for a user account with at least the role of Observer.
Severity ?
6.3 (Medium)
CWE
- CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Digital Network Architecture Center (DNA Center) |
Affected:
1.4.0.0
Affected: 2.1.1.0 Affected: 2.1.1.3 Affected: 2.1.2.0 Affected: 2.1.2.3 Affected: 2.1.2.4 Affected: 2.1.2.5 Affected: 2.2.1.0 Affected: 2.1.2.6 Affected: 2.2.2.0 Affected: 2.2.2.1 Affected: 2.2.2.3 Affected: 2.1.2.7 Affected: 2.2.1.3 Affected: 2.2.3.0 Affected: 2.2.2.4 Affected: 2.2.2.5 Affected: 2.2.3.3 Affected: 2.2.2.7 Affected: 2.2.2.6 Affected: 2.2.2.8 Affected: 2.2.3.4 Affected: 2.1.2.8 Affected: 2.3.2.1 Affected: 2.3.2.1-AIRGAP Affected: 2.3.2.1-AIRGAP-CA Affected: 2.2.3.5 Affected: 2.3.3.0 Affected: 2.3.3.3 Affected: 2.3.3.1-AIRGAP Affected: 2.3.3.1 Affected: 2.3.2.3 Affected: 2.3.3.3-AIRGAP Affected: 2.2.3.6 Affected: 2.2.2.9 Affected: 2.3.3.0-AIRGAP Affected: 2.3.3.3-AIRGAP-CA Affected: 2.3.3.4 Affected: 2.3.3.4-AIRGAP Affected: 2.3.3.4-AIRGAP-MDNAC Affected: 2.3.3.4-HF1 Affected: 2.3.4.0 Affected: 2.3.3.5 Affected: 2.3.3.5-AIRGAP Affected: 2.3.4.0-AIRGAP Affected: 2.3.4.3 Affected: 2.3.4.3-AIRGAP Affected: 2.3.3.6 Affected: 2.3.5.0 Affected: 2.3.3.6-AIRGAP Affected: 2.3.5.0-AIRGAP Affected: 2.3.3.6-AIRGAP-MDNAC Affected: 2.3.5.0-AIRGAP-MDNAC Affected: 2.3.3.7 Affected: 2.3.3.7-AIRGAP Affected: 2.3.3.7-AIRGAP-MDNAC Affected: 2.3.6.0 Affected: 2.3.3.6-70045-HF1 Affected: 2.3.3.7-72328-AIRGAP Affected: 2.3.3.7-72323 Affected: 2.3.3.7-72328-MDNAC Affected: 2.3.5.3 Affected: 2.3.5.3-AIRGAP-MDNAC Affected: 2.3.5.3-AIRGAP Affected: 2.3.6.0-AIRGAP Affected: 2.3.7.0 Affected: 2.3.7.0-AIRGAP Affected: 2.3.7.0-AIRGAP-MDNAC Affected: 2.3.7.0-VA Affected: 2.3.5.4 Affected: 2.3.5.4-AIRGAP Affected: 2.3.5.4-AIRGAP-MDNAC Affected: 2.3.7.3 Affected: 2.3.7.3-AIRGAP Affected: 2.3.7.3-AIRGAP-MDNAC Affected: 2.3.5.5-AIRGAP Affected: 2.3.5.5 Affected: 2.3.5.5-AIRGAP-MDNAC Affected: 2.3.7.4 Affected: 2.3.7.4-AIRGAP Affected: 2.3.7.4-AIRGAP-MDNAC Affected: 2.3.7.5-AIRGAP Affected: 2.3.7.5-VA Affected: 2.3.5.6-AIRGAP Affected: 2.3.5.6 Affected: 2.3.5.6-AIRGAP-MDNAC Affected: 1.0.0.0 Affected: 2.3.7.6-AIRGAP Affected: 2.3.7.6 Affected: 2.3.7.6-VA Affected: 2.3.5.5-70026-HF70 Affected: 2.3.5.5-70026-HF51 Affected: 2.3.5.6-70143-HF20 Affected: 2.3.7.6-AIRGAP-MDNAC Affected: 2.3.5.5-70026-HF52 Affected: 2.3.5.5-70026-HF53 Affected: 2.3.5.5-70026-HF71 Affected: 2.3.7.7 Affected: 2.3.7.7-VA Affected: 2.3.7.7-AIRGAP Affected: 2.3.7.7-AIRGAP-MDNAC Affected: 2.3.5.5-70026-HF72 Affected: 2.3.7.9-VA Affected: 2.3.7.9 Affected: 2.3.7.9-AIRGAP Affected: 2.3.7.9-AIRGAP-MDNAC Affected: 2.3.7.9-70301-SMU1 Affected: 2.3.5.3-EULA Affected: 0.0.0.0 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-20349",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-11-13T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-11-14T04:55:36.331Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Cisco Digital Network Architecture Center (DNA Center)",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "1.4.0.0"
},
{
"status": "affected",
"version": "2.1.1.0"
},
{
"status": "affected",
"version": "2.1.1.3"
},
{
"status": "affected",
"version": "2.1.2.0"
},
{
"status": "affected",
"version": "2.1.2.3"
},
{
"status": "affected",
"version": "2.1.2.4"
},
{
"status": "affected",
"version": "2.1.2.5"
},
{
"status": "affected",
"version": "2.2.1.0"
},
{
"status": "affected",
"version": "2.1.2.6"
},
{
"status": "affected",
"version": "2.2.2.0"
},
{
"status": "affected",
"version": "2.2.2.1"
},
{
"status": "affected",
"version": "2.2.2.3"
},
{
"status": "affected",
"version": "2.1.2.7"
},
{
"status": "affected",
"version": "2.2.1.3"
},
{
"status": "affected",
"version": "2.2.3.0"
},
{
"status": "affected",
"version": "2.2.2.4"
},
{
"status": "affected",
"version": "2.2.2.5"
},
{
"status": "affected",
"version": "2.2.3.3"
},
{
"status": "affected",
"version": "2.2.2.7"
},
{
"status": "affected",
"version": "2.2.2.6"
},
{
"status": "affected",
"version": "2.2.2.8"
},
{
"status": "affected",
"version": "2.2.3.4"
},
{
"status": "affected",
"version": "2.1.2.8"
},
{
"status": "affected",
"version": "2.3.2.1"
},
{
"status": "affected",
"version": "2.3.2.1-AIRGAP"
},
{
"status": "affected",
"version": "2.3.2.1-AIRGAP-CA"
},
{
"status": "affected",
"version": "2.2.3.5"
},
{
"status": "affected",
"version": "2.3.3.0"
},
{
"status": "affected",
"version": "2.3.3.3"
},
{
"status": "affected",
"version": "2.3.3.1-AIRGAP"
},
{
"status": "affected",
"version": "2.3.3.1"
},
{
"status": "affected",
"version": "2.3.2.3"
},
{
"status": "affected",
"version": "2.3.3.3-AIRGAP"
},
{
"status": "affected",
"version": "2.2.3.6"
},
{
"status": "affected",
"version": "2.2.2.9"
},
{
"status": "affected",
"version": "2.3.3.0-AIRGAP"
},
{
"status": "affected",
"version": "2.3.3.3-AIRGAP-CA"
},
{
"status": "affected",
"version": "2.3.3.4"
},
{
"status": "affected",
"version": "2.3.3.4-AIRGAP"
},
{
"status": "affected",
"version": "2.3.3.4-AIRGAP-MDNAC"
},
{
"status": "affected",
"version": "2.3.3.4-HF1"
},
{
"status": "affected",
"version": "2.3.4.0"
},
{
"status": "affected",
"version": "2.3.3.5"
},
{
"status": "affected",
"version": "2.3.3.5-AIRGAP"
},
{
"status": "affected",
"version": "2.3.4.0-AIRGAP"
},
{
"status": "affected",
"version": "2.3.4.3"
},
{
"status": "affected",
"version": "2.3.4.3-AIRGAP"
},
{
"status": "affected",
"version": "2.3.3.6"
},
{
"status": "affected",
"version": "2.3.5.0"
},
{
"status": "affected",
"version": "2.3.3.6-AIRGAP"
},
{
"status": "affected",
"version": "2.3.5.0-AIRGAP"
},
{
"status": "affected",
"version": "2.3.3.6-AIRGAP-MDNAC"
},
{
"status": "affected",
"version": "2.3.5.0-AIRGAP-MDNAC"
},
{
"status": "affected",
"version": "2.3.3.7"
},
{
"status": "affected",
"version": "2.3.3.7-AIRGAP"
},
{
"status": "affected",
"version": "2.3.3.7-AIRGAP-MDNAC"
},
{
"status": "affected",
"version": "2.3.6.0"
},
{
"status": "affected",
"version": "2.3.3.6-70045-HF1"
},
{
"status": "affected",
"version": "2.3.3.7-72328-AIRGAP"
},
{
"status": "affected",
"version": "2.3.3.7-72323"
},
{
"status": "affected",
"version": "2.3.3.7-72328-MDNAC"
},
{
"status": "affected",
"version": "2.3.5.3"
},
{
"status": "affected",
"version": "2.3.5.3-AIRGAP-MDNAC"
},
{
"status": "affected",
"version": "2.3.5.3-AIRGAP"
},
{
"status": "affected",
"version": "2.3.6.0-AIRGAP"
},
{
"status": "affected",
"version": "2.3.7.0"
},
{
"status": "affected",
"version": "2.3.7.0-AIRGAP"
},
{
"status": "affected",
"version": "2.3.7.0-AIRGAP-MDNAC"
},
{
"status": "affected",
"version": "2.3.7.0-VA"
},
{
"status": "affected",
"version": "2.3.5.4"
},
{
"status": "affected",
"version": "2.3.5.4-AIRGAP"
},
{
"status": "affected",
"version": "2.3.5.4-AIRGAP-MDNAC"
},
{
"status": "affected",
"version": "2.3.7.3"
},
{
"status": "affected",
"version": "2.3.7.3-AIRGAP"
},
{
"status": "affected",
"version": "2.3.7.3-AIRGAP-MDNAC"
},
{
"status": "affected",
"version": "2.3.5.5-AIRGAP"
},
{
"status": "affected",
"version": "2.3.5.5"
},
{
"status": "affected",
"version": "2.3.5.5-AIRGAP-MDNAC"
},
{
"status": "affected",
"version": "2.3.7.4"
},
{
"status": "affected",
"version": "2.3.7.4-AIRGAP"
},
{
"status": "affected",
"version": "2.3.7.4-AIRGAP-MDNAC"
},
{
"status": "affected",
"version": "2.3.7.5-AIRGAP"
},
{
"status": "affected",
"version": "2.3.7.5-VA"
},
{
"status": "affected",
"version": "2.3.5.6-AIRGAP"
},
{
"status": "affected",
"version": "2.3.5.6"
},
{
"status": "affected",
"version": "2.3.5.6-AIRGAP-MDNAC"
},
{
"status": "affected",
"version": "1.0.0.0"
},
{
"status": "affected",
"version": "2.3.7.6-AIRGAP"
},
{
"status": "affected",
"version": "2.3.7.6"
},
{
"status": "affected",
"version": "2.3.7.6-VA"
},
{
"status": "affected",
"version": "2.3.5.5-70026-HF70"
},
{
"status": "affected",
"version": "2.3.5.5-70026-HF51"
},
{
"status": "affected",
"version": "2.3.5.6-70143-HF20"
},
{
"status": "affected",
"version": "2.3.7.6-AIRGAP-MDNAC"
},
{
"status": "affected",
"version": "2.3.5.5-70026-HF52"
},
{
"status": "affected",
"version": "2.3.5.5-70026-HF53"
},
{
"status": "affected",
"version": "2.3.5.5-70026-HF71"
},
{
"status": "affected",
"version": "2.3.7.7"
},
{
"status": "affected",
"version": "2.3.7.7-VA"
},
{
"status": "affected",
"version": "2.3.7.7-AIRGAP"
},
{
"status": "affected",
"version": "2.3.7.7-AIRGAP-MDNAC"
},
{
"status": "affected",
"version": "2.3.5.5-70026-HF72"
},
{
"status": "affected",
"version": "2.3.7.9-VA"
},
{
"status": "affected",
"version": "2.3.7.9"
},
{
"status": "affected",
"version": "2.3.7.9-AIRGAP"
},
{
"status": "affected",
"version": "2.3.7.9-AIRGAP-MDNAC"
},
{
"status": "affected",
"version": "2.3.7.9-70301-SMU1"
},
{
"status": "affected",
"version": "2.3.5.3-EULA"
},
{
"status": "affected",
"version": "0.0.0.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the REST API of Cisco Catalyst Center could allow an authenticated, remote attacker to execute arbitrary commands in a restricted container as the root user.\r\n\r\nThis vulnerability is due to insufficient validation of user-supplied input in REST API request parameters. An attacker could exploit this vulnerability by sending a crafted API request to an affected device. A successful exploit could allow the attacker to inject arbitrary commands that would then be executed in a restricted container with root privileges. To exploit this vulnerability, the attacker must have valid credentials for a user account with at least the role of Observer."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-13T16:27:31.359Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-dnac-ci-ZWLQVSwT",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-dnac-ci-ZWLQVSwT"
}
],
"source": {
"advisory": "cisco-sa-dnac-ci-ZWLQVSwT",
"defects": [
"CSCwo77762"
],
"discovery": "INTERNAL"
},
"title": "Cisco DNA Center API Command Injection Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2025-20349",
"datePublished": "2025-11-13T16:18:03.689Z",
"dateReserved": "2024-10-10T19:15:13.257Z",
"dateUpdated": "2025-11-14T04:55:36.331Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-20223 (GCVE-0-2025-20223)
Vulnerability from cvelistv5 – Published: 2025-05-07 17:37 – Updated: 2025-05-07 19:42
VLAI?
Summary
A vulnerability in Cisco Catalyst Center, formerly Cisco DNA Center, could allow an authenticated, remote attacker to read and modify data in a repository that belongs to an internal service of an affected device.
This vulnerability is due to insufficient enforcement of access control on HTTP requests. An attacker could exploit this vulnerability by submitting a crafted HTTP request to an affected device. A successful exploit could allow the attacker to read and modify data that is handled by an internal service on the affected device.
Severity ?
4.7 (Medium)
CWE
- CWE-284 - Improper Access Control
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Digital Network Architecture Center (DNA Center) |
Affected:
N/A
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-20223",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-07T18:55:55.249266Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-05-07T19:42:38.775Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco Digital Network Architecture Center (DNA Center)",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "N/A"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in Cisco Catalyst Center, formerly Cisco DNA Center, could allow an authenticated, remote attacker to read and modify data in a repository that belongs to an internal service of an affected device.\r\n\r This vulnerability is due to insufficient enforcement of access control on HTTP requests. An attacker could exploit this vulnerability by submitting a crafted HTTP request to an affected device. A successful exploit could allow the attacker to read and modify data that is handled by an internal service on the affected device."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "Improper Access Control",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-07T17:37:26.454Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-catc-insec-acc-mtt8EhEb",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-catc-insec-acc-mtt8EhEb"
}
],
"source": {
"advisory": "cisco-sa-catc-insec-acc-mtt8EhEb",
"defects": [
"CSCwk27721"
],
"discovery": "INTERNAL"
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2025-20223",
"datePublished": "2025-05-07T17:37:26.454Z",
"dateReserved": "2024-10-10T19:15:13.235Z",
"dateUpdated": "2025-05-07T19:42:38.775Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-20210 (GCVE-0-2025-20210)
Vulnerability from cvelistv5 – Published: 2025-05-07 17:16 – Updated: 2025-05-07 19:48
VLAI?
Summary
A vulnerability in the management API of Cisco Catalyst Center, formerly Cisco DNA Center, could allow an unauthenticated, remote attacker to read and modify the outgoing proxy configuration settings.
This vulnerability is due to the lack of authentication in an API endpoint. An attacker could exploit this vulnerability by sending a request to the affected API of a Catalyst Center device. A successful exploit could allow the attacker to view or modify the outgoing proxy configuration, which could disrupt internet traffic from Cisco Catalyst Center or may allow the attacker to intercept outbound internet traffic.
Severity ?
