Search criteria
6315 vulnerabilities by cisco
CVE-2026-20119 (GCVE-0-2026-20119)
Vulnerability from cvelistv5 – Published: 2026-02-04 16:12 – Updated: 2026-02-12 18:49
VLAI?
Title
Cisco TelePresence Collaboration Endpoint Software and RoomOS Software Denial of Service Vulnerability
Summary
A vulnerability in the text rendering subsystem of Cisco TelePresence Collaboration Endpoint (CE) Software and Cisco RoomOS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.
This vulnerability is due to insufficient validation of input received by an affected device. An attacker could exploit this vulnerability by getting the affected device to render crafted text, for example, a crafted meeting invitation. As indicated in the CVSS score, no user interaction is required, such as accepting the meeting invitation. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a DoS condition.
Severity ?
7.5 (High)
CWE
- CWE-1287 - Improper Validation of Specified Type of Input
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Cisco | Cisco RoomOS Software |
Affected:
RoomOS 10.11.2.2
Affected: RoomOS 10.15.2.2 Affected: RoomOS 11.5.4.6 Affected: RoomOS 11.5.2.4 Affected: RoomOS 10.8.2.5 Affected: RoomOS 10.11.5.2 Affected: RoomOS 10.11.3.0 Affected: RoomOS 10.15.5.3 Affected: RoomOS 10.19.2.2 Affected: RoomOS 11.1.3.1 Affected: RoomOS 10.11.6.0 Affected: RoomOS 10.19.3.0 Affected: RoomOS 10.19.4.2 Affected: RoomOS 10.3.2.4 Affected: RoomOS 10.3.4.0 Affected: RoomOS 10.15.3.0 Affected: RoomOS 11.1.4.1 Affected: RoomOS 11.14.2.3 Affected: RoomOS 11.1.2.4 Affected: RoomOS 10.8.3.1 Affected: RoomOS 11.14.2.1 Affected: RoomOS 10.3.3.0 Affected: RoomOS 10.8.4.0 Affected: RoomOS 10.15.4.1 Affected: RoomOS 10.19.5.6 Affected: RoomOS 10.11.4.1 Affected: RoomOS 11.9.3.1 Affected: RoomOS 11.5.3.3 Affected: RoomOS 10.3.2.0 Affected: RoomOS 11.9.2.4 Affected: RoomOS 11.14.3.0 Affected: RoomOS 11.17.2.2 Affected: RoomOS 11.14.4.0 Affected: RoomOS 10.19 StepUpg Affected: RoomOS 11.17.3.0 Affected: RoomOS 11.20.2.3 Affected: RoomOS 11.14.5.0 Affected: RoomOS 11.17.4.0 Affected: RoomOS 11.20.3.0 Affected: RoomOS 11.23.1.6 Affected: RoomOS 11.23.1.8 Affected: RoomOS 11.24.1.5 Affected: RoomOS 11.24.2.4 Affected: RoomOS 11.24.3.0 Affected: RoomOS 11.24.4.1 Affected: RoomOS 11.27.2.0 Affected: RoomOS 11.28.1.3 Affected: RoomOS 11.27.3.0 Affected: RoomOS 11.31.1.5 Affected: RoomOS 11.27.4.0 Affected: RoomOS 11.32.2.1 |
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-20119",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-04T16:41:56.418229Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-04T16:42:15.817Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Cisco RoomOS Software",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "RoomOS 10.11.2.2"
},
{
"status": "affected",
"version": "RoomOS 10.15.2.2"
},
{
"status": "affected",
"version": "RoomOS 11.5.4.6"
},
{
"status": "affected",
"version": "RoomOS 11.5.2.4"
},
{
"status": "affected",
"version": "RoomOS 10.8.2.5"
},
{
"status": "affected",
"version": "RoomOS 10.11.5.2"
},
{
"status": "affected",
"version": "RoomOS 10.11.3.0"
},
{
"status": "affected",
"version": "RoomOS 10.15.5.3"
},
{
"status": "affected",
"version": "RoomOS 10.19.2.2"
},
{
"status": "affected",
"version": "RoomOS 11.1.3.1"
},
{
"status": "affected",
"version": "RoomOS 10.11.6.0"
},
{
"status": "affected",
"version": "RoomOS 10.19.3.0"
},
{