7.3 (High)
CWE
- CWE-306 - Missing Authentication for Critical Function
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Digital Network Architecture Center (DNA Center) |
Affected:
2.1.1.0
Affected: 2.1.1.3 Affected: 2.1.2.0 Affected: 2.1.2.3 Affected: 2.1.2.4 Affected: 2.1.2.5 Affected: 2.2.1.0 Affected: 2.1.2.6 Affected: 2.2.2.0 Affected: 2.2.2.1 Affected: 2.2.2.3 Affected: 2.1.2.7 Affected: 2.2.1.3 Affected: 2.2.3.0 Affected: 2.2.2.4 Affected: 2.2.2.5 Affected: 2.2.3.3 Affected: 2.2.2.7 Affected: 2.2.2.6 Affected: 2.2.2.8 Affected: 2.2.3.4 Affected: 2.1.2.8 Affected: 2.3.2.1 Affected: 2.3.2.1-AIRGAP Affected: 2.3.2.1-AIRGAP-CA Affected: 2.2.3.5 Affected: 2.3.3.0 Affected: 2.3.3.3 Affected: 2.3.3.1-AIRGAP Affected: 2.3.3.1 Affected: 2.3.2.3 Affected: 2.3.3.3-AIRGAP Affected: 2.2.3.6 Affected: 2.2.2.9 Affected: 2.3.3.0-AIRGAP Affected: 2.3.3.3-AIRGAP-CA Affected: 2.3.3.4 Affected: 2.3.3.4-AIRGAP Affected: 2.3.3.4-AIRGAP-MDNAC Affected: 2.3.3.4-HF1 Affected: 2.3.4.0 Affected: 2.3.3.5 Affected: 2.3.3.5-AIRGAP Affected: 2.3.4.0-AIRGAP Affected: 2.3.4.3 Affected: 2.3.4.3-AIRGAP Affected: 2.3.3.6 Affected: 2.3.5.0 Affected: 2.3.3.6-AIRGAP Affected: 2.3.5.0-AIRGAP Affected: 2.3.3.6-AIRGAP-MDNAC Affected: 2.3.5.0-AIRGAP-MDNAC Affected: 2.3.3.7 Affected: 2.3.3.7-AIRGAP Affected: 2.3.3.7-AIRGAP-MDNAC Affected: 2.3.6.0 Affected: 2.3.3.6-70045-HF1 Affected: 2.3.3.7-72328-AIRGAP Affected: 2.3.3.7-72323 Affected: 2.3.3.7-72328-MDNAC Affected: 2.3.5.3 Affected: 2.3.5.3-AIRGAP-MDNAC Affected: 2.3.5.3-AIRGAP Affected: 2.3.6.0-AIRGAP Affected: 2.3.7.0 Affected: 2.3.7.0-AIRGAP Affected: 2.3.7.0-AIRGAP-MDNAC Affected: 2.3.7.0-VA Affected: 2.3.5.4 Affected: 2.3.5.4-AIRGAP Affected: 2.3.5.4-AIRGAP-MDNAC Affected: 2.3.7.3 Affected: 2.3.7.3-AIRGAP Affected: 2.3.7.3-AIRGAP-MDNAC Affected: 2.3.5.5-AIRGAP Affected: 2.3.5.5 Affected: 2.3.5.5-AIRGAP-MDNAC Affected: 2.3.7.4 Affected: 2.3.7.4-AIRGAP Affected: 2.3.7.4-AIRGAP-MDNAC Affected: 2.3.7.5-AIRGAP Affected: 2.3.7.5-VA Affected: 2.3.5.6-AIRGAP Affected: 2.3.5.6 Affected: 2.3.5.6-AIRGAP-MDNAC Affected: 2.3.7.6-AIRGAP Affected: 2.3.7.6 Affected: 2.3.7.6-VA Affected: 2.3.5.5-70026-HF70 Affected: 2.3.5.5-70026-HF51 Affected: 2.3.5.6-70143-HF20 Affected: 2.3.7.6-AIRGAP-MDNAC Affected: 2.3.5.5-70026-HF52 Affected: 2.3.5.5-70026-HF53 Affected: 2.3.5.5-70026-HF71 Affected: 2.3.7.7 Affected: 2.3.7.7-VA Affected: 2.3.7.7-AIRGAP Affected: 2.3.7.7-AIRGAP-MDNAC Affected: 2.3.5.5-70026-HF72 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-20210",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-07T18:57:07.111143Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-05-07T19:48:12.129Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Cisco Digital Network Architecture Center (DNA Center)",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "2.1.1.0"
},
{
"status": "affected",
"version": "2.1.1.3"
},
{
"status": "affected",
"version": "2.1.2.0"
},
{
"status": "affected",
"version": "2.1.2.3"
},
{
"status": "affected",
"version": "2.1.2.4"
},
{
"status": "affected",
"version": "2.1.2.5"
},
{
"status": "affected",
"version": "2.2.1.0"
},
{
"status": "affected",
"version": "2.1.2.6"
},
{
"status": "affected",
"version": "2.2.2.0"
},
{
"status": "affected",
"version": "2.2.2.1"
},
{
"status": "affected",
"version": "2.2.2.3"
},
{
"status": "affected",
"version": "2.1.2.7"
},
{
"status": "affected",
"version": "2.2.1.3"
},
{
"status": "affected",
"version": "2.2.3.0"
},
{
"status": "affected",
"version": "2.2.2.4"
},
{
"status": "affected",
"version": "2.2.2.5"
},
{
"status": "affected",
"version": "2.2.3.3"
},
{
"status": "affected",
"version": "2.2.2.7"
},
{
"status": "affected",
"version": "2.2.2.6"
},
{
"status": "affected",
"version": "2.2.2.8"
},
{
"status": "affected",
"version": "2.2.3.4"
},
{
"status": "affected",
"version": "2.1.2.8"
},
{
"status": "affected",
"version": "2.3.2.1"
},
{
"status": "affected",
"version": "2.3.2.1-AIRGAP"
},
{
"status": "affected",
"version": "2.3.2.1-AIRGAP-CA"
},
{
"status": "affected",
"version": "2.2.3.5"
},
{
"status": "affected",
"version": "2.3.3.0"
},
{
"status": "affected",
"version": "2.3.3.3"
},
{
"status": "affected",
"version": "2.3.3.1-AIRGAP"
},
{
"status": "affected",
"version": "2.3.3.1"
},
{
"status": "affected",
"version": "2.3.2.3"
},
{
"status": "affected",
"version": "2.3.3.3-AIRGAP"
},
{
"status": "affected",
"version": "2.2.3.6"
},
{
"status": "affected",
"version": "2.2.2.9"
},
{
"status": "affected",
"version": "2.3.3.0-AIRGAP"
},
{
"status": "affected",
"version": "2.3.3.3-AIRGAP-CA"
},
{
"status": "affected",
"version": "2.3.3.4"
},
{
"status": "affected",
"version": "2.3.3.4-AIRGAP"
},
{
"status": "affected",
"version": "2.3.3.4-AIRGAP-MDNAC"
},
{
"status": "affected",
"version": "2.3.3.4-HF1"
},
{
"status": "affected",
"version": "2.3.4.0"
},
{
"status": "affected",
"version": "2.3.3.5"
},
{
"status": "affected",
"version": "2.3.3.5-AIRGAP"
},
{
"status": "affected",
"version": "2.3.4.0-AIRGAP"
},
{
"status": "affected",
"version": "2.3.4.3"
},
{
"status": "affected",
"version": "2.3.4.3-AIRGAP"
},
{
"status": "affected",
"version": "2.3.3.6"
},
{
"status": "affected",
"version": "2.3.5.0"
},
{
"status": "affected",
"version": "2.3.3.6-AIRGAP"
},
{
"status": "affected",
"version": "2.3.5.0-AIRGAP"
},
{
"status": "affected",
"version": "2.3.3.6-AIRGAP-MDNAC"
},
{
"status": "affected",
"version": "2.3.5.0-AIRGAP-MDNAC"
},
{
"status": "affected",
"version": "2.3.3.7"
},
{
"status": "affected",
"version": "2.3.3.7-AIRGAP"
},
{
"status": "affected",
"version": "2.3.3.7-AIRGAP-MDNAC"
},
{
"status": "affected",
"version": "2.3.6.0"
},
{
"status": "affected",
"version": "2.3.3.6-70045-HF1"
},
{
"status": "affected",
"version": "2.3.3.7-72328-AIRGAP"
},
{
"status": "affected",
"version": "2.3.3.7-72323"
},
{
"status": "affected",
"version": "2.3.3.7-72328-MDNAC"
},
{
"status": "affected",
"version": "2.3.5.3"
},
{
"status": "affected",
"version": "2.3.5.3-AIRGAP-MDNAC"
},
{
"status": "affected",
"version": "2.3.5.3-AIRGAP"
},
{
"status": "affected",
"version": "2.3.6.0-AIRGAP"
},
{
"status": "affected",
"version": "2.3.7.0"
},
{
"status": "affected",
"version": "2.3.7.0-AIRGAP"
},
{
"status": "affected",
"version": "2.3.7.0-AIRGAP-MDNAC"
},
{
"status": "affected",
"version": "2.3.7.0-VA"
},
{
"status": "affected",
"version": "2.3.5.4"
},
{
"status": "affected",
"version": "2.3.5.4-AIRGAP"
},
{
"status": "affected",
"version": "2.3.5.4-AIRGAP-MDNAC"
},
{
"status": "affected",
"version": "2.3.7.3"
},
{
"status": "affected",
"version": "2.3.7.3-AIRGAP"
},
{
"status": "affected",
"version": "2.3.7.3-AIRGAP-MDNAC"
},
{
"status": "affected",
"version": "2.3.5.5-AIRGAP"
},
{
"status": "affected",
"version": "2.3.5.5"
},
{
"status": "affected",
"version": "2.3.5.5-AIRGAP-MDNAC"
},
{
"status": "affected",
"version": "2.3.7.4"
},
{
"status": "affected",
"version": "2.3.7.4-AIRGAP"
},
{
"status": "affected",
"version": "2.3.7.4-AIRGAP-MDNAC"
},
{
"status": "affected",
"version": "2.3.7.5-AIRGAP"
},
{
"status": "affected",
"version": "2.3.7.5-VA"
},
{
"status": "affected",
"version": "2.3.5.6-AIRGAP"
},
{
"status": "affected",
"version": "2.3.5.6"
},
{
"status": "affected",
"version": "2.3.5.6-AIRGAP-MDNAC"
},
{
"status": "affected",
"version": "2.3.7.6-AIRGAP"
},
{
"status": "affected",
"version": "2.3.7.6"
},
{
"status": "affected",
"version": "2.3.7.6-VA"
},
{
"status": "affected",
"version": "2.3.5.5-70026-HF70"
},
{
"status": "affected",
"version": "2.3.5.5-70026-HF51"
},
{
"status": "affected",
"version": "2.3.5.6-70143-HF20"
},
{
"status": "affected",
"version": "2.3.7.6-AIRGAP-MDNAC"
},
{
"status": "affected",
"version": "2.3.5.5-70026-HF52"
},
{
"status": "affected",
"version": "2.3.5.5-70026-HF53"
},
{
"status": "affected",
"version": "2.3.5.5-70026-HF71"
},
{
"status": "affected",
"version": "2.3.7.7"
},
{
"status": "affected",
"version": "2.3.7.7-VA"
},
{
"status": "affected",
"version": "2.3.7.7-AIRGAP"
},
{
"status": "affected",
"version": "2.3.7.7-AIRGAP-MDNAC"
},
{
"status": "affected",
"version": "2.3.5.5-70026-HF72"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the management API of Cisco Catalyst Center, formerly Cisco DNA Center, could allow an unauthenticated, remote attacker to read and modify the outgoing proxy configuration settings.\r\n\r\nThis vulnerability is due to the lack of authentication in an API endpoint. An attacker could exploit this vulnerability by sending a request to the affected API of a Catalyst Center device. A successful exploit could allow the attacker to view or modify the outgoing proxy configuration, which could disrupt internet traffic from Cisco Catalyst Center or may allow the attacker to intercept outbound internet traffic."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-306",
"description": "Missing Authentication for Critical Function",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-07T17:16:52.708Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-dnac-api-nBPZcJCM",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-dnac-api-nBPZcJCM"
}
],
"source": {
"advisory": "cisco-sa-dnac-api-nBPZcJCM",
"defects": [
"CSCwn10252"
],
"discovery": "EXTERNAL"
},
"title": "Cisco Catalyst Center Unprotected API Endpoint"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2025-20210",
"datePublished": "2025-05-07T17:16:52.708Z",
"dateReserved": "2024-10-10T19:15:13.231Z",
"dateUpdated": "2025-05-07T19:48:12.129Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-20350 (GCVE-0-2024-20350)
Vulnerability from cvelistv5 – Published: 2024-09-25 16:19 – Updated: 2024-09-27 03:55
VLAI?
Summary
A vulnerability in the SSH server of Cisco Catalyst Center, formerly Cisco DNA Center, could allow an unauthenticated, remote attacker to impersonate a Cisco Catalyst Center appliance.
This vulnerability is due to the presence of a static SSH host key. An attacker could exploit this vulnerability by performing a machine-in-the-middle attack on SSH connections, which could allow the attacker to intercept traffic between SSH clients and a Cisco Catalyst Center appliance. A successful exploit could allow the attacker to impersonate the affected appliance, inject commands into the terminal session, and steal valid user credentials.
Severity ?
7.5 (High)
CWE
- CWE-321 - Use of Hard-coded Cryptographic Key
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Digital Network Architecture Center (DNA Center) |
Affected:
1.4.0.0
Affected: 2.1.1.0 Affected: 2.1.1.3 Affected: 2.1.2.0 Affected: 2.1.2.3 Affected: 2.1.2.4 Affected: 2.1.2.5 Affected: 2.2.1.0 Affected: 2.1.2.6 Affected: 2.2.2.0 Affected: 2.2.2.1 Affected: 2.2.2.3 Affected: 2.1.2.7 Affected: 2.2.1.3 Affected: 2.2.3.0 Affected: 2.2.2.4 Affected: 2.2.2.5 Affected: 2.2.3.3 Affected: 2.2.2.7 Affected: 2.2.2.6 Affected: 2.2.2.8 Affected: 2.2.3.4 Affected: 2.1.2.8 Affected: 2.3.2.1 Affected: 2.3.2.1-AIRGAP Affected: 2.3.2.1-AIRGAP-CA Affected: 2.2.3.5 Affected: 2.3.3.0 Affected: 2.3.3.3 Affected: 2.3.3.1-AIRGAP Affected: 2.3.3.1 Affected: 2.3.2.3 Affected: 2.3.3.3-AIRGAP Affected: 2.2.3.6 Affected: 2.2.2.9 Affected: 2.3.3.0-AIRGAP Affected: 2.3.3.3-AIRGAP-CA Affected: 2.3.3.4 Affected: 2.3.3.4-AIRGAP Affected: 2.3.3.4-AIRGAP-MDNAC Affected: 2.3.3.4-HF1 Affected: 2.3.4.0 Affected: 2.3.3.5 Affected: 2.3.3.5-AIRGAP Affected: 2.3.4.0-AIRGAP Affected: 2.3.4.3 Affected: 2.3.4.3-AIRGAP Affected: 2.3.3.6 Affected: 2.3.5.0 Affected: 2.3.3.6-AIRGAP Affected: 2.3.5.0-AIRGAP Affected: 2.3.3.6-AIRGAP-MDNAC Affected: 2.3.5.0-AIRGAP-MDNAC Affected: 2.3.3.7 Affected: 2.3.3.7-AIRGAP Affected: 2.3.3.7-AIRGAP-MDNAC Affected: 2.3.6.0 Affected: 2.3.3.6-70045-HF1 Affected: 2.3.3.7-72328-AIRGAP Affected: 2.3.3.7-72323 Affected: 2.3.3.7-72328-MDNAC Affected: 2.3.5.3 Affected: 2.3.5.3-AIRGAP-MDNAC Affected: 2.3.5.3-AIRGAP Affected: 2.3.6.0-AIRGAP Affected: 2.3.7.0 Affected: 2.3.7.0-AIRGAP Affected: 2.3.7.0-AIRGAP-MDNAC Affected: 2.3.7.0-VA Affected: 2.3.5.4 Affected: 2.3.5.4-AIRGAP Affected: 2.3.5.4-AIRGAP-MDNAC Affected: 2.3.7.3 Affected: 2.3.7.3-AIRGAP Affected: 2.3.7.3-AIRGAP-MDNAC Affected: 2.3.5.5-AIRGAP Affected: 2.3.5.5 Affected: 2.3.5.5-AIRGAP-MDNAC Affected: 2.3.7.4 Affected: 2.3.7.4-AIRGAP Affected: 2.3.7.4-AIRGAP-MDNAC Affected: 1.0.0.0 Affected: 2.3.5.5-70026-HF70 Affected: 2.3.5.5-70026-HF51 Affected: 2.3.5.5-70026-HF52 Affected: 2.3.5.5-70026-HF53 |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:cisco:digital_network_architecture_center:1.4.0.0:*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:digital_network_architecture_center:2.1.1.0:*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:digital_network_architecture_center:2.1.1.3:*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:digital_network_architecture_center:2.1.2.0:*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:digital_network_architecture_center:2.1.2.3:*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:digital_network_architecture_center:2.1.2.4:*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:digital_network_architecture_center:2.1.2.5:*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:digital_network_architecture_center:2.2.1.0:*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:digital_network_architecture_center:2.1.2.6:*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:digital_network_architecture_center:2.2.2.0:*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:digital_network_architecture_center:2.2.2.1:*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:digital_network_architecture_center:2.2.2.3:*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:digital_network_architecture_center:2.1.2.7:*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:digital_network_architecture_center:2.2.1.3:*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:digital_network_architecture_center:2.2.3.0:*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:digital_network_architecture_center:2.2.2.4:*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:digital_network_architecture_center:2.2.2.5:*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:digital_network_architecture_center:2.2.3.3:*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:digital_network_architecture_center:2.2.2.7:*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:digital_network_architecture_center:2.2.2.6:*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:digital_network_architecture_center:2.2.2.8:*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:digital_network_architecture_center:2.2.3.4:*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:digital_network_architecture_center:2.1.2.8:*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:digital_network_architecture_center:2.3.2.1:*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:digital_network_architecture_center:2.3.2.1-airgap:*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:digital_network_architecture_center:2.3.2.1-airgap-ca:*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:digital_network_architecture_center:2.2.3.5:*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:digital_network_architecture_center:2.3.3.0:*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:digital_network_architecture_center:2.3.3.3:*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:digital_network_architecture_center:2.3.3.1-airgap:*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:digital_network_architecture_center:2.3.3.1:*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:digital_network_architecture_center:2.3.2.3:*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:digital_network_architecture_center:2.3.3.3-airgap:*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:digital_network_architecture_center:2.2.3.6:*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:digital_network_architecture_center:2.2.2.9:*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:digital_network_architecture_center:2.3.3.0-airgap:*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:digital_network_architecture_center:2.3.3.3-airgap-ca:*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:digital_network_architecture_center:2.3.3.4:*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:digital_network_architecture_center:2.3.3.4-airgap:*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:digital_network_architecture_center:2.3.3.4-airgap-mdnac:*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:digital_network_architecture_center:2.3.3.4-hf1:*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:digital_network_architecture_center:2.3.4.0:*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:digital_network_architecture_center:2.3.3.5:*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:digital_network_architecture_center:2.3.3.5-airgap:*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:digital_network_architecture_center:2.3.4.0-airgap:*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:digital_network_architecture_center:2.3.4.3:*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:digital_network_architecture_center:2.3.4.3-airgap:*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:digital_network_architecture_center:2.3.3.6:*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:digital_network_architecture_center:2.3.5.0:*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:digital_network_architecture_center:2.3.3.6-airgap:*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:digital_network_architecture_center:2.3.5.0-airgap:*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:digital_network_architecture_center:2.3.3.6-airgap-mdnac:*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:digital_network_architecture_center:2.3.5.0-airgap-mdnac:*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:digital_network_architecture_center:2.3.3.7:*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:digital_network_architecture_center:2.3.3.7-airgap:*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:digital_network_architecture_center:2.3.3.7-airgap-mdnac:*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:digital_network_architecture_center:2.3.6.0:*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:digital_network_architecture_center:2.3.3.6-70045-hf1:*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:digital_network_architecture_center:2.3.3.7-72328-airgap:*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:digital_network_architecture_center:2.3.3.7-72323:*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:digital_network_architecture_center:2.3.3.7-72328-mdnac:*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:digital_network_architecture_center:2.3.5.3:*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:digital_network_architecture_center:2.3.5.3-airgap-mdnac:*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:digital_network_architecture_center:2.3.5.3-airgap:*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:digital_network_architecture_center:2.3.6.0-airgap:*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:digital_network_architecture_center:2.3.7.0:*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:digital_network_architecture_center:2.3.7.0-airgap:*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:digital_network_architecture_center:2.3.7.0-airgap-mdnac:*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:digital_network_architecture_center:2.3.7.0-va:*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:digital_network_architecture_center:2.3.5.4:*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:digital_network_architecture_center:2.3.5.4-airgap:*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:digital_network_architecture_center:2.3.5.4-airgap-mdnac:*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:digital_network_architecture_center:2.3.7.3:*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:digital_network_architecture_center:2.3.7.3-airgap:*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:digital_network_architecture_center:2.3.7.3-airgap-mdnac:*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:digital_network_architecture_center:2.3.5.5-airgap:*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:digital_network_architecture_center:2.3.5.5:*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:digital_network_architecture_center:2.3.5.5-airgap-mdnac:*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:digital_network_architecture_center:2.3.7.4:*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:digital_network_architecture_center:2.3.7.4-airgap:*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:digital_network_architecture_center:2.3.7.4-airgap-mdnac:*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:digital_network_architecture_center:1.0.0.0:*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:digital_network_architecture_center:2.3.5.5-70026-hf70:*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:digital_network_architecture_center:2.3.5.5-70026-hf51:*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:digital_network_architecture_center:2.3.5.5-70026-hf52:*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:digital_network_architecture_center:2.3.5.5-70026-hf53:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "digital_network_architecture_center",
"vendor": "cisco",
"versions": [
{
"status": "affected",
"version": "1.4.0.0"
},
{
"status": "affected",
"version": "2.1.1.0"
},
{
"status": "affected",
"version": "2.1.1.3"
},
{
"status": "affected",
"version": "2.1.2.0"
},
{
"status": "affected",
"version": "2.1.2.3"
},
{
"status": "affected",
"version": "2.1.2.4"
},
{
"status": "affected",
"version": "2.1.2.5"
},
{
"status": "affected",
"version": "2.2.1.0"
},
{
"status": "affected",
"version": "2.1.2.6"
},
{
"status": "affected",
"version": "2.2.2.0"
},
{
"status": "affected",
"version": "2.2.2.1"
},
{
"status": "affected",
"version": "2.2.2.3"
},
{
"status": "affected",
"version": "2.1.2.7"
},
{
"status": "affected",
"version": "2.2.1.3"
},
{
"status": "affected",
"version": "2.2.3.0"
},
{
"status": "affected",
"version": "2.2.2.4"
},
{
"status": "affected",
"version": "2.2.2.5"
},
{
"status": "affected",
"version": "2.2.3.3"
},
{
"status": "affected",
"version": "2.2.2.7"
},
{
"status": "affected",
"version": "2.2.2.6"
},
{
"status": "affected",
"version": "2.2.2.8"
},
{
"status": "affected",
"version": "2.2.3.4"
},
{
"status": "affected",
"version": "2.1.2.8"
},
{
"status": "affected",
"version": "2.3.2.1"
},
{
"status": "affected",
"version": "2.3.2.1-airgap"
},
{
"status": "affected",
"version": "2.3.2.1-airgap-ca"
},
{
"status": "affected",
"version": "2.2.3.5"
},
{
"status": "affected",
"version": "2.3.3.0"
},
{
"status": "affected",
"version": "2.3.3.3"
},
{
"status": "affected",
"version": "2.3.3.1-airgap"
},
{
"status": "affected",
"version": "2.3.3.1"
},
{
"status": "affected",
"version": "2.3.2.3"
},
{
"status": "affected",
"version": "2.3.3.3-airgap"
},
{
"status": "affected",
"version": "2.2.3.6"
},
{
"status": "affected",
"version": "2.2.2.9"
},
{
"status": "affected",
"version": "2.3.3.0-airgap"
},
{
"status": "affected",
"version": "2.3.3.3-airgap-ca"
},
{
"status": "affected",
"version": "2.3.3.4"
},
{
"status": "affected",
"version": "2.3.3.4-airgap"
},
{
"status": "affected",
"version": "2.3.3.4-airgap-mdnac"
},
{
"status": "affected",
"version": "2.3.3.4-hf1"
},
{
"status": "affected",
"version": "2.3.4.0"
},
{
"status": "affected",
"version": "2.3.3.5"
},
{
"status": "affected",
"version": "2.3.3.5-airgap"
},
{
"status": "affected",
"version": "2.3.4.0-airgap"
},
{
"status": "affected",
"version": "2.3.4.3"
},
{
"status": "affected",
"version": "2.3.4.3-airgap"
},
{
"status": "affected",
"version": "2.3.3.6"
},
{
"status": "affected",
"version": "2.3.5.0"
},
{
"status": "affected",
"version": "2.3.3.6-airgap"
},
{
"status": "affected",
"version": "2.3.5.0-airgap"
},
{
"status": "affected",
"version": "2.3.3.6-airgap-mdnac"
},
{
"status": "affected",
"version": "2.3.5.0-airgap-mdnac"
},
{
"status": "affected",
"version": "2.3.3.7"
},
{
"status": "affected",
"version": "2.3.3.7-airgap"
},
{
"status": "affected",
"version": "2.3.3.7-airgap-mdnac"
},
{
"status": "affected",
"version": "2.3.6.0"
},
{
"status": "affected",
"version": "2.3.3.6-70045-hf1"
},
{
"status": "affected",
"version": "2.3.3.7-72328-airgap"
},
{
"status": "affected",
"version": "2.3.3.7-72323"
},
{
"status": "affected",
"version": "2.3.3.7-72328-mdnac"
},
{
"status": "affected",
"version": "2.3.5.3"
},
{
"status": "affected",
"version": "2.3.5.3-airgap-mdnac"
},
{
"status": "affected",
"version": "2.3.5.3-airgap"
},
{
"status": "affected",
"version": "2.3.6.0-airgap"
},
{
"status": "affected",
"version": "2.3.7.0"
},
{
"status": "affected",
"version": "2.3.7.0-airgap"
},
{
"status": "affected",
"version": "2.3.7.0-airgap-mdnac"
},
{
"status": "affected",
"version": "2.3.7.0-va"
},
{
"status": "affected",
"version": "2.3.5.4"
},
{
"status": "affected",
"version": "2.3.5.4-airgap"
},
{
"status": "affected",
"version": "2.3.5.4-airgap-mdnac"
},
{
"status": "affected",
"version": "2.3.7.3"
},
{
"status": "affected",
"version": "2.3.7.3-airgap"
},
{
"status": "affected",
"version": "2.3.7.3-airgap-mdnac"
},
{
"status": "affected",
"version": "2.3.5.5-airgap"
},
{
"status": "affected",
"version": "2.3.5.5"
},
{
"status": "affected",
"version": "2.3.5.5-airgap-mdnac"
},
{
"status": "affected",
"version": "2.3.7.4"
},
{
"status": "affected",
"version": "2.3.7.4-airgap"
},
{
"status": "affected",
"version": "2.3.7.4-airgap-mdnac"
},
{
"status": "affected",
"version": "1.0.0.0"
},
{
"status": "affected",
"version": "2.3.5.5-70026-hf70"
},
{
"status": "affected",
"version": "2.3.5.5-70026-hf51"
},
{
"status": "affected",
"version": "2.3.5.5-70026-hf52"
},
{
"status": "affected",
"version": "2.3.5.5-70026-hf53"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-20350",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-26T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-27T03:55:13.779Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Cisco Digital Network Architecture Center (DNA Center)",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "1.4.0.0"
},
{
"status": "affected",
"version": "2.1.1.0"
},
{
"status": "affected",
"version": "2.1.1.3"
},
{
"status": "affected",
"version": "2.1.2.0"
},
{
"status": "affected",
"version": "2.1.2.3"
},
{
"status": "affected",
"version": "2.1.2.4"
},
{
"status": "affected",
"version": "2.1.2.5"
},
{
"status": "affected",
"version": "2.2.1.0"
},
{
"status": "affected",
"version": "2.1.2.6"
},
{
"status": "affected",
"version": "2.2.2.0"
},
{
"status": "affected",
"version": "2.2.2.1"
},
{
"status": "affected",
"version": "2.2.2.3"
},
{
"status": "affected",
"version": "2.1.2.7"
},
{
"status": "affected",
"version": "2.2.1.3"
},
{
"status": "affected",
"version": "2.2.3.0"
},
{
"status": "affected",
"version": "2.2.2.4"
},
{
"status": "affected",
"version": "2.2.2.5"
},
{
"status": "affected",
"version": "2.2.3.3"
},
{
"status": "affected",
"version": "2.2.2.7"
},
{
"status": "affected",
"version": "2.2.2.6"
},
{
"status": "affected",
"version": "2.2.2.8"
},
{
"status": "affected",
"version": "2.2.3.4"
},
{
"status": "affected",
"version": "2.1.2.8"
},
{
"status": "affected",
"version": "2.3.2.1"
},
{
"status": "affected",
"version": "2.3.2.1-AIRGAP"
},
{
"status": "affected",
"version": "2.3.2.1-AIRGAP-CA"
},
{
"status": "affected",
"version": "2.2.3.5"
},
{
"status": "affected",
"version": "2.3.3.0"
},
{
"status": "affected",
"version": "2.3.3.3"
},
{
"status": "affected",
"version": "2.3.3.1-AIRGAP"
},
{
"status": "affected",
"version": "2.3.3.1"
},
{
"status": "affected",
"version": "2.3.2.3"
},
{
"status": "affected",
"version": "2.3.3.3-AIRGAP"
},
{
"status": "affected",
"version": "2.2.3.6"
},
{
"status": "affected",
"version": "2.2.2.9"
},
{
"status": "affected",
"version": "2.3.3.0-AIRGAP"
},
{
"status": "affected",
"version": "2.3.3.3-AIRGAP-CA"
},
{
"status": "affected",
"version": "2.3.3.4"
},
{
"status": "affected",
"version": "2.3.3.4-AIRGAP"
},
{
"status": "affected",
"version": "2.3.3.4-AIRGAP-MDNAC"
},
{
"status": "affected",
"version": "2.3.3.4-HF1"
},
{
"status": "affected",
"version": "2.3.4.0"
},
{
"status": "affected",
"version": "2.3.3.5"
},
{
"status": "affected",
"version": "2.3.3.5-AIRGAP"
},
{
"status": "affected",
"version": "2.3.4.0-AIRGAP"
},
{
"status": "affected",
"version": "2.3.4.3"
},
{
"status": "affected",
"version": "2.3.4.3-AIRGAP"
},
{
"status": "affected",
"version": "2.3.3.6"
},
{
"status": "affected",
"version": "2.3.5.0"
},
{
"status": "affected",
"version": "2.3.3.6-AIRGAP"
},
{
"status": "affected",
"version": "2.3.5.0-AIRGAP"
},
{
"status": "affected",
"version": "2.3.3.6-AIRGAP-MDNAC"
},
{
"status": "affected",
"version": "2.3.5.0-AIRGAP-MDNAC"
},
{
"status": "affected",
"version": "2.3.3.7"
},
{
"status": "affected",
"version": "2.3.3.7-AIRGAP"
},
{
"status": "affected",
"version": "2.3.3.7-AIRGAP-MDNAC"
},
{
"status": "affected",
"version": "2.3.6.0"
},
{
"status": "affected",
"version": "2.3.3.6-70045-HF1"
},
{
"status": "affected",
"version": "2.3.3.7-72328-AIRGAP"
},
{
"status": "affected",
"version": "2.3.3.7-72323"
},
{
"status": "affected",
"version": "2.3.3.7-72328-MDNAC"
},
{
"status": "affected",
"version": "2.3.5.3"
},
{
"status": "affected",
"version": "2.3.5.3-AIRGAP-MDNAC"
},
{
"status": "affected",
"version": "2.3.5.3-AIRGAP"
},
{
"status": "affected",
"version": "2.3.6.0-AIRGAP"
},
{
"status": "affected",
"version": "2.3.7.0"
},
{
"status": "affected",
"version": "2.3.7.0-AIRGAP"
},
{
"status": "affected",
"version": "2.3.7.0-AIRGAP-MDNAC"
},
{
"status": "affected",
"version": "2.3.7.0-VA"
},
{
"status": "affected",
"version": "2.3.5.4"
},
{
"status": "affected",
"version": "2.3.5.4-AIRGAP"
},
{
"status": "affected",
"version": "2.3.5.4-AIRGAP-MDNAC"
},
{
"status": "affected",
"version": "2.3.7.3"
},
{
"status": "affected",
"version": "2.3.7.3-AIRGAP"
},
{
"status": "affected",
"version": "2.3.7.3-AIRGAP-MDNAC"
},
{
"status": "affected",
"version": "2.3.5.5-AIRGAP"
},
{
"status": "affected",
"version": "2.3.5.5"
},
{
"status": "affected",
"version": "2.3.5.5-AIRGAP-MDNAC"
},
{
"status": "affected",
"version": "2.3.7.4"
},
{
"status": "affected",
"version": "2.3.7.4-AIRGAP"
},
{
"status": "affected",
"version": "2.3.7.4-AIRGAP-MDNAC"
},
{
"status": "affected",
"version": "1.0.0.0"
},
{
"status": "affected",
"version": "2.3.5.5-70026-HF70"
},
{
"status": "affected",
"version": "2.3.5.5-70026-HF51"
},
{
"status": "affected",
"version": "2.3.5.5-70026-HF52"
},
{
"status": "affected",
"version": "2.3.5.5-70026-HF53"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the SSH server of Cisco Catalyst Center, formerly Cisco DNA Center, could allow an unauthenticated, remote attacker to impersonate a Cisco Catalyst Center appliance.\r\n\r\nThis vulnerability is due to the presence of a static SSH host key. An attacker could exploit this vulnerability by performing a machine-in-the-middle attack on SSH connections, which could allow the attacker to intercept traffic between SSH clients and a Cisco Catalyst Center appliance. A successful exploit could allow the attacker to impersonate the affected appliance, inject commands into the terminal session, and steal valid user credentials."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-321",
"description": "Use of Hard-coded Cryptographic Key",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-25T16:19:15.162Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-dnac-ssh-e4uOdASj",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-dnac-ssh-e4uOdASj"
}
],
"source": {
"advisory": "cisco-sa-dnac-ssh-e4uOdASj",
"defects": [
"CSCwi40467"
],
"discovery": "INTERNAL"
},
"title": "Cisco Catalyst Center Static SSH Host Key Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2024-20350",
"datePublished": "2024-09-25T16:19:15.162Z",
"dateReserved": "2023-11-08T15:08:07.646Z",
"dateUpdated": "2024-09-27T03:55:13.779Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-20333 (GCVE-0-2024-20333)
Vulnerability from cvelistv5 – Published: 2024-03-27 16:43 – Updated: 2024-08-01 21:59
VLAI?
Summary
A vulnerability in the web-based management interface of Cisco Catalyst Center, formerly Cisco DNA Center, could allow an authenticated, remote attacker to change specific data within the interface on an affected device.
This vulnerability is due to insufficient authorization enforcement. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected device. A successful exploit could allow the attacker to change a specific field within the web-based management interface, even though they should not have access to change that field.
Severity ?
4.3 (Medium)
CWE
- CWE-285 - Improper Authorization
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Digital Network Architecture Center (DNA Center) |
Affected:
2.1.2.0
Affected: 2.1.2.3 Affected: 2.1.2.4 Affected: 2.1.2.5 Affected: 2.1.2.6 Affected: 2.1.2.7 Affected: 2.1.2.8 Affected: 2.2.2.3 Affected: 2.2.1.3 Affected: 2.2.2.4 Affected: 2.2.2.5 Affected: 2.2.2.8 Affected: 2.2.3.4 Affected: 2.2.3.3 Affected: 2.2.2.6 Affected: 2.2.3.5 Affected: 2.2.2.9 Affected: 2.2.3.6 Affected: 2.3.3.4 Affected: 2.3.3.5 Affected: 2.3.3.6 Affected: 2.3.3.7 Affected: 2.3.5.3 Affected: VA Launchpad 1.2.1 Affected: VA Launchpad 1.3.0 Affected: VA Launchpad 1.5.0 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-20333",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-03-27T19:47:40.981598Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:40:11.205Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T21:59:42.856Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "cisco-sa-ccc-authz-bypass-5EKchJRb",
"tags": [
"x_transferred"
],
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ccc-authz-bypass-5EKchJRb"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Cisco Digital Network Architecture Center (DNA Center)",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "2.1.2.0"
},
{
"status": "affected",
"version": "2.1.2.3"
},
{
"status": "affected",
"version": "2.1.2.4"
},
{
"status": "affected",
"version": "2.1.2.5"
},
{
"status": "affected",
"version": "2.1.2.6"
},
{
"status": "affected",
"version": "2.1.2.7"
},
{
"status": "affected",
"version": "2.1.2.8"
},
{
"status": "affected",
"version": "2.2.2.3"
},
{
"status": "affected",
"version": "2.2.1.3"
},
{
"status": "affected",
"version": "2.2.2.4"
},
{
"status": "affected",
"version": "2.2.2.5"
},
{
"status": "affected",
"version": "2.2.2.8"
},
{
"status": "affected",
"version": "2.2.3.4"
},
{
"status": "affected",
"version": "2.2.3.3"
},
{
"status": "affected",
"version": "2.2.2.6"
},
{
"status": "affected",
"version": "2.2.3.5"
},
{
"status": "affected",
"version": "2.2.2.9"
},
{
"status": "affected",
"version": "2.2.3.6"
},
{
"status": "affected",
"version": "2.3.3.4"
},
{
"status": "affected",
"version": "2.3.3.5"
},
{
"status": "affected",
"version": "2.3.3.6"
},
{
"status": "affected",
"version": "2.3.3.7"
},
{
"status": "affected",
"version": "2.3.5.3"
},
{
"status": "affected",
"version": "VA Launchpad 1.2.1"
},
{
"status": "affected",
"version": "VA Launchpad 1.3.0"
},
{
"status": "affected",
"version": "VA Launchpad 1.5.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based management interface of Cisco Catalyst Center, formerly Cisco DNA Center, could allow an authenticated, remote attacker to change specific data within the interface on an affected device.\r\n\r This vulnerability is due to insufficient authorization enforcement. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected device. A successful exploit could allow the attacker to change a specific field within the web-based management interface, even though they should not have access to change that field."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-285",
"description": "Improper Authorization",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-03-27T16:43:33.371Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-ccc-authz-bypass-5EKchJRb",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ccc-authz-bypass-5EKchJRb"
}
],
"source": {
"advisory": "cisco-sa-ccc-authz-bypass-5EKchJRb",
"defects": [
"CSCwd69988"
],
"discovery": "INTERNAL"
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2024-20333",
"datePublished": "2024-03-27T16:43:33.371Z",
"dateReserved": "2023-11-08T15:08:07.641Z",
"dateUpdated": "2024-08-01T21:59:42.856Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-20183 (GCVE-0-2023-20183)
Vulnerability from cvelistv5 – Published: 2023-05-18 00:00 – Updated: 2024-10-25 15:57
VLAI?
Summary
Multiple vulnerabilities in the API of Cisco DNA Center Software could allow an authenticated, remote attacker to read information from a restricted container, enumerate user information, or execute arbitrary commands in a restricted container as the root user. For more information about these vulnerabilities, see the Details section of this advisory.
Severity ?