"status": "affected",
"version": "RoomOS 10.19.4.2"
},
{
"status": "affected",
"version": "RoomOS 10.3.2.4"
},
{
"status": "affected",
"version": "RoomOS 10.3.4.0"
},
{
"status": "affected",
"version": "RoomOS 10.15.3.0"
},
{
"status": "affected",
"version": "RoomOS 11.1.4.1"
},
{
"status": "affected",
"version": "RoomOS 11.14.2.3"
},
{
"status": "affected",
"version": "RoomOS 11.1.2.4"
},
{
"status": "affected",
"version": "RoomOS 10.8.3.1"
},
{
"status": "affected",
"version": "RoomOS 11.14.2.1"
},
{
"status": "affected",
"version": "RoomOS 10.3.3.0"
},
{
"status": "affected",
"version": "RoomOS 10.8.4.0"
},
{
"status": "affected",
"version": "RoomOS 10.15.4.1"
},
{
"status": "affected",
"version": "RoomOS 10.19.5.6"
},
{
"status": "affected",
"version": "RoomOS 10.11.4.1"
},
{
"status": "affected",
"version": "RoomOS 11.9.3.1"
},
{
"status": "affected",
"version": "RoomOS 11.5.3.3"
},
{
"status": "affected",
"version": "RoomOS 10.3.2.0"
},
{
"status": "affected",
"version": "RoomOS 11.9.2.4"
},
{
"status": "affected",
"version": "RoomOS 11.14.3.0"
},
{
"status": "affected",
"version": "RoomOS 11.17.2.2"
},
{
"status": "affected",
"version": "RoomOS 11.14.4.0"
},
{
"status": "affected",
"version": "RoomOS 10.19 StepUpg"
},
{
"status": "affected",
"version": "RoomOS 11.17.3.0"
},
{
"status": "affected",
"version": "RoomOS 11.20.2.3"
},
{
"status": "affected",
"version": "RoomOS 11.14.5.0"
},
{
"status": "affected",
"version": "RoomOS 11.17.4.0"
},
{
"status": "affected",
"version": "RoomOS 11.20.3.0"
},
{
"status": "affected",
"version": "RoomOS 11.23.1.6"
},
{
"status": "affected",
"version": "RoomOS 11.23.1.8"
},
{
"status": "affected",
"version": "RoomOS 11.24.1.5"
},
{
"status": "affected",
"version": "RoomOS 11.24.2.4"
},
{
"status": "affected",
"version": "RoomOS 11.24.3.0"
},
{
"status": "affected",
"version": "RoomOS 11.24.4.1"
},
{
"status": "affected",
"version": "RoomOS 11.27.2.0"
},
{
"status": "affected",
"version": "RoomOS 11.28.1.3"
},
{
"status": "affected",
"version": "RoomOS 11.27.3.0"
},
{
"status": "affected",
"version": "RoomOS 11.31.1.5"
},
{
"status": "affected",
"version": "RoomOS 11.27.4.0"
},
{
"status": "affected",
"version": "RoomOS 11.32.2.1"
}
]
},
{
"defaultStatus": "unknown",
"product": "Cisco TelePresence Endpoint Software (TC/CE)",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "CE9.3.0"
},
{
"status": "affected",
"version": "CE9.10.2"
},
{
"status": "affected",
"version": "CE9.2.6"
},
{
"status": "affected",
"version": "CE9.5.0"
},
{
"status": "affected",
"version": "CE9.3.3"
},
{
"status": "affected",
"version": "CE9.1.4"
},
{
"status": "affected",
"version": "CE9.3.2"
},
{
"status": "affected",
"version": "CE9.4.2"
},
{
"status": "affected",
"version": "CE9.3.1"
},
{
"status": "affected",
"version": "CE9.2.5"
},
{
"status": "affected",
"version": "CE9.9.3"
},
{
"status": "affected",
"version": "CE9.5.3"
},
{
"status": "affected",
"version": "CE9.10.3"
},
{
"status": "affected",
"version": "CE9.1.5"
},
{
"status": "affected",
"version": "CE9.5.2"
},
{
"status": "affected",
"version": "CE9.4.1"
},
{
"status": "affected",
"version": "CE9.6.1"
},
{
"status": "affected",
"version": "CE9.2.4"
},
{
"status": "affected",
"version": "CE9.5.1"
},
{
"status": "affected",
"version": "CE9.10.1"
},
{
"status": "affected",
"version": "CE9.1.2"
},
{
"status": "affected",
"version": "CE9.1.1"
},
{
"status": "affected",