5.4 (Medium)
CWE
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Digital Network Architecture Center (DNA Center) |
Affected:
n/a
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T09:05:35.013Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20230517 Cisco DNA Center Software API Vulnerabilities",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-dnac-multiple-kTQkGU3"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-20183",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-25T14:34:10.554079Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-25T15:57:09.240Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco Digital Network Architecture Center (DNA Center) ",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2023-05-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple vulnerabilities in the API of Cisco DNA Center Software could allow an authenticated, remote attacker to read information from a restricted container, enumerate user information, or execute arbitrary commands in a restricted container as the root user. For more information about these vulnerabilities, see the Details section of this advisory."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory. "
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-285",
"description": "CWE-285",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-05-18T00:00:00",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20230517 Cisco DNA Center Software API Vulnerabilities",
"tags": [
"vendor-advisory"
],
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-dnac-multiple-kTQkGU3"
}
],
"source": {
"advisory": "cisco-sa-dnac-multiple-kTQkGU3",
"defect": [
[
"CSCwd58359",
"CSCwd58450",
"CSCwd59863"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco DNA Center Software API Vulnerabilities"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2023-20183",
"datePublished": "2023-05-18T00:00:00",
"dateReserved": "2022-10-27T00:00:00",
"dateUpdated": "2024-10-25T15:57:09.240Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-20182 (GCVE-0-2023-20182)
Vulnerability from cvelistv5 – Published: 2023-05-18 00:00 – Updated: 2024-10-25 15:57
VLAI?
Summary
Multiple vulnerabilities in the API of Cisco DNA Center Software could allow an authenticated, remote attacker to read information from a restricted container, enumerate user information, or execute arbitrary commands in a restricted container as the root user. For more information about these vulnerabilities, see the Details section of this advisory.
Severity ?
5.4 (Medium)
CWE
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Digital Network Architecture Center (DNA Center) |
Affected:
n/a
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T09:05:35.868Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20230517 Cisco DNA Center Software API Vulnerabilities",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-dnac-multiple-kTQkGU3"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-20182",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-25T14:34:11.905248Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-25T15:57:16.899Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco Digital Network Architecture Center (DNA Center) ",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2023-05-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple vulnerabilities in the API of Cisco DNA Center Software could allow an authenticated, remote attacker to read information from a restricted container, enumerate user information, or execute arbitrary commands in a restricted container as the root user. For more information about these vulnerabilities, see the Details section of this advisory."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory. "
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-285",
"description": "CWE-285",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-05-18T00:00:00",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20230517 Cisco DNA Center Software API Vulnerabilities",
"tags": [
"vendor-advisory"
],
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-dnac-multiple-kTQkGU3"
}
],
"source": {
"advisory": "cisco-sa-dnac-multiple-kTQkGU3",
"defect": [
[
"CSCwd58359",
"CSCwd58450",
"CSCwd59863"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco DNA Center Software API Vulnerabilities"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2023-20182",
"datePublished": "2023-05-18T00:00:00",
"dateReserved": "2022-10-27T00:00:00",
"dateUpdated": "2024-10-25T15:57:16.899Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-20184 (GCVE-0-2023-20184)
Vulnerability from cvelistv5 – Published: 2023-05-18 00:00 – Updated: 2024-10-25 15:57
VLAI?
Summary
Multiple vulnerabilities in the API of Cisco DNA Center Software could allow an authenticated, remote attacker to read information from a restricted container, enumerate user information, or execute arbitrary commands in a restricted container as the root user. For more information about these vulnerabilities, see the Details section of this advisory.
Severity ?
5.4 (Medium)
CWE
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Digital Network Architecture Center (DNA Center) |
Affected:
n/a
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T09:05:36.718Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20230517 Cisco DNA Center Software API Vulnerabilities",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-dnac-multiple-kTQkGU3"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-20184",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-25T14:34:08.758472Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-25T15:57:01.471Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco Digital Network Architecture Center (DNA Center) ",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2023-05-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple vulnerabilities in the API of Cisco DNA Center Software could allow an authenticated, remote attacker to read information from a restricted container, enumerate user information, or execute arbitrary commands in a restricted container as the root user. For more information about these vulnerabilities, see the Details section of this advisory."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory. "
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-285",
"description": "CWE-285",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-05-18T00:00:00",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20230517 Cisco DNA Center Software API Vulnerabilities",
"tags": [
"vendor-advisory"
],
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-dnac-multiple-kTQkGU3"
}
],
"source": {
"advisory": "cisco-sa-dnac-multiple-kTQkGU3",
"defect": [
[
"CSCwd58359",
"CSCwd58450",
"CSCwd59863"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco DNA Center Software API Vulnerabilities"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2023-20184",
"datePublished": "2023-05-18T00:00:00",
"dateReserved": "2022-10-27T00:00:00",
"dateUpdated": "2024-10-25T15:57:01.471Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-20346 (GCVE-0-2025-20346)
Vulnerability from nvd – Published: 2025-11-13 16:27 – Updated: 2025-12-01 15:36
VLAI?
Summary
A vulnerability in Cisco Catalyst Center could allow an authenticated, remote attacker to execute operations that should require Administrator privileges. The attacker would need valid read-only user credentials.
This vulnerability is due to improper role-based access control (RBAC). An attacker could exploit this vulnerability by logging in to an affected system and modifying certain policy configurations. A successful exploit could allow the attacker to modify policy configurations that are reserved for the Administrator role. To exploit this vulnerability, the attacker must have valid credentials for a user account with at least the role of Observer.
Severity ?
4.3 (Medium)
CWE
- CWE-269 - Improper Privilege Management
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Digital Network Architecture Center (DNA Center) |
Affected:
2.1.1.0
Affected: 2.1.1.3 Affected: 2.1.2.0 Affected: 2.1.2.3 Affected: 2.1.2.5 Affected: 2.2.1.0 Affected: 2.1.2.6 Affected: 2.2.2.0 Affected: 2.2.2.3 Affected: 2.1.2.7 Affected: 2.2.1.3 Affected: 2.2.3.0 Affected: 2.2.2.4 Affected: 2.2.2.5 Affected: 2.2.3.3 Affected: 2.2.2.7 Affected: 2.2.2.6 Affected: 2.2.2.8 Affected: 2.2.3.4 Affected: 2.3.2.1 Affected: 2.3.2.1-AIRGAP Affected: 2.3.2.1-AIRGAP-CA Affected: 2.2.3.5 Affected: 2.3.3.3 Affected: 2.3.3.1-AIRGAP Affected: 2.3.3.1 Affected: 2.3.2.3 Affected: 2.3.3.3-AIRGAP Affected: 2.2.2.9 Affected: 2.3.3.0-AIRGAP Affected: 2.3.3.4 Affected: 2.3.3.4-AIRGAP Affected: 2.3.3.4-AIRGAP-MDNAC Affected: 2.3.3.5 Affected: 2.3.3.5-AIRGAP Affected: 2.3.4.0-AIRGAP Affected: 2.3.4.3 Affected: 2.3.4.3-AIRGAP Affected: 2.3.3.6 Affected: 2.3.3.6-AIRGAP Affected: 2.3.3.6-AIRGAP-MDNAC Affected: 2.3.5.0-AIRGAP-MDNAC Affected: VA Launchpad 1.0.3 Affected: VA Launchpad 1.0.4 Affected: 2.3.3.7 Affected: 2.3.3.7-AIRGAP Affected: 2.3.3.7-AIRGAP-MDNAC Affected: 2.3.6.0 Affected: 2.3.3.6-70045-HF1 Affected: VA Launchpad 1.2.1 Affected: 2.3.3.7-72328-AIRGAP Affected: 2.3.3.7-72323 Affected: 2.3.3.7-72328-MDNAC Affected: 2.3.5.3 Affected: 2.3.5.3-AIRGAP-MDNAC Affected: 2.3.5.3-AIRGAP Affected: 2.3.6.0-AIRGAP Affected: VA Launchpad 1.3.0 Affected: VA Launchpad 1.5.0 Affected: 2.3.7.0 Affected: 2.3.7.0-AIRGAP Affected: 2.3.7.0-AIRGAP-MDNAC Affected: 2.3.7.0-VA Affected: 2.3.5.4-AIRGAP Affected: 2.3.5.4-AIRGAP-MDNAC Affected: VA Launchpad 1.6.0 Affected: 2.3.7.3 Affected: 2.3.7.3-AIRGAP Affected: 2.3.7.3-AIRGAP-MDNAC Affected: VA Launchpad 1.7.0 Affected: 2.3.5.5-AIRGAP Affected: 2.3.5.5 Affected: 2.3.5.5-AIRGAP-MDNAC Affected: 2.3.7.4 Affected: 2.3.7.4-AIRGAP Affected: 2.3.7.5-AIRGAP Affected: VA Launchpad 1.9.0 Affected: 2.3.5.6-AIRGAP Affected: 2.3.5.6-AIRGAP-MDNAC Affected: 1.0.0.0 Affected: Cisco CCGM 1.0.0.0 Affected: 2.3.7.6-AIRGAP Affected: 2.3.7.6 Affected: 2.3.7.6-VA Affected: 2.3.5.5-70026-HF70 Affected: 2.3.5.5-70026-HF51 Affected: 2.3.5.6-70143-HF20 Affected: 2.3.7.6-AIRGAP-MDNAC Affected: 2.3.5.5-70026-HF53 Affected: 2.3.5.5-70026-HF71 Affected: 2.3.7.7 Affected: 2.3.7.7-VA Affected: 2.3.7.7-AIRGAP Affected: 2.3.7.7-AIRGAP-MDNAC Affected: 2.3.7.9-VA Affected: 2.3.7.9 Affected: 2.3.7.9-AIRGAP Affected: 2.3.7.9-AIRGAP-MDNAC Affected: Cisco CCGM 1.1.1 Affected: 2.3.7.9-70301-GSMU10 Affected: 2.3.7.9-70301-SMU1 Affected: 2.3.7.9-75403-SMU10 Affected: 2.3.7.9-75403-GSMU10 Affected: Cisco CCGM 1.2.1 Affected: 2.3.5.3-EULA Affected: 2.3.7.9.75403.10-VA Affected: 0.0.0.0 Affected: 1.16.54 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-20346",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-11-14T04:55:38.854695Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-12-01T15:36:40.791Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Cisco Digital Network Architecture Center (DNA Center)",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "2.1.1.0"
},
{
"status": "affected",
"version": "2.1.1.3"
},
{
"status": "affected",
"version": "2.1.2.0"
},
{
"status": "affected",
"version": "2.1.2.3"
},
{
"status": "affected",
"version": "2.1.2.5"
},
{
"status": "affected",
"version": "2.2.1.0"
},
{
"status": "affected",
"version": "2.1.2.6"
},
{
"status": "affected",
"version": "2.2.2.0"
},
{
"status": "affected",
"version": "2.2.2.3"
},
{
"status": "affected",
"version": "2.1.2.7"
},
{
"status": "affected",
"version": "2.2.1.3"
},
{
"status": "affected",
"version": "2.2.3.0"
},
{
"status": "affected",
"version": "2.2.2.4"
},
{
"status": "affected",
"version": "2.2.2.5"
},
{
"status": "affected",
"version": "2.2.3.3"
},
{
"status": "affected",
"version": "2.2.2.7"
},
{
"status": "affected",
"version": "2.2.2.6"
},
{
"status": "affected",
"version": "2.2.2.8"
},
{
"status": "affected",
"version": "2.2.3.4"
},
{
"status": "affected",
"version": "2.3.2.1"
},
{
"status": "affected",
"version": "2.3.2.1-AIRGAP"
},
{
"status": "affected",
"version": "2.3.2.1-AIRGAP-CA"
},
{
"status": "affected",
"version": "2.2.3.5"
},
{
"status": "affected",
"version": "2.3.3.3"
},
{
"status": "affected",
"version": "2.3.3.1-AIRGAP"
},
{
"status": "affected",
"version": "2.3.3.1"
},
{
"status": "affected",
"version": "2.3.2.3"
},
{
"status": "affected",
"version": "2.3.3.3-AIRGAP"
},
{
"status": "affected",
"version": "2.2.2.9"
},
{
"status": "affected",
"version": "2.3.3.0-AIRGAP"
},
{
"status": "affected",
"version": "2.3.3.4"
},
{
"status": "affected",
"version": "2.3.3.4-AIRGAP"
},
{
"status": "affected",
"version": "2.3.3.4-AIRGAP-MDNAC"
},
{
"status": "affected",
"version": "2.3.3.5"
},
{
"status": "affected",
"version": "2.3.3.5-AIRGAP"
},
{
"status": "affected",
"version": "2.3.4.0-AIRGAP"
},
{
"status": "affected",
"version": "2.3.4.3"
},
{
"status": "affected",
"version": "2.3.4.3-AIRGAP"
},
{
"status": "affected",
"version": "2.3.3.6"
},
{
"status": "affected",
"version": "2.3.3.6-AIRGAP"
},
{
"status": "affected",
"version": "2.3.3.6-AIRGAP-MDNAC"
},
{
"status": "affected",
"version": "2.3.5.0-AIRGAP-MDNAC"
},
{
"status": "affected",
"version": "VA Launchpad 1.0.3"
},
{
"status": "affected",
"version": "VA Launchpad 1.0.4"
},
{
"status": "affected",
"version": "2.3.3.7"
},
{
"status": "affected",
"version": "2.3.3.7-AIRGAP"
},
{
"status": "affected",
"version": "2.3.3.7-AIRGAP-MDNAC"
},
{
"status": "affected",
"version": "2.3.6.0"
},
{
"status": "affected",
"version": "2.3.3.6-70045-HF1"
},
{
"status": "affected",
"version": "VA Launchpad 1.2.1"
},
{
"status": "affected",
"version": "2.3.3.7-72328-AIRGAP"
},
{
"status": "affected",
"version": "2.3.3.7-72323"
},
{
"status": "affected",
"version": "2.3.3.7-72328-MDNAC"
},
{
"status": "affected",
"version": "2.3.5.3"
},
{
"status": "affected",
"version": "2.3.5.3-AIRGAP-MDNAC"
},
{
"status": "affected",
"version": "2.3.5.3-AIRGAP"
},
{
"status": "affected",
"version": "2.3.6.0-AIRGAP"
},
{
"status": "affected",
"version": "VA Launchpad 1.3.0"
},
{
"status": "affected",
"version": "VA Launchpad 1.5.0"
},
{
"status": "affected",
"version": "2.3.7.0"
},
{
"status": "affected",
"version": "2.3.7.0-AIRGAP"
},
{
"status": "affected",
"version": "2.3.7.0-AIRGAP-MDNAC"
},
{
"status": "affected",
"version": "2.3.7.0-VA"
},
{
"status": "affected",
"version": "2.3.5.4-AIRGAP"
},
{
"status": "affected",
"version": "2.3.5.4-AIRGAP-MDNAC"
},
{
"status": "affected",
"version": "VA Launchpad 1.6.0"
},
{
"status": "affected",
"version": "2.3.7.3"
},
{
"status": "affected",
"version": "2.3.7.3-AIRGAP"
},
{
"status": "affected",
"version": "2.3.7.3-AIRGAP-MDNAC"
},
{
"status": "affected",
"version": "VA Launchpad 1.7.0"
},
{
"status": "affected",
"version": "2.3.5.5-AIRGAP"
},
{
"status": "affected",
"version": "2.3.5.5"
},
{
"status": "affected",
"version": "2.3.5.5-AIRGAP-MDNAC"
},
{
"status": "affected",
"version": "2.3.7.4"
},
{
"status": "affected",
"version": "2.3.7.4-AIRGAP"
},
{
"status": "affected",
"version": "2.3.7.5-AIRGAP"
},
{
"status": "affected",
"version": "VA Launchpad 1.9.0"
},
{
"status": "affected",
"version": "2.3.5.6-AIRGAP"
},
{
"status": "affected",
"version": "2.3.5.6-AIRGAP-MDNAC"
},
{
"status": "affected",
"version": "1.0.0.0"
},
{
"status": "affected",
"version": "Cisco CCGM 1.0.0.0"
},
{
"status": "affected",
"version": "2.3.7.6-AIRGAP"
},
{
"status": "affected",
"version": "2.3.7.6"
},
{
"status": "affected",
"version": "2.3.7.6-VA"
},
{
"status": "affected",
"version": "2.3.5.5-70026-HF70"
},
{
"status": "affected",
"version": "2.3.5.5-70026-HF51"
},
{
"status": "affected",
"version": "2.3.5.6-70143-HF20"
},
{
"status": "affected",
"version": "2.3.7.6-AIRGAP-MDNAC"
},
{
"status": "affected",
"version": "2.3.5.5-70026-HF53"
},
{
"status": "affected",
"version": "2.3.5.5-70026-HF71"
},
{
"status": "affected",
"version": "2.3.7.7"
},
{
"status": "affected",
"version": "2.3.7.7-VA"
},
{
"status": "affected",
"version": "2.3.7.7-AIRGAP"
},
{
"status": "affected",
"version": "2.3.7.7-AIRGAP-MDNAC"
},
{
"status": "affected",
"version": "2.3.7.9-VA"
},
{
"status": "affected",
"version": "2.3.7.9"
},
{
"status": "affected",
"version": "2.3.7.9-AIRGAP"
},
{
"status": "affected",
"version": "2.3.7.9-AIRGAP-MDNAC"
},
{
"status": "affected",
"version": "Cisco CCGM 1.1.1"
},
{
"status": "affected",
"version": "2.3.7.9-70301-GSMU10"
},
{
"status": "affected",
"version": "2.3.7.9-70301-SMU1"
},
{
"status": "affected",
"version": "2.3.7.9-75403-SMU10"
},
{
"status": "affected",
"version": "2.3.7.9-75403-GSMU10"
},
{
"status": "affected",
"version": "Cisco CCGM 1.2.1"
},
{
"status": "affected",
"version": "2.3.5.3-EULA"
},
{
"status": "affected",
"version": "2.3.7.9.75403.10-VA"
},
{
"status": "affected",
"version": "0.0.0.0"
},
{
"status": "affected",
"version": "1.16.54"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in Cisco Catalyst Center could allow an authenticated, remote attacker to execute operations that should require Administrator privileges. The attacker would need valid read-only user credentials.\r\n\r\nThis vulnerability is due to improper role-based access control (RBAC). An attacker could exploit this vulnerability by logging in to an affected system and modifying certain policy configurations. A successful exploit could allow the attacker to modify policy configurations that are reserved for the Administrator role. To exploit this vulnerability, the attacker must have valid credentials for a user account with at least the role of Observer."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-269",
"description": "Improper Privilege Management",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-13T16:27:30.871Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-privesc-catc-rYjReeLU",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-privesc-catc-rYjReeLU"
}
],
"source": {
"advisory": "cisco-sa-privesc-catc-rYjReeLU",
"defects": [
"CSCwo05088"
],
"discovery": "INTERNAL"
},
"title": "Cisco Catalyst Center Privilege Escalation Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2025-20346",
"datePublished": "2025-11-13T16:27:30.871Z",
"dateReserved": "2024-10-10T19:15:13.256Z",
"dateUpdated": "2025-12-01T15:36:40.791Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-20353 (GCVE-0-2025-20353)
Vulnerability from nvd – Published: 2025-11-13 16:18 – Updated: 2025-11-13 17:11
VLAI?