"version": "CE9.9.4"
},
{
"status": "affected",
"version": "CE9.2.1"
},
{
"status": "affected",
"version": "CE9.1.3"
},
{
"status": "affected",
"version": "CE9.0.1"
},
{
"status": "affected",
"version": "CE9.1.6"
},
{
"status": "affected",
"version": "CE9.2.2"
},
{
"status": "affected",
"version": "CE9.4.0"
},
{
"status": "affected",
"version": "CE9.10.0"
},
{
"status": "affected",
"version": "CE9.2.3"
},
{
"status": "affected",
"version": "CE9.12.3"
},
{
"status": "affected",
"version": "CE9.15.18.4"
},
{
"status": "affected",
"version": "CE9.15.3.14"
},
{
"status": "affected",
"version": "CE9.15.18.6"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the text rendering subsystem of Cisco TelePresence Collaboration Endpoint (CE) Software and Cisco RoomOS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.\r\n\r\nThis vulnerability is due to insufficient validation of input received by an affected device. An attacker could exploit this vulnerability by getting the affected device to render crafted text, for example, a crafted meeting invitation. As indicated in the CVSS score, no user interaction is required, such as accepting the meeting invitation. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a DoS condition."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1287",
"description": "Improper Validation of Specified Type of Input",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-12T18:49:48.060Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-tce-roomos-dos-9V9jrC2q",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-tce-roomos-dos-9V9jrC2q"
}
],
"source": {
"advisory": "cisco-sa-tce-roomos-dos-9V9jrC2q",
"defects": [
"CSCws04170"
],
"discovery": "INTERNAL"
},
"title": "Cisco TelePresence Collaboration Endpoint Software and RoomOS Software Denial of Service Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2026-20119",
"datePublished": "2026-02-04T16:12:04.796Z",
"dateReserved": "2025-10-08T11:59:15.377Z",
"dateUpdated": "2026-02-12T18:49:48.060Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-20111 (GCVE-0-2026-20111)
Vulnerability from cvelistv5 – Published: 2026-02-04 16:11 – Updated: 2026-02-04 16:41
VLAI?
Title
Cisco Prime Infrastructure Stored Cross-Site Scripting Vulnerability
Summary
A vulnerability in the web-based management interface of Cisco Prime Infrastructure could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against users of the interface of an affected system.
This vulnerability exists because the web-based management interface does not properly validate user-supplied input. An attacker could exploit this vulnerability by inserting malicious code into specific data fields in the interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. To exploit this vulnerability, an attacker must have valid administrative credentials.
Severity ?
4.8 (Medium)
CWE
- CWE-798 - Use of Hard-coded Credentials
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Prime Infrastructure |
Affected:
3.0.0