Summary
A vulnerability in the web-based management interface of Cisco Catalyst Center could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface of an affected device.
This vulnerability is due to insufficient validation of user input. An attacker could exploit this vulnerability by persuading a user of the web-based management interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information.
Severity ?
6.1 (Medium)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Digital Network Architecture Center (DNA Center) |
Affected:
2.1.1.0
Affected: 2.1.1.3 Affected: 2.1.2.0 Affected: 2.1.2.3 Affected: 2.1.2.4 Affected: 2.1.2.5 Affected: 2.2.1.0 Affected: 2.1.2.6 Affected: 2.2.2.0 Affected: 2.2.2.1 Affected: 2.2.2.3 Affected: 2.1.2.7 Affected: 2.2.1.3 Affected: 2.2.3.0 Affected: 2.2.2.4 Affected: 2.2.2.5 Affected: 2.2.3.3 Affected: 2.2.2.7 Affected: 2.2.2.6 Affected: 2.2.2.8 Affected: 2.2.3.4 Affected: 2.1.2.8 Affected: 2.3.2.1 Affected: 2.3.2.1-AIRGAP Affected: 2.3.2.1-AIRGAP-CA Affected: 2.2.3.5 Affected: 2.3.3.0 Affected: 2.3.3.3 Affected: 2.3.3.1-AIRGAP Affected: 2.3.3.1 Affected: 2.3.2.3 Affected: 2.3.3.3-AIRGAP Affected: 2.2.3.6 Affected: 2.2.2.9 Affected: 2.3.3.0-AIRGAP Affected: 2.3.3.3-AIRGAP-CA Affected: 2.3.3.4 Affected: 2.3.3.4-AIRGAP Affected: 2.3.3.4-AIRGAP-MDNAC Affected: 2.3.3.4-HF1 Affected: 2.3.4.0 Affected: 2.3.3.5 Affected: 2.3.3.5-AIRGAP Affected: 2.3.4.0-AIRGAP Affected: 2.3.4.3 Affected: 2.3.4.3-AIRGAP Affected: 2.3.3.6 Affected: 2.3.5.0 Affected: 2.3.3.6-AIRGAP Affected: 2.3.5.0-AIRGAP Affected: 2.3.3.6-AIRGAP-MDNAC Affected: 2.3.5.0-AIRGAP-MDNAC Affected: 2.3.3.7 Affected: 2.3.3.7-AIRGAP Affected: 2.3.3.7-AIRGAP-MDNAC Affected: 2.3.6.0 Affected: 2.3.3.6-70045-HF1 Affected: 2.3.3.7-72328-AIRGAP Affected: 2.3.3.7-72323 Affected: 2.3.3.7-72328-MDNAC Affected: 2.3.5.3 Affected: 2.3.5.3-AIRGAP-MDNAC Affected: 2.3.5.3-AIRGAP Affected: 2.3.6.0-AIRGAP Affected: 2.3.7.0 Affected: 2.3.7.0-AIRGAP Affected: 2.3.7.0-AIRGAP-MDNAC Affected: 2.3.5.4 Affected: 2.3.5.4-AIRGAP Affected: 2.3.5.4-AIRGAP-MDNAC Affected: 2.3.7.3 Affected: 2.3.7.3-AIRGAP Affected: 2.3.7.3-AIRGAP-MDNAC Affected: 2.3.5.5-AIRGAP Affected: 2.3.5.5 Affected: 2.3.5.5-AIRGAP-MDNAC Affected: 2.3.7.4 Affected: 2.3.7.4-AIRGAP Affected: 2.3.7.4-AIRGAP-MDNAC Affected: 2.3.7.5-AIRGAP Affected: 2.3.5.6-AIRGAP Affected: 2.3.5.6 Affected: 2.3.5.6-AIRGAP-MDNAC Affected: 2.3.7.6-AIRGAP Affected: 2.3.7.6 Affected: 2.3.5.5-70026-HF70 Affected: 2.3.5.5-70026-HF51 Affected: 2.3.5.6-70143-HF20 Affected: 2.3.7.6-AIRGAP-MDNAC Affected: 2.3.5.5-70026-HF52 Affected: 2.3.5.5-70026-HF53 Affected: 2.3.5.5-70026-HF71 Affected: 2.3.7.7 Affected: 2.3.7.7-AIRGAP Affected: 2.3.7.7-AIRGAP-MDNAC Affected: 2.3.5.5-70026-HF72 Affected: 2.3.7.9 Affected: 2.3.7.9-AIRGAP Affected: 2.3.7.9-AIRGAP-MDNAC Affected: 2.3.7.9-70301-GSMU10 Affected: 2.3.7.9-70301-SMU1 Affected: 2.3.7.9-75403-SMU10 Affected: 2.3.7.9-75403-GSMU10 Affected: 2.3.5.3-EULA |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-20353",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-11-13T17:11:03.069694Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-11-13T17:11:16.452Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Cisco Digital Network Architecture Center (DNA Center)",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "2.1.1.0"
},
{
"status": "affected",
"version": "2.1.1.3"
},
{
"status": "affected",
"version": "2.1.2.0"
},
{
"status": "affected",
"version": "2.1.2.3"
},
{
"status": "affected",
"version": "2.1.2.4"
},
{
"status": "affected",
"version": "2.1.2.5"
},
{
"status": "affected",
"version": "2.2.1.0"
},
{
"status": "affected",
"version": "2.1.2.6"
},
{
"status": "affected",
"version": "2.2.2.0"
},
{
"status": "affected",
"version": "2.2.2.1"
},
{
"status": "affected",
"version": "2.2.2.3"
},
{
"status": "affected",
"version": "2.1.2.7"
},
{
"status": "affected",
"version": "2.2.1.3"
},
{
"status": "affected",
"version": "2.2.3.0"
},
{
"status": "affected",
"version": "2.2.2.4"
},
{
"status": "affected",
"version": "2.2.2.5"
},
{
"status": "affected",
"version": "2.2.3.3"
},
{
"status": "affected",
"version": "2.2.2.7"
},
{
"status": "affected",
"version": "2.2.2.6"
},
{
"status": "affected",
"version": "2.2.2.8"
},
{
"status": "affected",
"version": "2.2.3.4"
},
{
"status": "affected",
"version": "2.1.2.8"
},
{
"status": "affected",
"version": "2.3.2.1"
},
{
"status": "affected",
"version": "2.3.2.1-AIRGAP"
},
{
"status": "affected",
"version": "2.3.2.1-AIRGAP-CA"
},
{
"status": "affected",
"version": "2.2.3.5"
},
{
"status": "affected",
"version": "2.3.3.0"
},
{
"status": "affected",
"version": "2.3.3.3"
},
{
"status": "affected",
"version": "2.3.3.1-AIRGAP"
},
{
"status": "affected",
"version": "2.3.3.1"
},
{
"status": "affected",
"version": "2.3.2.3"
},
{
"status": "affected",
"version": "2.3.3.3-AIRGAP"
},
{
"status": "affected",
"version": "2.2.3.6"
},
{
"status": "affected",
"version": "2.2.2.9"
},
{
"status": "affected",
"version": "2.3.3.0-AIRGAP"
},
{
"status": "affected",
"version": "2.3.3.3-AIRGAP-CA"
},
{
"status": "affected",
"version": "2.3.3.4"
},
{
"status": "affected",
"version": "2.3.3.4-AIRGAP"
},
{
"status": "affected",
"version": "2.3.3.4-AIRGAP-MDNAC"
},
{
"status": "affected",
"version": "2.3.3.4-HF1"
},
{
"status": "affected",
"version": "2.3.4.0"
},
{
"status": "affected",
"version": "2.3.3.5"
},
{
"status": "affected",
"version": "2.3.3.5-AIRGAP"
},
{
"status": "affected",
"version": "2.3.4.0-AIRGAP"
},
{
"status": "affected",
"version": "2.3.4.3"
},
{
"status": "affected",
"version": "2.3.4.3-AIRGAP"
},
{
"status": "affected",
"version": "2.3.3.6"
},
{
"status": "affected",
"version": "2.3.5.0"
},
{
"status": "affected",
"version": "2.3.3.6-AIRGAP"
},
{
"status": "affected",
"version": "2.3.5.0-AIRGAP"
},
{
"status": "affected",
"version": "2.3.3.6-AIRGAP-MDNAC"
},
{
"status": "affected",
"version": "2.3.5.0-AIRGAP-MDNAC"
},
{
"status": "affected",
"version": "2.3.3.7"
},
{
"status": "affected",
"version": "2.3.3.7-AIRGAP"
},
{
"status": "affected",
"version": "2.3.3.7-AIRGAP-MDNAC"
},
{
"status": "affected",
"version": "2.3.6.0"
},
{
"status": "affected",
"version": "2.3.3.6-70045-HF1"
},
{
"status": "affected",
"version": "2.3.3.7-72328-AIRGAP"
},
{
"status": "affected",
"version": "2.3.3.7-72323"
},
{
"status": "affected",
"version": "2.3.3.7-72328-MDNAC"
},
{
"status": "affected",
"version": "2.3.5.3"
},
{
"status": "affected",
"version": "2.3.5.3-AIRGAP-MDNAC"
},
{
"status": "affected",
"version": "2.3.5.3-AIRGAP"
},
{
"status": "affected",
"version": "2.3.6.0-AIRGAP"
},
{
"status": "affected",
"version": "2.3.7.0"
},
{
"status": "affected",
"version": "2.3.7.0-AIRGAP"
},
{
"status": "affected",
"version": "2.3.7.0-AIRGAP-MDNAC"
},
{
"status": "affected",
"version": "2.3.5.4"
},
{
"status": "affected",
"version": "2.3.5.4-AIRGAP"
},
{
"status": "affected",
"version": "2.3.5.4-AIRGAP-MDNAC"
},
{
"status": "affected",
"version": "2.3.7.3"
},
{
"status": "affected",
"version": "2.3.7.3-AIRGAP"
},
{
"status": "affected",
"version": "2.3.7.3-AIRGAP-MDNAC"
},
{
"status": "affected",
"version": "2.3.5.5-AIRGAP"
},
{
"status": "affected",
"version": "2.3.5.5"
},
{
"status": "affected",
"version": "2.3.5.5-AIRGAP-MDNAC"
},
{
"status": "affected",
"version": "2.3.7.4"
},
{
"status": "affected",
"version": "2.3.7.4-AIRGAP"
},
{
"status": "affected",
"version": "2.3.7.4-AIRGAP-MDNAC"
},
{
"status": "affected",
"version": "2.3.7.5-AIRGAP"
},
{
"status": "affected",
"version": "2.3.5.6-AIRGAP"
},
{
"status": "affected",
"version": "2.3.5.6"
},
{
"status": "affected",
"version": "2.3.5.6-AIRGAP-MDNAC"
},
{
"status": "affected",
"version": "2.3.7.6-AIRGAP"
},
{
"status": "affected",
"version": "2.3.7.6"
},
{
"status": "affected",
"version": "2.3.5.5-70026-HF70"
},
{
"status": "affected",
"version": "2.3.5.5-70026-HF51"
},
{
"status": "affected",
"version": "2.3.5.6-70143-HF20"
},
{
"status": "affected",
"version": "2.3.7.6-AIRGAP-MDNAC"
},
{
"status": "affected",
"version": "2.3.5.5-70026-HF52"
},
{
"status": "affected",
"version": "2.3.5.5-70026-HF53"
},
{
"status": "affected",
"version": "2.3.5.5-70026-HF71"
},
{
"status": "affected",
"version": "2.3.7.7"
},
{
"status": "affected",
"version": "2.3.7.7-AIRGAP"
},
{
"status": "affected",
"version": "2.3.7.7-AIRGAP-MDNAC"
},
{
"status": "affected",
"version": "2.3.5.5-70026-HF72"
},
{
"status": "affected",
"version": "2.3.7.9"
},
{
"status": "affected",
"version": "2.3.7.9-AIRGAP"
},
{
"status": "affected",
"version": "2.3.7.9-AIRGAP-MDNAC"
},
{
"status": "affected",
"version": "2.3.7.9-70301-GSMU10"
},
{
"status": "affected",
"version": "2.3.7.9-70301-SMU1"
},
{
"status": "affected",
"version": "2.3.7.9-75403-SMU10"
},
{
"status": "affected",
"version": "2.3.7.9-75403-GSMU10"
},
{
"status": "affected",
"version": "2.3.5.3-EULA"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based management interface of Cisco Catalyst Center could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface of an affected device.\r\n\r\nThis vulnerability is due to insufficient validation of user input. An attacker could exploit this vulnerability by persuading a user of the web-based management interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-13T16:27:42.137Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-dnac-xss-weXtVZ59",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-dnac-xss-weXtVZ59"
}
],
"source": {
"advisory": "cisco-sa-dnac-xss-weXtVZ59",
"defects": [
"CSCwn51440"
],
"discovery": "INTERNAL"
},
"title": "Cisco Catalyst Center Cross-Site Scripting Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2025-20353",
"datePublished": "2025-11-13T16:18:12.708Z",
"dateReserved": "2024-10-10T19:15:13.257Z",
"dateUpdated": "2025-11-13T17:11:16.452Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-20349 (GCVE-0-2025-20349)
Vulnerability from nvd – Published: 2025-11-13 16:18 – Updated: 2025-11-14 04:55
VLAI?
Summary
A vulnerability in the REST API of Cisco Catalyst Center could allow an authenticated, remote attacker to execute arbitrary commands in a restricted container as the root user.
This vulnerability is due to insufficient validation of user-supplied input in REST API request parameters. An attacker could exploit this vulnerability by sending a crafted API request to an affected device. A successful exploit could allow the attacker to inject arbitrary commands that would then be executed in a restricted container with root privileges. To exploit this vulnerability, the attacker must have valid credentials for a user account with at least the role of Observer.
Severity ?
6.3 (Medium)
CWE
- CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Digital Network Architecture Center (DNA Center) |
Affected:
1.4.0.0
Affected: 2.1.1.0 Affected: 2.1.1.3 Affected: 2.1.2.0 Affected: 2.1.2.3 Affected: 2.1.2.4 Affected: 2.1.2.5 Affected: 2.2.1.0 Affected: 2.1.2.6 Affected: 2.2.2.0 Affected: 2.2.2.1 Affected: 2.2.2.3 Affected: 2.1.2.7 Affected: 2.2.1.3 Affected: 2.2.3.0 Affected: 2.2.2.4 Affected: 2.2.2.5 Affected: 2.2.3.3 Affected: 2.2.2.7 Affected: 2.2.2.6 Affected: 2.2.2.8 Affected: 2.2.3.4 Affected: 2.1.2.8 Affected: 2.3.2.1 Affected: 2.3.2.1-AIRGAP Affected: 2.3.2.1-AIRGAP-CA Affected: 2.2.3.5 Affected: 2.3.3.0 Affected: 2.3.3.3 Affected: 2.3.3.1-AIRGAP Affected: 2.3.3.1 Affected: 2.3.2.3 Affected: 2.3.3.3-AIRGAP Affected: 2.2.3.6 Affected: 2.2.2.9 Affected: 2.3.3.0-AIRGAP Affected: 2.3.3.3-AIRGAP-CA Affected: 2.3.3.4 Affected: 2.3.3.4-AIRGAP Affected: 2.3.3.4-AIRGAP-MDNAC Affected: 2.3.3.4-HF1 Affected: 2.3.4.0 Affected: 2.3.3.5 Affected: 2.3.3.5-AIRGAP Affected: 2.3.4.0-AIRGAP Affected: 2.3.4.3 Affected: 2.3.4.3-AIRGAP Affected: 2.3.3.6 Affected: 2.3.5.0 Affected: 2.3.3.6-AIRGAP Affected: 2.3.5.0-AIRGAP Affected: 2.3.3.6-AIRGAP-MDNAC Affected: 2.3.5.0-AIRGAP-MDNAC Affected: 2.3.3.7 Affected: 2.3.3.7-AIRGAP Affected: 2.3.3.7-AIRGAP-MDNAC Affected: 2.3.6.0 Affected: 2.3.3.6-70045-HF1 Affected: 2.3.3.7-72328-AIRGAP Affected: 2.3.3.7-72323 Affected: 2.3.3.7-72328-MDNAC Affected: 2.3.5.3 Affected: 2.3.5.3-AIRGAP-MDNAC Affected: 2.3.5.3-AIRGAP Affected: 2.3.6.0-AIRGAP Affected: 2.3.7.0 Affected: 2.3.7.0-AIRGAP Affected: 2.3.7.0-AIRGAP-MDNAC Affected: 2.3.7.0-VA Affected: 2.3.5.4 Affected: 2.3.5.4-AIRGAP Affected: 2.3.5.4-AIRGAP-MDNAC Affected: 2.3.7.3 Affected: 2.3.7.3-AIRGAP Affected: 2.3.7.3-AIRGAP-MDNAC Affected: 2.3.5.5-AIRGAP Affected: 2.3.5.5 Affected: 2.3.5.5-AIRGAP-MDNAC Affected: 2.3.7.4 Affected: 2.3.7.4-AIRGAP Affected: 2.3.7.4-AIRGAP-MDNAC Affected: 2.3.7.5-AIRGAP Affected: 2.3.7.5-VA Affected: 2.3.5.6-AIRGAP Affected: 2.3.5.6 Affected: 2.3.5.6-AIRGAP-MDNAC Affected: 1.0.0.0 Affected: 2.3.7.6-AIRGAP Affected: 2.3.7.6 Affected: 2.3.7.6-VA Affected: 2.3.5.5-70026-HF70 Affected: 2.3.5.5-70026-HF51 Affected: 2.3.5.6-70143-HF20 Affected: 2.3.7.6-AIRGAP-MDNAC Affected: 2.3.5.5-70026-HF52 Affected: 2.3.5.5-70026-HF53 Affected: 2.3.5.5-70026-HF71 Affected: 2.3.7.7 Affected: 2.3.7.7-VA Affected: 2.3.7.7-AIRGAP Affected: 2.3.7.7-AIRGAP-MDNAC Affected: 2.3.5.5-70026-HF72 Affected: 2.3.7.9-VA Affected: 2.3.7.9 Affected: 2.3.7.9-AIRGAP Affected: 2.3.7.9-AIRGAP-MDNAC Affected: 2.3.7.9-70301-SMU1 Affected: 2.3.5.3-EULA Affected: 0.0.0.0 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-20349",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-11-13T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-11-14T04:55:36.331Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Cisco Digital Network Architecture Center (DNA Center)",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "1.4.0.0"
},
{
"status": "affected",
"version": "2.1.1.0"
},
{
"status": "affected",
"version": "2.1.1.3"
},
{
"status": "affected",
"version": "2.1.2.0"
},
{
"status": "affected",
"version": "2.1.2.3"
},
{
"status": "affected",
"version": "2.1.2.4"
},
{
"status": "affected",
"version": "2.1.2.5"
},
{
"status": "affected",
"version": "2.2.1.0"
},
{
"status": "affected",
"version": "2.1.2.6"
},
{
"status": "affected",
"version": "2.2.2.0"
},
{
"status": "affected",
"version": "2.2.2.1"
},
{
"status": "affected",
"version": "2.2.2.3"
},
{
"status": "affected",
"version": "2.1.2.7"
},
{
"status": "affected",
"version": "2.2.1.3"
},
{
"status": "affected",
"version": "2.2.3.0"
},
{
"status": "affected",
"version": "2.2.2.4"
},
{
"status": "affected",
"version": "2.2.2.5"
},
{
"status": "affected",
"version": "2.2.3.3"
},
{
"status": "affected",
"version": "2.2.2.7"
},
{
"status": "affected",
"version": "2.2.2.6"
},
{
"status": "affected",
"version": "2.2.2.8"
},
{
"status": "affected",
"version": "2.2.3.4"
},
{
"status": "affected",
"version": "2.1.2.8"
},
{
"status": "affected",
"version": "2.3.2.1"
},
{
"status": "affected",
"version": "2.3.2.1-AIRGAP"
},
{
"status": "affected",
"version": "2.3.2.1-AIRGAP-CA"
},
{
"status": "affected",
"version": "2.2.3.5"
},
{
"status": "affected",
"version": "2.3.3.0"
},
{
"status": "affected",
"version": "2.3.3.3"
},
{
"status": "affected",
"version": "2.3.3.1-AIRGAP"
},
{
"status": "affected",
"version": "2.3.3.1"
},
{
"status": "affected",
"version": "2.3.2.3"
},
{
"status": "affected",
"version": "2.3.3.3-AIRGAP"
},
{
"status": "affected",
"version": "2.2.3.6"
},
{
"status": "affected",
"version": "2.2.2.9"
},
{
"status": "affected",
"version": "2.3.3.0-AIRGAP"
},
{
"status": "affected",
"version": "2.3.3.3-AIRGAP-CA"
},
{
"status": "affected",
"version": "2.3.3.4"
},
{
"status": "affected",
"version": "2.3.3.4-AIRGAP"
},
{
"status": "affected",
"version": "2.3.3.4-AIRGAP-MDNAC"
},
{
"status": "affected",
"version": "2.3.3.4-HF1"
},
{
"status": "affected",
"version": "2.3.4.0"
},
{
"status": "affected",
"version": "2.3.3.5"
},
{
"status": "affected",
"version": "2.3.3.5-AIRGAP"
},
{
"status": "affected",
"version": "2.3.4.0-AIRGAP"
},
{
"status": "affected",
"version": "2.3.4.3"
},
{
"status": "affected",
"version": "2.3.4.3-AIRGAP"
},
{
"status": "affected",
"version": "2.3.3.6"
},
{
"status": "affected",
"version": "2.3.5.0"
},
{
"status": "affected",
"version": "2.3.3.6-AIRGAP"
},
{
"status": "affected",
"version": "2.3.5.0-AIRGAP"
},
{
"status": "affected",
"version": "2.3.3.6-AIRGAP-MDNAC"
},
{
"status": "affected",
"version": "2.3.5.0-AIRGAP-MDNAC"
},
{
"status": "affected",
"version": "2.3.3.7"
},
{
"status": "affected",
"version": "2.3.3.7-AIRGAP"
},
{
"status": "affected",
"version": "2.3.3.7-AIRGAP-MDNAC"
},
{
"status": "affected",
"version": "2.3.6.0"
},
{
"status": "affected",
"version": "2.3.3.6-70045-HF1"
},
{
"status": "affected",
"version": "2.3.3.7-72328-AIRGAP"
},
{
"status": "affected",
"version": "2.3.3.7-72323"
},
{
"status": "affected",
"version": "2.3.3.7-72328-MDNAC"
},
{
"status": "affected",
"version": "2.3.5.3"
},
{
"status": "affected",
"version": "2.3.5.3-AIRGAP-MDNAC"
},
{
"status": "affected",
"version": "2.3.5.3-AIRGAP"
},
{
"status": "affected",
"version": "2.3.6.0-AIRGAP"
},
{
"status": "affected",
"version": "2.3.7.0"
},
{
"status": "affected",
"version": "2.3.7.0-AIRGAP"
},
{
"status": "affected",
"version": "2.3.7.0-AIRGAP-MDNAC"
},
{
"status": "affected",
"version": "2.3.7.0-VA"
},
{
"status": "affected",
"version": "2.3.5.4"
},
{
"status": "affected",
"version": "2.3.5.4-AIRGAP"
},
{
"status": "affected",
"version": "2.3.5.4-AIRGAP-MDNAC"
},
{
"status": "affected",
"version": "2.3.7.3"
},
{
"status": "affected",
"version": "2.3.7.3-AIRGAP"
},
{
"status": "affected",
"version": "2.3.7.3-AIRGAP-MDNAC"
},
{
"status": "affected",
"version": "2.3.5.5-AIRGAP"
},
{
"status": "affected",
"version": "2.3.5.5"
},
{
"status": "affected",
"version": "2.3.5.5-AIRGAP-MDNAC"
},
{
"status": "affected",
"version": "2.3.7.4"
},
{
"status": "affected",
"version": "2.3.7.4-AIRGAP"
},
{
"status": "affected",
"version": "2.3.7.4-AIRGAP-MDNAC"
},
{
"status": "affected",
"version": "2.3.7.5-AIRGAP"
},
{
"status": "affected",
"version": "2.3.7.5-VA"
},
{
"status": "affected",
"version": "2.3.5.6-AIRGAP"
},
{
"status": "affected",
"version": "2.3.5.6"
},
{
"status": "affected",
"version": "2.3.5.6-AIRGAP-MDNAC"
},
{
"status": "affected",
"version": "1.0.0.0"
},
{
"status": "affected",
"version": "2.3.7.6-AIRGAP"
},
{
"status": "affected",
"version": "2.3.7.6"
},
{
"status": "affected",
"version": "2.3.7.6-VA"
},
{
"status": "affected",
"version": "2.3.5.5-70026-HF70"
},
{
"status": "affected",
"version": "2.3.5.5-70026-HF51"
},
{
"status": "affected",
"version": "2.3.5.6-70143-HF20"
},
{
"status": "affected",
"version": "2.3.7.6-AIRGAP-MDNAC"
},
{
"status": "affected",
"version": "2.3.5.5-70026-HF52"
},
{
"status": "affected",
"version": "2.3.5.5-70026-HF53"
},
{
"status": "affected",
"version": "2.3.5.5-70026-HF71"
},
{
"status": "affected",
"version": "2.3.7.7"
},
{
"status": "affected",
"version": "2.3.7.7-VA"
},
{
"status": "affected",
"version": "2.3.7.7-AIRGAP"
},
{
"status": "affected",
"version": "2.3.7.7-AIRGAP-MDNAC"
},
{
"status": "affected",
"version": "2.3.5.5-70026-HF72"
},
{
"status": "affected",
"version": "2.3.7.9-VA"
},
{
"status": "affected",
"version": "2.3.7.9"
},
{
"status": "affected",
"version": "2.3.7.9-AIRGAP"
},
{
"status": "affected",
"version": "2.3.7.9-AIRGAP-MDNAC"
},
{
"status": "affected",
"version": "2.3.7.9-70301-SMU1"
},
{
"status": "affected",
"version": "2.3.5.3-EULA"
},
{
"status": "affected",
"version": "0.0.0.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the REST API of Cisco Catalyst Center could allow an authenticated, remote attacker to execute arbitrary commands in a restricted container as the root user.\r\n\r\nThis vulnerability is due to insufficient validation of user-supplied input in REST API request parameters. An attacker could exploit this vulnerability by sending a crafted API request to an affected device. A successful exploit could allow the attacker to inject arbitrary commands that would then be executed in a restricted container with root privileges. To exploit this vulnerability, the attacker must have valid credentials for a user account with at least the role of Observer."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-13T16:27:31.359Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-dnac-ci-ZWLQVSwT",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-dnac-ci-ZWLQVSwT"
}
],
"source": {
"advisory": "cisco-sa-dnac-ci-ZWLQVSwT",
"defects": [
"CSCwo77762"
],
"discovery": "INTERNAL"
},
"title": "Cisco DNA Center API Command Injection Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2025-20349",
"datePublished": "2025-11-13T16:18:03.689Z",
"dateReserved": "2024-10-10T19:15:13.257Z",
"dateUpdated": "2025-11-14T04:55:36.331Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-20223 (GCVE-0-2025-20223)
Vulnerability from nvd – Published: 2025-05-07 17:37 – Updated: 2025-05-07 19:42
VLAI?
Summary
A vulnerability in Cisco Catalyst Center, formerly Cisco DNA Center, could allow an authenticated, remote attacker to read and modify data in a repository that belongs to an internal service of an affected device.
This vulnerability is due to insufficient enforcement of access control on HTTP requests. An attacker could exploit this vulnerability by submitting a crafted HTTP request to an affected device. A successful exploit could allow the attacker to read and modify data that is handled by an internal service on the affected device.
Severity ?
4.7 (Medium)
CWE
- CWE-284 - Improper Access Control
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Digital Network Architecture Center (DNA Center) |
Affected:
N/A
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-20223",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-07T18:55:55.249266Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-05-07T19:42:38.775Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco Digital Network Architecture Center (DNA Center)",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "N/A"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in Cisco Catalyst Center, formerly Cisco DNA Center, could allow an authenticated, remote attacker to read and modify data in a repository that belongs to an internal service of an affected device.\r\n\r This vulnerability is due to insufficient enforcement of access control on HTTP requests. An attacker could exploit this vulnerability by submitting a crafted HTTP request to an affected device. A successful exploit could allow the attacker to read and modify data that is handled by an internal service on the affected device."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "Improper Access Control",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-07T17:37:26.454Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-catc-insec-acc-mtt8EhEb",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-catc-insec-acc-mtt8EhEb"
}
],
"source": {
"advisory": "cisco-sa-catc-insec-acc-mtt8EhEb",
"defects": [
"CSCwk27721"
],
"discovery": "INTERNAL"
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2025-20223",
"datePublished": "2025-05-07T17:37:26.454Z",
"dateReserved": "2024-10-10T19:15:13.235Z",
"dateUpdated": "2025-05-07T19:42:38.775Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-20210 (GCVE-0-2025-20210)
Vulnerability from nvd – Published: 2025-05-07 17:16 – Updated: 2025-05-07 19:48
VLAI?
Summary
A vulnerability in the management API of Cisco Catalyst Center, formerly Cisco DNA Center, could allow an unauthenticated, remote attacker to read and modify the outgoing proxy configuration settings.
This vulnerability is due to the lack of authentication in an API endpoint. An attacker could exploit this vulnerability by sending a request to the affected API of a Catalyst Center device. A successful exploit could allow the attacker to view or modify the outgoing proxy configuration, which could disrupt internet traffic from Cisco Catalyst Center or may allow the attacker to intercept outbound internet traffic.
Severity ?
7.3 (High)
CWE
- CWE-306 - Missing Authentication for Critical Function
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Digital Network Architecture Center (DNA Center) |
Affected:
2.1.1.0
Affected: 2.1.1.3 Affected: 2.1.2.0 Affected: 2.1.2.3 Affected: 2.1.2.4 Affected: 2.1.2.5 Affected: 2.2.1.0 Affected: 2.1.2.6 Affected: 2.2.2.0 Affected: 2.2.2.1 Affected: 2.2.2.3 Affected: 2.1.2.7 Affected: 2.2.1.3 Affected: 2.2.3.0 Affected: 2.2.2.4 Affected: 2.2.2.5 Affected: 2.2.3.3 Affected: 2.2.2.7 Affected: 2.2.2.6 Affected: 2.2.2.8 Affected: 2.2.3.4 Affected: 2.1.2.8 Affected: 2.3.2.1 Affected: 2.3.2.1-AIRGAP Affected: 2.3.2.1-AIRGAP-CA Affected: 2.2.3.5 Affected: 2.3.3.0 Affected: 2.3.3.3 Affected: 2.3.3.1-AIRGAP Affected: 2.3.3.1 Affected: 2.3.2.3 Affected: 2.3.3.3-AIRGAP Affected: 2.2.3.6 Affected: 2.2.2.9 Affected: 2.3.3.0-AIRGAP Affected: 2.3.3.3-AIRGAP-CA Affected: 2.3.3.4 Affected: 2.3.3.4-AIRGAP Affected: 2.3.3.4-AIRGAP-MDNAC Affected: 2.3.3.4-HF1 Affected: 2.3.4.0 Affected: 2.3.3.5 Affected: 2.3.3.5-AIRGAP Affected: 2.3.4.0-AIRGAP Affected: 2.3.4.3 Affected: 2.3.4.3-AIRGAP Affected: 2.3.3.6 Affected: 2.3.5.0 Affected: 2.3.3.6-AIRGAP Affected: 2.3.5.0-AIRGAP Affected: 2.3.3.6-AIRGAP-MDNAC Affected: 2.3.5.0-AIRGAP-MDNAC Affected: 2.3.3.7 Affected: 2.3.3.7-AIRGAP Affected: 2.3.3.7-AIRGAP-MDNAC Affected: 2.3.6.0 Affected: 2.3.3.6-70045-HF1 Affected: 2.3.3.7-72328-AIRGAP Affected: 2.3.3.7-72323 Affected: 2.3.3.7-72328-MDNAC Affected: 2.3.5.3 Affected: 2.3.5.3-AIRGAP-MDNAC Affected: 2.3.5.3-AIRGAP Affected: 2.3.6.0-AIRGAP Affected: 2.3.7.0 Affected: 2.3.7.0-AIRGAP Affected: 2.3.7.0-AIRGAP-MDNAC Affected: 2.3.7.0-VA Affected: 2.3.5.4 Affected: 2.3.5.4-AIRGAP Affected: 2.3.5.4-AIRGAP-MDNAC Affected: 2.3.7.3 Affected: 2.3.7.3-AIRGAP Affected: 2.3.7.3-AIRGAP-MDNAC Affected: 2.3.5.5-AIRGAP Affected: 2.3.5.5 Affected: 2.3.5.5-AIRGAP-MDNAC Affected: 2.3.7.4 Affected: 2.3.7.4-AIRGAP Affected: 2.3.7.4-AIRGAP-MDNAC Affected: 2.3.7.5-AIRGAP Affected: 2.3.7.5-VA Affected: 2.3.5.6-AIRGAP Affected: 2.3.5.6 Affected: 2.3.5.6-AIRGAP-MDNAC Affected: 2.3.7.6-AIRGAP Affected: 2.3.7.6 Affected: 2.3.7.6-VA Affected: 2.3.5.5-70026-HF70 Affected: 2.3.5.5-70026-HF51 Affected: 2.3.5.6-70143-HF20 Affected: 2.3.7.6-AIRGAP-MDNAC Affected: 2.3.5.5-70026-HF52 Affected: 2.3.5.5-70026-HF53 Affected: 2.3.5.5-70026-HF71 Affected: 2.3.7.7 Affected: 2.3.7.7-VA Affected: 2.3.7.7-AIRGAP Affected: 2.3.7.7-AIRGAP-MDNAC Affected: 2.3.5.5-70026-HF72 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-20210",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-07T18:57:07.111143Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-05-07T19:48:12.129Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Cisco Digital Network Architecture Center (DNA Center)",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "2.1.1.0"
},
{
"status": "affected",
"version": "2.1.1.3"
},
{
"status": "affected",
"version": "2.1.2.0"
},
{
"status": "affected",
"version": "2.1.2.3"
},
{
"status": "affected",
"version": "2.1.2.4"
},
{
"status": "affected",
"version": "2.1.2.5"
},
{
"status": "affected",
"version": "2.2.1.0"
},
{
"status": "affected",
"version": "2.1.2.6"
},
{
"status": "affected",
"version": "2.2.2.0"
},
{
"status": "affected",
"version": "2.2.2.1"
},
{
"status": "affected",
"version": "2.2.2.3"
},
{
"status": "affected",
"version": "2.1.2.7"
},
{
"status": "affected",
"version": "2.2.1.3"
},
{
"status": "affected",
"version": "2.2.3.0"
},
{
"status": "affected",
"version": "2.2.2.4"
},
{
"status": "affected",
"version": "2.2.2.5"
},
{
"status": "affected",
"version": "2.2.3.3"
},
{
"status": "affected",
"version": "2.2.2.7"
},
{
"status": "affected",
"version": "2.2.2.6"
},
{
"status": "affected",
"version": "2.2.2.8"
},
{
"status": "affected",
"version": "2.2.3.4"
},
{
"status": "affected",
"version": "2.1.2.8"
},
{
"status": "affected",
"version": "2.3.2.1"
},
{
"status": "affected",
"version": "2.3.2.1-AIRGAP"
},
{
"status": "affected",
"version": "2.3.2.1-AIRGAP-CA"
},
{
"status": "affected",
"version": "2.2.3.5"
},
{
"status": "affected",
"version": "2.3.3.0"
},
{
"status": "affected",
"version": "2.3.3.3"
},
{
"status": "affected",
"version": "2.3.3.1-AIRGAP"
},
{
"status": "affected",
"version": "2.3.3.1"
},
{
"status": "affected",
"version": "2.3.2.3"
},
{
"status": "affected",
"version": "2.3.3.3-AIRGAP"
},
{
"status": "affected",
"version": "2.2.3.6"
},
{
"status": "affected",
"version": "2.2.2.9"
},
{
"status": "affected",
"version": "2.3.3.0-AIRGAP"
},
{
"status": "affected",
"version": "2.3.3.3-AIRGAP-CA"
},
{
"status": "affected",
"version": "2.3.3.4"
},
{
"status": "affected",
"version": "2.3.3.4-AIRGAP"
},
{
"status": "affected",
"version": "2.3.3.4-AIRGAP-MDNAC"
},
{
"status": "affected",
"version": "2.3.3.4-HF1"
},
{
"status": "affected",
"version": "2.3.4.0"
},
{
"status": "affected",
"version": "2.3.3.5"
},
{
"status": "affected",
"version": "2.3.3.5-AIRGAP"
},
{
"status": "affected",
"version": "2.3.4.0-AIRGAP"
},
{
"status": "affected",
"version": "2.3.4.3"
},
{
"status": "affected",
"version": "2.3.4.3-AIRGAP"
},
{
"status": "affected",
"version": "2.3.3.6"
},
{
"status": "affected",
"version": "2.3.5.0"
},
{
"status": "affected",
"version": "2.3.3.6-AIRGAP"
},
{
"status": "affected",
"version": "2.3.5.0-AIRGAP"
},
{
"status": "affected",
"version": "2.3.3.6-AIRGAP-MDNAC"
},
{
"status": "affected",
"version": "2.3.5.0-AIRGAP-MDNAC"
},
{
"status": "affected",
"version": "2.3.3.7"
},
{
"status": "affected",
"version": "2.3.3.7-AIRGAP"
},
{
"status": "affected",
"version": "2.3.3.7-AIRGAP-MDNAC"
},
{
"status": "affected",
"version": "2.3.6.0"
},
{
"status": "affected",
"version": "2.3.3.6-70045-HF1"
},
{
"status": "affected",
"version": "2.3.3.7-72328-AIRGAP"
},
{
"status": "affected",
"version": "2.3.3.7-72323"
},
{
"status": "affected",
"version": "2.3.3.7-72328-MDNAC"
},
{
"status": "affected",
"version": "2.3.5.3"
},
{
"status": "affected",
"version": "2.3.5.3-AIRGAP-MDNAC"
},
{
"status": "affected",
"version": "2.3.5.3-AIRGAP"
},
{
"status": "affected",
"version": "2.3.6.0-AIRGAP"
},
{
"status": "affected",
"version": "2.3.7.0"
},
{
"status": "affected",
"version": "2.3.7.0-AIRGAP"
},
{
"status": "affected",
"version": "2.3.7.0-AIRGAP-MDNAC"
},
{
"status": "affected",
"version": "2.3.7.0-VA"
},
{
"status": "affected",
"version": "2.3.5.4"
},
{
"status": "affected",
"version": "2.3.5.4-AIRGAP"
},
{
"status": "affected",
"version": "2.3.5.4-AIRGAP-MDNAC"
},
{
"status": "affected",
"version": "2.3.7.3"
},
{
"status": "affected",
"version": "2.3.7.3-AIRGAP"
},
{
"status": "affected",
"version": "2.3.7.3-AIRGAP-MDNAC"
},
{
"status": "affected",
"version": "2.3.5.5-AIRGAP"
},
{
"status": "affected",
"version": "2.3.5.5"
},
{
"status": "affected",
"version": "2.3.5.5-AIRGAP-MDNAC"
},
{
"status": "affected",
"version": "2.3.7.4"
},
{
"status": "affected",
"version": "2.3.7.4-AIRGAP"
},
{
"status": "affected",
"version": "2.3.7.4-AIRGAP-MDNAC"
},
{
"status": "affected",
"version": "2.3.7.5-AIRGAP"
},
{
"status": "affected",
"version": "2.3.7.5-VA"
},
{
"status": "affected",
"version": "2.3.5.6-AIRGAP"
},
{
"status": "affected",
"version": "2.3.5.6"
},
{
"status": "affected",
"version": "2.3.5.6-AIRGAP-MDNAC"
},
{
"status": "affected",
"version": "2.3.7.6-AIRGAP"
},
{
"status": "affected",
"version": "2.3.7.6"
},
{
"status": "affected",
"version": "2.3.7.6-VA"
},
{
"status": "affected",
"version": "2.3.5.5-70026-HF70"
},
{
"status": "affected",
"version": "2.3.5.5-70026-HF51"
},
{
"status": "affected",
"version": "2.3.5.6-70143-HF20"
},
{
"status": "affected",
"version": "2.3.7.6-AIRGAP-MDNAC"
},
{
"status": "affected",
"version": "2.3.5.5-70026-HF52"
},
{
"status": "affected",
"version": "2.3.5.5-70026-HF53"
},
{
"status": "affected",
"version": "2.3.5.5-70026-HF71"
},
{
"status": "affected",
"version": "2.3.7.7"
},
{
"status": "affected",
"version": "2.3.7.7-VA"
},
{
"status": "affected",
"version": "2.3.7.7-AIRGAP"
},
{
"status": "affected",
"version": "2.3.7.7-AIRGAP-MDNAC"
},
{
"status": "affected",
"version": "2.3.5.5-70026-HF72"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the management API of Cisco Catalyst Center, formerly Cisco DNA Center, could allow an unauthenticated, remote attacker to read and modify the outgoing proxy configuration settings.\r\n\r\nThis vulnerability is due to the lack of authentication in an API endpoint. An attacker could exploit this vulnerability by sending a request to the affected API of a Catalyst Center device. A successful exploit could allow the attacker to view or modify the outgoing proxy configuration, which could disrupt internet traffic from Cisco Catalyst Center or may allow the attacker to intercept outbound internet traffic."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-306",
"description": "Missing Authentication for Critical Function",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-07T17:16:52.708Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-dnac-api-nBPZcJCM",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-dnac-api-nBPZcJCM"
}
],
"source": {
"advisory": "cisco-sa-dnac-api-nBPZcJCM",
"defects": [
"CSCwn10252"
],
"discovery": "EXTERNAL"
},
"title": "Cisco Catalyst Center Unprotected API Endpoint"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2025-20210",
"datePublished": "2025-05-07T17:16:52.708Z",
"dateReserved": "2024-10-10T19:15:13.231Z",
"dateUpdated": "2025-05-07T19:48:12.129Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-20350 (GCVE-0-2024-20350)
Vulnerability from nvd – Published: 2024-09-25 16:19 – Updated: 2024-09-27 03:55
VLAI?
Summary
A vulnerability in the SSH server of Cisco Catalyst Center, formerly Cisco DNA Center, could allow an unauthenticated, remote attacker to impersonate a Cisco Catalyst Center appliance.
This vulnerability is due to the presence of a static SSH host key. An attacker could exploit this vulnerability by performing a machine-in-the-middle attack on SSH connections, which could allow the attacker to intercept traffic between SSH clients and a Cisco Catalyst Center appliance. A successful exploit could allow the attacker to impersonate the affected appliance, inject commands into the terminal session, and steal valid user credentials.
Severity ?
7.5 (High)
CWE
- CWE-321 - Use of Hard-coded Cryptographic Key
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Digital Network Architecture Center (DNA Center) |
Affected:
1.4.0.0
Affected: 2.1.1.0 Affected: 2.1.1.3 Affected: 2.1.2.0 Affected: 2.1.2.3 Affected: 2.1.2.4 Affected: 2.1.2.5 Affected: 2.2.1.0 Affected: 2.1.2.6 Affected: 2.2.2.0 Affected: 2.2.2.1 Affected: 2.2.2.3 Affected: 2.1.2.7 Affected: 2.2.1.3 Affected: 2.2.3.0 Affected: 2.2.2.4 Affected: 2.2.2.5 Affected: 2.2.3.3 Affected: 2.2.2.7 Affected: 2.2.2.6 Affected: 2.2.2.8 Affected: 2.2.3.4 Affected: 2.1.2.8 Affected: 2.3.2.1 Affected: 2.3.2.1-AIRGAP Affected: 2.3.2.1-AIRGAP-CA Affected: 2.2.3.5 Affected: 2.3.3.0 Affected: 2.3.3.3 Affected: 2.3.3.1-AIRGAP Affected: 2.3.3.1 Affected: 2.3.2.3 Affected: 2.3.3.3-AIRGAP Affected: 2.2.3.6 Affected: 2.2.2.9 Affected: 2.3.3.0-AIRGAP Affected: 2.3.3.3-AIRGAP-CA Affected: 2.3.3.4 Affected: 2.3.3.4-AIRGAP Affected: 2.3.3.4-AIRGAP-MDNAC Affected: 2.3.3.4-HF1 Affected: 2.3.4.0 Affected: 2.3.3.5 Affected: 2.3.3.5-AIRGAP Affected: 2.3.4.0-AIRGAP Affected: 2.3.4.3 Affected: 2.3.4.3-AIRGAP Affected: 2.3.3.6 Affected: 2.3.5.0 Affected: 2.3.3.6-AIRGAP Affected: 2.3.5.0-AIRGAP Affected: 2.3.3.6-AIRGAP-MDNAC Affected: 2.3.5.0-AIRGAP-MDNAC Affected: 2.3.3.7 Affected: 2.3.3.7-AIRGAP Affected: 2.3.3.7-AIRGAP-MDNAC Affected: 2.3.6.0 Affected: 2.3.3.6-70045-HF1 Affected: 2.3.3.7-72328-AIRGAP Affected: 2.3.3.7-72323 Affected: 2.3.3.7-72328-MDNAC Affected: 2.3.5.3 Affected: 2.3.5.3-AIRGAP-MDNAC Affected: 2.3.5.3-AIRGAP Affected: 2.3.6.0-AIRGAP Affected: 2.3.7.0 Affected: 2.3.7.0-AIRGAP Affected: 2.3.7.0-AIRGAP-MDNAC Affected: 2.3.7.0-VA Affected: 2.3.5.4 Affected: 2.3.5.4-AIRGAP Affected: 2.3.5.4-AIRGAP-MDNAC Affected: 2.3.7.3 Affected: 2.3.7.3-AIRGAP Affected: 2.3.7.3-AIRGAP-MDNAC Affected: 2.3.5.5-AIRGAP Affected: 2.3.5.5 Affected: 2.3.5.5-AIRGAP-MDNAC Affected: 2.3.7.4 Affected: 2.3.7.4-AIRGAP Affected: 2.3.7.4-AIRGAP-MDNAC Affected: 1.0.0.0 Affected: 2.3.5.5-70026-HF70 Affected: 2.3.5.5-70026-HF51 Affected: 2.3.5.5-70026-HF52 Affected: 2.3.5.5-70026-HF53 |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:cisco:digital_network_architecture_center:1.4.0.0:*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:digital_network_architecture_center:2.1.1.0:*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:digital_network_architecture_center:2.1.1.3:*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:digital_network_architecture_center:2.1.2.0:*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:digital_network_architecture_center:2.1.2.3:*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:digital_network_architecture_center:2.1.2.4:*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:digital_network_architecture_center:2.1.2.5:*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:digital_network_architecture_center:2.2.1.0:*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:digital_network_architecture_center:2.1.2.6:*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:digital_network_architecture_center:2.2.2.0:*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:digital_network_architecture_center:2.2.2.1:*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:digital_network_architecture_center:2.2.2.3:*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:digital_network_architecture_center:2.1.2.7:*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:digital_network_architecture_center:2.2.1.3:*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:digital_network_architecture_center:2.2.3.0:*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:digital_network_architecture_center:2.2.2.4:*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:digital_network_architecture_center:2.2.2.5:*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:digital_network_architecture_center:2.2.3.3:*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:digital_network_architecture_center:2.2.2.7:*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:digital_network_architecture_center:2.2.2.6:*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:digital_network_architecture_center:2.2.2.8:*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:digital_network_architecture_center:2.2.3.4:*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:digital_network_architecture_center:2.1.2.8:*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:digital_network_architecture_center:2.3.2.1:*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:digital_network_architecture_center:2.3.2.1-airgap:*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:digital_network_architecture_center:2.3.2.1-airgap-ca:*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:digital_network_architecture_center:2.2.3.5:*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:digital_network_architecture_center:2.3.3.0:*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:digital_network_architecture_center:2.3.3.3:*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:digital_network_architecture_center:2.3.3.1-airgap:*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:digital_network_architecture_center:2.3.3.1:*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:digital_network_architecture_center:2.3.2.3:*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:digital_network_architecture_center:2.3.3.3-airgap:*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:digital_network_architecture_center:2.2.3.6:*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:digital_network_architecture_center:2.2.2.9:*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:digital_network_architecture_center:2.3.3.0-airgap:*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:digital_network_architecture_center:2.3.3.3-airgap-ca:*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:digital_network_architecture_center:2.3.3.4:*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:digital_network_architecture_center:2.3.3.4-airgap:*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:digital_network_architecture_center:2.3.3.4-airgap-mdnac:*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:digital_network_architecture_center:2.3.3.4-hf1:*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:digital_network_architecture_center:2.3.4.0:*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:digital_network_architecture_center:2.3.3.5:*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:digital_network_architecture_center:2.3.3.5-airgap:*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:digital_network_architecture_center:2.3.4.0-airgap:*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:digital_network_architecture_center:2.3.4.3:*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:digital_network_architecture_center:2.3.4.3-airgap:*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:digital_network_architecture_center:2.3.3.6:*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:digital_network_architecture_center:2.3.5.0:*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:digital_network_architecture_center:2.3.3.6-airgap:*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:digital_network_architecture_center:2.3.5.0-airgap:*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:digital_network_architecture_center:2.3.3.6-airgap-mdnac:*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:digital_network_architecture_center:2.3.5.0-airgap-mdnac:*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:digital_network_architecture_center:2.3.3.7:*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:digital_network_architecture_center:2.3.3.7-airgap:*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:digital_network_architecture_center:2.3.3.7-airgap-mdnac:*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:digital_network_architecture_center:2.3.6.0:*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:digital_network_architecture_center:2.3.3.6-70045-hf1:*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:digital_network_architecture_center:2.3.3.7-72328-airgap:*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:digital_network_architecture_center:2.3.3.7-72323:*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:digital_network_architecture_center:2.3.3.7-72328-mdnac:*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:digital_network_architecture_center:2.3.5.3:*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:digital_network_architecture_center:2.3.5.3-airgap-mdnac:*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:digital_network_architecture_center:2.3.5.3-airgap:*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:digital_network_architecture_center:2.3.6.0-airgap:*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:digital_network_architecture_center:2.3.7.0:*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:digital_network_architecture_center:2.3.7.0-airgap:*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:digital_network_architecture_center:2.3.7.0-airgap-mdnac:*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:digital_network_architecture_center:2.3.7.0-va:*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:digital_network_architecture_center:2.3.5.4:*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:digital_network_architecture_center:2.3.5.4-airgap:*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:digital_network_architecture_center:2.3.5.4-airgap-mdnac:*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:digital_network_architecture_center:2.3.7.3:*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:digital_network_architecture_center:2.3.7.3-airgap:*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:digital_network_architecture_center:2.3.7.3-airgap-mdnac:*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:digital_network_architecture_center:2.3.5.5-airgap:*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:digital_network_architecture_center:2.3.5.5:*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:digital_network_architecture_center:2.3.5.5-airgap-mdnac:*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:digital_network_architecture_center:2.3.7.4:*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:digital_network_architecture_center:2.3.7.4-airgap:*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:digital_network_architecture_center:2.3.7.4-airgap-mdnac:*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:digital_network_architecture_center:1.0.0.0:*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:digital_network_architecture_center:2.3.5.5-70026-hf70:*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:digital_network_architecture_center:2.3.5.5-70026-hf51:*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:digital_network_architecture_center:2.3.5.5-70026-hf52:*:*:*:*:*:*:*",
"cpe:2.3:o:cisco:digital_network_architecture_center:2.3.5.5-70026-hf53:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "digital_network_architecture_center",
"vendor": "cisco",
"versions": [
{
"status": "affected",
"version": "1.4.0.0"
},
{
"status": "affected",
"version": "2.1.1.0"
},
{
"status": "affected",
"version": "2.1.1.3"
},
{
"status": "affected",
"version": "2.1.2.0"
},
{
"status": "affected",
"version": "2.1.2.3"
},
{
"status": "affected",
"version": "2.1.2.4"
},
{
"status": "affected",
"version": "2.1.2.5"
},
{
"status": "affected",
"version": "2.2.1.0"
},
{
"status": "affected",
"version": "2.1.2.6"
},
{
"status": "affected",
"version": "2.2.2.0"
},
{
"status": "affected",
"version": "2.2.2.1"
},
{
"status": "affected",
"version": "2.2.2.3"
},
{
"status": "affected",
"version": "2.1.2.7"
},
{
"status": "affected",
"version": "2.2.1.3"
},
{
"status": "affected",
"version": "2.2.3.0"
},
{
"status": "affected",
"version": "2.2.2.4"
},
{
"status": "affected",
"version": "2.2.2.5"
},
{
"status": "affected",
"version": "2.2.3.3"
},
{
"status": "affected",
"version": "2.2.2.7"
},
{
"status": "affected",
"version": "2.2.2.6"
},
{
"status": "affected",
"version": "2.2.2.8"
},
{
"status": "affected",
"version": "2.2.3.4"
},
{
"status": "affected",
"version": "2.1.2.8"
},
{
"status": "affected",
"version": "2.3.2.1"
},
{
"status": "affected",
"version": "2.3.2.1-airgap"
},
{
"status": "affected",
"version": "2.3.2.1-airgap-ca"
},
{
"status": "affected",
"version": "2.2.3.5"
},
{
"status": "affected",
"version": "2.3.3.0"
},
{
"status": "affected",
"version": "2.3.3.3"
},
{
"status": "affected",
"version": "2.3.3.1-airgap"
},
{
"status": "affected",
"version": "2.3.3.1"
},
{
"status": "affected",
"version": "2.3.2.3"
},
{
"status": "affected",
"version": "2.3.3.3-airgap"
},
{
"status": "affected",
"version": "2.2.3.6"
},
{
"status": "affected",
"version": "2.2.2.9"
},
{
"status": "affected",
"version": "2.3.3.0-airgap"
},
{
"status": "affected",
"version": "2.3.3.3-airgap-ca"
},
{
"status": "affected",
"version": "2.3.3.4"
},
{
"status": "affected",
"version": "2.3.3.4-airgap"
},
{
"status": "affected",
"version": "2.3.3.4-airgap-mdnac"
},
{
"status": "affected",
"version": "2.3.3.4-hf1"
},
{
"status": "affected",
"version": "2.3.4.0"
},
{
"status": "affected",
"version": "2.3.3.5"
},
{
"status": "affected",
"version": "2.3.3.5-airgap"
},
{
"status": "affected",
"version": "2.3.4.0-airgap"
},
{
"status": "affected",
"version": "2.3.4.3"
},
{
"status": "affected",
"version": "2.3.4.3-airgap"
},
{
"status": "affected",
"version": "2.3.3.6"
},
{
"status": "affected",
"version": "2.3.5.0"
},
{
"status": "affected",
"version": "2.3.3.6-airgap"
},
{
"status": "affected",
"version": "2.3.5.0-airgap"
},
{
"status": "affected",
"version": "2.3.3.6-airgap-mdnac"
},
{
"status": "affected",
"version": "2.3.5.0-airgap-mdnac"
},
{
"status": "affected",
"version": "2.3.3.7"
},
{
"status": "affected",
"version": "2.3.3.7-airgap"
},
{
"status": "affected",
"version": "2.3.3.7-airgap-mdnac"
},
{
"status": "affected",
"version": "2.3.6.0"
},
{
"status": "affected",
"version": "2.3.3.6-70045-hf1"
},
{
"status": "affected",
"version": "2.3.3.7-72328-airgap"
},
{
"status": "affected",
"version": "2.3.3.7-72323"
},
{
"status": "affected",
"version": "2.3.3.7-72328-mdnac"
},
{
"status": "affected",
"version": "2.3.5.3"
},
{
"status": "affected",
"version": "2.3.5.3-airgap-mdnac"
},
{
"status": "affected",
"version": "2.3.5.3-airgap"
},
{
"status": "affected",
"version": "2.3.6.0-airgap"
},
{
"status": "affected",
"version": "2.3.7.0"
},
{
"status": "affected",
"version": "2.3.7.0-airgap"
},
{
"status": "affected",
"version": "2.3.7.0-airgap-mdnac"
},
{
"status": "affected",
"version": "2.3.7.0-va"
},
{
"status": "affected",
"version": "2.3.5.4"
},
{
"status": "affected",
"version": "2.3.5.4-airgap"
},
{
"status": "affected",
"version": "2.3.5.4-airgap-mdnac"
},
{
"status": "affected",
"version": "2.3.7.3"
},
{
"status": "affected",
"version": "2.3.7.3-airgap"
},
{
"status": "affected",
"version": "2.3.7.3-airgap-mdnac"
},
{
"status": "affected",
"version": "2.3.5.5-airgap"
},
{
"status": "affected",
"version": "2.3.5.5"
},
{
"status": "affected",
"version": "2.3.5.5-airgap-mdnac"
},
{
"status": "affected",
"version": "2.3.7.4"
},
{
"status": "affected",
"version": "2.3.7.4-airgap"
},
{
"status": "affected",
"version": "2.3.7.4-airgap-mdnac"
},
{
"status": "affected",
"version": "1.0.0.0"
},
{
"status": "affected",
"version": "2.3.5.5-70026-hf70"
},
{
"status": "affected",
"version": "2.3.5.5-70026-hf51"
},
{
"status": "affected",
"version": "2.3.5.5-70026-hf52"
},
{
"status": "affected",
"version": "2.3.5.5-70026-hf53"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-20350",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-26T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-27T03:55:13.779Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Cisco Digital Network Architecture Center (DNA Center)",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "1.4.0.0"
},
{
"status": "affected",
"version": "2.1.1.0"
},
{
"status": "affected",
"version": "2.1.1.3"
},
{
"status": "affected",
"version": "2.1.2.0"
},
{
"status": "affected",
"version": "2.1.2.3"
},
{
"status": "affected",
"version": "2.1.2.4"
},
{
"status": "affected",
"version": "2.1.2.5"
},
{
"status": "affected",
"version": "2.2.1.0"
},
{
"status": "affected",
"version": "2.1.2.6"
},
{
"status": "affected",
"version": "2.2.2.0"
},
{
"status": "affected",
"version": "2.2.2.1"
},
{
"status": "affected",
"version": "2.2.2.3"
},
{
"status": "affected",
"version": "2.1.2.7"
},
{
"status": "affected",
"version": "2.2.1.3"
},
{
"status": "affected",
"version": "2.2.3.0"
},
{
"status": "affected",
"version": "2.2.2.4"
},
{
"status": "affected",
"version": "2.2.2.5"
},
{
"status": "affected",
"version": "2.2.3.3"
},
{
"status": "affected",
"version": "2.2.2.7"
},
{
"status": "affected",
"version": "2.2.2.6"
},
{
"status": "affected",
"version": "2.2.2.8"
},
{
"status": "affected",
"version": "2.2.3.4"
},
{
"status": "affected",
"version": "2.1.2.8"
},
{
"status": "affected",
"version": "2.3.2.1"
},
{
"status": "affected",
"version": "2.3.2.1-AIRGAP"
},
{
"status": "affected",
"version": "2.3.2.1-AIRGAP-CA"
},
{
"status": "affected",
"version": "2.2.3.5"
},
{
"status": "affected",
"version": "2.3.3.0"
},
{
"status": "affected",
"version": "2.3.3.3"
},
{
"status": "affected",
"version": "2.3.3.1-AIRGAP"
},
{
"status": "affected",
"version": "2.3.3.1"
},
{
"status": "affected",
"version": "2.3.2.3"
},
{
"status": "affected",
"version": "2.3.3.3-AIRGAP"
},
{
"status": "affected",
"version": "2.2.3.6"
},
{
"status": "affected",
"version": "2.2.2.9"
},
{
"status": "affected",
"version": "2.3.3.0-AIRGAP"
},
{
"status": "affected",
"version": "2.3.3.3-AIRGAP-CA"
},
{
"status": "affected",
"version": "2.3.3.4"
},
{
"status": "affected",
"version": "2.3.3.4-AIRGAP"
},
{
"status": "affected",
"version": "2.3.3.4-AIRGAP-MDNAC"
},
{
"status": "affected",
"version": "2.3.3.4-HF1"
},
{
"status": "affected",
"version": "2.3.4.0"
},
{
"status": "affected",
"version": "2.3.3.5"
},
{
"status": "affected",
"version": "2.3.3.5-AIRGAP"
},
{
"status": "affected",
"version": "2.3.4.0-AIRGAP"
},
{
"status": "affected",
"version": "2.3.4.3"
},
{
"status": "affected",
"version": "2.3.4.3-AIRGAP"
},
{
"status": "affected",
"version": "2.3.3.6"
},
{
"status": "affected",
"version": "2.3.5.0"
},
{
"status": "affected",
"version": "2.3.3.6-AIRGAP"
},
{
"status": "affected",
"version": "2.3.5.0-AIRGAP"
},
{
"status": "affected",
"version": "2.3.3.6-AIRGAP-MDNAC"
},
{
"status": "affected",
"version": "2.3.5.0-AIRGAP-MDNAC"
},
{
"status": "affected",
"version": "2.3.3.7"
},
{
"status": "affected",
"version": "2.3.3.7-AIRGAP"
},
{
"status": "affected",
"version": "2.3.3.7-AIRGAP-MDNAC"
},
{
"status": "affected",
"version": "2.3.6.0"
},
{
"status": "affected",
"version": "2.3.3.6-70045-HF1"
},
{
"status": "affected",
"version": "2.3.3.7-72328-AIRGAP"
},
{
"status": "affected",
"version": "2.3.3.7-72323"
},
{
"status": "affected",
"version": "2.3.3.7-72328-MDNAC"
},
{
"status": "affected",
"version": "2.3.5.3"
},
{
"status": "affected",
"version": "2.3.5.3-AIRGAP-MDNAC"
},
{
"status": "affected",
"version": "2.3.5.3-AIRGAP"
},
{
"status": "affected",
"version": "2.3.6.0-AIRGAP"
},
{
"status": "affected",
"version": "2.3.7.0"
},
{
"status": "affected",
"version": "2.3.7.0-AIRGAP"
},
{
"status": "affected",
"version": "2.3.7.0-AIRGAP-MDNAC"
},
{
"status": "affected",
"version": "2.3.7.0-VA"
},
{
"status": "affected",
"version": "2.3.5.4"
},
{
"status": "affected",
"version": "2.3.5.4-AIRGAP"
},
{
"status": "affected",
"version": "2.3.5.4-AIRGAP-MDNAC"
},
{
"status": "affected",
"version": "2.3.7.3"
},
{
"status": "affected",
"version": "2.3.7.3-AIRGAP"
},
{
"status": "affected",
"version": "2.3.7.3-AIRGAP-MDNAC"
},
{
"status": "affected",
"version": "2.3.5.5-AIRGAP"
},
{
"status": "affected",
"version": "2.3.5.5"
},
{
"status": "affected",
"version": "2.3.5.5-AIRGAP-MDNAC"
},
{
"status": "affected",
"version": "2.3.7.4"
},
{
"status": "affected",
"version": "2.3.7.4-AIRGAP"
},
{
"status": "affected",
"version": "2.3.7.4-AIRGAP-MDNAC"
},
{
"status": "affected",
"version": "1.0.0.0"
},
{
"status": "affected",
"version": "2.3.5.5-70026-HF70"
},
{
"status": "affected",
"version": "2.3.5.5-70026-HF51"
},
{
"status": "affected",
"version": "2.3.5.5-70026-HF52"
},
{
"status": "affected",
"version": "2.3.5.5-70026-HF53"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the SSH server of Cisco Catalyst Center, formerly Cisco DNA Center, could allow an unauthenticated, remote attacker to impersonate a Cisco Catalyst Center appliance.\r\n\r\nThis vulnerability is due to the presence of a static SSH host key. An attacker could exploit this vulnerability by performing a machine-in-the-middle attack on SSH connections, which could allow the attacker to intercept traffic between SSH clients and a Cisco Catalyst Center appliance. A successful exploit could allow the attacker to impersonate the affected appliance, inject commands into the terminal session, and steal valid user credentials."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-321",
"description": "Use of Hard-coded Cryptographic Key",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-25T16:19:15.162Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-dnac-ssh-e4uOdASj",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-dnac-ssh-e4uOdASj"
}
],
"source": {
"advisory": "cisco-sa-dnac-ssh-e4uOdASj",
"defects": [
"CSCwi40467"
],
"discovery": "INTERNAL"
},
"title": "Cisco Catalyst Center Static SSH Host Key Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2024-20350",
"datePublished": "2024-09-25T16:19:15.162Z",
"dateReserved": "2023-11-08T15:08:07.646Z",
"dateUpdated": "2024-09-27T03:55:13.779Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-20333 (GCVE-0-2024-20333)
Vulnerability from nvd – Published: 2024-03-27 16:43 – Updated: 2024-08-01 21:59
VLAI?
Summary
A vulnerability in the web-based management interface of Cisco Catalyst Center, formerly Cisco DNA Center, could allow an authenticated, remote attacker to change specific data within the interface on an affected device.
This vulnerability is due to insufficient authorization enforcement. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected device. A successful exploit could allow the attacker to change a specific field within the web-based management interface, even though they should not have access to change that field.
Severity ?
4.3 (Medium)
CWE
- CWE-285 - Improper Authorization
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Digital Network Architecture Center (DNA Center) |
Affected:
2.1.2.0
Affected: 2.1.2.3 Affected: 2.1.2.4 Affected: 2.1.2.5 Affected: 2.1.2.6 Affected: 2.1.2.7 Affected: 2.1.2.8 Affected: 2.2.2.3 Affected: 2.2.1.3 Affected: 2.2.2.4 Affected: 2.2.2.5 Affected: 2.2.2.8 Affected: 2.2.3.4 Affected: 2.2.3.3 Affected: 2.2.2.6 Affected: 2.2.3.5 Affected: 2.2.2.9 Affected: 2.2.3.6 Affected: 2.3.3.4 Affected: 2.3.3.5 Affected: 2.3.3.6 Affected: 2.3.3.7 Affected: 2.3.5.3 Affected: VA Launchpad 1.2.1 Affected: VA Launchpad 1.3.0 Affected: VA Launchpad 1.5.0 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-20333",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-03-27T19:47:40.981598Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:40:11.205Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T21:59:42.856Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "cisco-sa-ccc-authz-bypass-5EKchJRb",
"tags": [
"x_transferred"
],
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ccc-authz-bypass-5EKchJRb"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Cisco Digital Network Architecture Center (DNA Center)",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "2.1.2.0"
},
{
"status": "affected",
"version": "2.1.2.3"
},
{
"status": "affected",
"version": "2.1.2.4"
},
{
"status": "affected",
"version": "2.1.2.5"
},
{
"status": "affected",
"version": "2.1.2.6"
},
{
"status": "affected",
"version": "2.1.2.7"
},
{
"status": "affected",
"version": "2.1.2.8"
},
{
"status": "affected",
"version": "2.2.2.3"
},
{
"status": "affected",
"version": "2.2.1.3"
},
{
"status": "affected",
"version": "2.2.2.4"
},
{
"status": "affected",
"version": "2.2.2.5"
},
{
"status": "affected",
"version": "2.2.2.8"
},
{
"status": "affected",
"version": "2.2.3.4"
},
{
"status": "affected",
"version": "2.2.3.3"
},
{
"status": "affected",
"version": "2.2.2.6"
},
{
"status": "affected",
"version": "2.2.3.5"
},
{
"status": "affected",
"version": "2.2.2.9"
},
{
"status": "affected",
"version": "2.2.3.6"
},
{
"status": "affected",
"version": "2.3.3.4"
},
{
"status": "affected",
"version": "2.3.3.5"
},
{
"status": "affected",
"version": "2.3.3.6"
},
{
"status": "affected",
"version": "2.3.3.7"
},
{
"status": "affected",
"version": "2.3.5.3"
},
{
"status": "affected",
"version": "VA Launchpad 1.2.1"
},
{
"status": "affected",
"version": "VA Launchpad 1.3.0"
},
{
"status": "affected",
"version": "VA Launchpad 1.5.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based management interface of Cisco Catalyst Center, formerly Cisco DNA Center, could allow an authenticated, remote attacker to change specific data within the interface on an affected device.\r\n\r This vulnerability is due to insufficient authorization enforcement. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected device. A successful exploit could allow the attacker to change a specific field within the web-based management interface, even though they should not have access to change that field."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-285",
"description": "Improper Authorization",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-03-27T16:43:33.371Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-ccc-authz-bypass-5EKchJRb",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ccc-authz-bypass-5EKchJRb"
}
],
"source": {
"advisory": "cisco-sa-ccc-authz-bypass-5EKchJRb",
"defects": [
"CSCwd69988"
],
"discovery": "INTERNAL"
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2024-20333",
"datePublished": "2024-03-27T16:43:33.371Z",
"dateReserved": "2023-11-08T15:08:07.641Z",
"dateUpdated": "2024-08-01T21:59:42.856Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-20183 (GCVE-0-2023-20183)
Vulnerability from nvd – Published: 2023-05-18 00:00 – Updated: 2024-10-25 15:57
VLAI?
Summary
Multiple vulnerabilities in the API of Cisco DNA Center Software could allow an authenticated, remote attacker to read information from a restricted container, enumerate user information, or execute arbitrary commands in a restricted container as the root user. For more information about these vulnerabilities, see the Details section of this advisory.
Severity ?
5.4 (Medium)
CWE
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Digital Network Architecture Center (DNA Center) |
Affected:
n/a
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T09:05:35.013Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20230517 Cisco DNA Center Software API Vulnerabilities",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-dnac-multiple-kTQkGU3"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-20183",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-25T14:34:10.554079Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-25T15:57:09.240Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco Digital Network Architecture Center (DNA Center) ",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2023-05-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple vulnerabilities in the API of Cisco DNA Center Software could allow an authenticated, remote attacker to read information from a restricted container, enumerate user information, or execute arbitrary commands in a restricted container as the root user. For more information about these vulnerabilities, see the Details section of this advisory."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory. "
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-285",
"description": "CWE-285",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-05-18T00:00:00",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20230517 Cisco DNA Center Software API Vulnerabilities",
"tags": [
"vendor-advisory"
],
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-dnac-multiple-kTQkGU3"
}
],
"source": {
"advisory": "cisco-sa-dnac-multiple-kTQkGU3",
"defect": [
[
"CSCwd58359",
"CSCwd58450",
"CSCwd59863"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco DNA Center Software API Vulnerabilities"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2023-20183",
"datePublished": "2023-05-18T00:00:00",
"dateReserved": "2022-10-27T00:00:00",
"dateUpdated": "2024-10-25T15:57:09.240Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-20182 (GCVE-0-2023-20182)
Vulnerability from nvd – Published: 2023-05-18 00:00 – Updated: 2024-10-25 15:57
VLAI?
Summary
Multiple vulnerabilities in the API of Cisco DNA Center Software could allow an authenticated, remote attacker to read information from a restricted container, enumerate user information, or execute arbitrary commands in a restricted container as the root user. For more information about these vulnerabilities, see the Details section of this advisory.
Severity ?
5.4 (Medium)
CWE
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Digital Network Architecture Center (DNA Center) |
Affected:
n/a
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T09:05:35.868Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20230517 Cisco DNA Center Software API Vulnerabilities",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-dnac-multiple-kTQkGU3"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-20182",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-25T14:34:11.905248Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-25T15:57:16.899Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco Digital Network Architecture Center (DNA Center) ",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2023-05-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple vulnerabilities in the API of Cisco DNA Center Software could allow an authenticated, remote attacker to read information from a restricted container, enumerate user information, or execute arbitrary commands in a restricted container as the root user. For more information about these vulnerabilities, see the Details section of this advisory."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory. "
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-285",
"description": "CWE-285",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-05-18T00:00:00",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20230517 Cisco DNA Center Software API Vulnerabilities",
"tags": [
"vendor-advisory"
],
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-dnac-multiple-kTQkGU3"
}
],
"source": {
"advisory": "cisco-sa-dnac-multiple-kTQkGU3",
"defect": [
[
"CSCwd58359",
"CSCwd58450",
"CSCwd59863"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco DNA Center Software API Vulnerabilities"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2023-20182",
"datePublished": "2023-05-18T00:00:00",
"dateReserved": "2022-10-27T00:00:00",
"dateUpdated": "2024-10-25T15:57:16.899Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-20184 (GCVE-0-2023-20184)
Vulnerability from nvd – Published: 2023-05-18 00:00 – Updated: 2024-10-25 15:57
VLAI?
Summary
Multiple vulnerabilities in the API of Cisco DNA Center Software could allow an authenticated, remote attacker to read information from a restricted container, enumerate user information, or execute arbitrary commands in a restricted container as the root user. For more information about these vulnerabilities, see the Details section of this advisory.
Severity ?
5.4 (Medium)
CWE
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Digital Network Architecture Center (DNA Center) |
Affected:
n/a
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T09:05:36.718Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20230517 Cisco DNA Center Software API Vulnerabilities",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-dnac-multiple-kTQkGU3"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-20184",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-25T14:34:08.758472Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-25T15:57:01.471Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco Digital Network Architecture Center (DNA Center) ",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2023-05-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple vulnerabilities in the API of Cisco DNA Center Software could allow an authenticated, remote attacker to read information from a restricted container, enumerate user information, or execute arbitrary commands in a restricted container as the root user. For more information about these vulnerabilities, see the Details section of this advisory."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory. "
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-285",
"description": "CWE-285",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-05-18T00:00:00",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20230517 Cisco DNA Center Software API Vulnerabilities",
"tags": [
"vendor-advisory"
],
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-dnac-multiple-kTQkGU3"
}
],
"source": {
"advisory": "cisco-sa-dnac-multiple-kTQkGU3",
"defect": [
[
"CSCwd58359",
"CSCwd58450",
"CSCwd59863"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco DNA Center Software API Vulnerabilities"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2023-20184",
"datePublished": "2023-05-18T00:00:00",
"dateReserved": "2022-10-27T00:00:00",
"dateUpdated": "2024-10-25T15:57:01.471Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}