Affected: 3.1.0 Affected: 3.1.5 Affected: 2.1 Affected: 2.0.0 Affected: 3.6.0 Affected: 3.7.0 Affected: 3.4.0 Affected: 3.3.0 Affected: 3.2 Affected: 3.5.0 Affected: 3.2.0-FIPS Affected: 2.2 Affected: 3.8.0-FED Affected: 3.9.0 Affected: 3.8.0 Affected: 3.10.0 Affected: 3.1.1 Affected: 2.1.2 Affected: 2.2.1 Affected: 2.2.0 Affected: 3.0.2 Affected: 3.0.3 Affected: 3.0.1 Affected: 2.2.2 Affected: 2.2.3 Affected: 2.1.0 Affected: 2.1.1 Affected: 3.9.1 Affected: 2.0.10 Affected: 3.8.1 Affected: 3.7.1 Affected: 3.5.1 Affected: 3.4.2 Affected: 3.3.1 Affected: 3.1.7 Affected: 3.2.1 Affected: 3.2.2 Affected: 3.1.6 Affected: 3.1.2 Affected: 3.4.1 Affected: 3.1.3 Affected: 3.1.4 Affected: 3.0.6 Affected: 2.2.10 Affected: 3.0.4 Affected: 3.0.5 Affected: 2.1.56 Affected: 2.2.4 Affected: 2.2.9 Affected: 2.2.8 Affected: 2.2.5 Affected: 2.2.7 Affected: 2.0.39 Affected: 3.8_DP1 Affected: 3.9_DP1 Affected: 3.7_DP2 Affected: 3.6_DP1 Affected: 3.5_DP4 Affected: 3.5_DP2 Affected: 3.4_DP10 Affected: 3.7_DP1 Affected: 3.5_DP3 Affected: 3.4_DP11 Affected: 3.5_DP1 Affected: 3.4_DP8 Affected: 3.4_DP1 Affected: 3.4_DP3 Affected: 3.4_DP5 Affected: 3.4_DP2 Affected: 3.4_DP7 Affected: 3.4_DP6 Affected: 3.3_DP4 Affected: 3.4_DP4 Affected: 3.4_DP9 Affected: 3.1_DP16 Affected: 3.3_DP2 Affected: 3.3_DP3 Affected: 3.1_DP15 Affected: 3.3_DP1 Affected: 3.1_DP13 Affected: 3.2_DP2 Affected: 3.2_DP1 Affected: 3.2_DP3 Affected: 3.1_DP14 Affected: 3.2_DP4 Affected: 3.1_DP7 Affected: 3.1_DP10 Affected: 3.1_DP11 Affected: 3.1_DP4 Affected: 3.1_DP6 Affected: 3.1_DP12 Affected: 3.1_DP5 Affected: 3.0.7 Affected: 3.1_DP9 Affected: 3.1_DP8 Affected: 3.10_DP1 Affected: 3.10.2 Affected: 3.10.3 Affected: 3.10 Affected: 3.10.1 Affected: 3.7.1 Update 03 Affected: 3.7.1 Update 04 Affected: 3.7.1 Update 06 Affected: 3.7.1 Update 07 Affected: 3.8.1 Update 01 Affected: 3.8.1 Update 02 Affected: 3.8.1 Update 03 Affected: 3.8.1 Update 04 Affected: 3.9.1 Update 01 Affected: 3.9.1 Update 02 Affected: 3.9.1 Update 03 Affected: 3.9.1 Update 04 Affected: 3.10 Update 01 Affected: 3.4.2 Update 01 Affected: 3.6.0 Update 04 Affected: 3.6.0 Update 02 Affected: 3.6.0 Update 03 Affected: 3.6.0 Update 01 Affected: 3.5.1 Update 03 Affected: 3.5.1 Update 01 Affected: 3.5.1 Update 02 Affected: 3.7.0 Update 03 Affected: 2.2.3 Update 05 Affected: 2.2.3 Update 04 Affected: 2.2.3 Update 06 Affected: 2.2.3 Update 03 Affected: 2.2.3 Update 02 Affected: 2.2.1 Update 01 Affected: 2.2.2 Update 03 Affected: 2.2.2 Update 04 Affected: 3.8.0 Update 01 Affected: 3.8.0 Update 02 Affected: 3.7.1 Update 01 Affected: 3.7.1 Update 02 Affected: 3.7.1 Update 05 Affected: 3.9.0 Update 01 Affected: 3.3.0 Update 01 Affected: 3.4.1 Update 02 Affected: 3.4.1 Update 01 Affected: 3.5.0 Update 03 Affected: 3.5.0 Update 01 Affected: 3.5.0 Update 02 Affected: 3.10.4 Affected: 3.10.4 Update 01 Affected: 3.10.4 Update 02 Affected: 3.10.4 Update 03 Affected: 3.10.5 Affected: 3.10.6 Affected: 3.10.6 Update 01 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-20111",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-04T16:41:28.347358Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-04T16:41:39.389Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Cisco Prime Infrastructure",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "3.0.0"
},
{
"status": "affected",
"version": "3.1.0"
},
{
"status": "affected",
"version": "3.1.5"
},
{
"status": "affected",
"version": "2.1"
},
{
"status": "affected",
"version": "2.0.0"
},
{
"status": "affected",
"version": "3.6.0"
},
{
"status": "affected",
"version": "3.7.0"
},
{
"status": "affected",
"version": "3.4.0"
},
{
"status": "affected",
"version": "3.3.0"
},
{
"status": "affected",
"version": "3.2"
},
{
"status": "affected",
"version": "3.5.0"
},
{
"status": "affected",
"version": "3.2.0-FIPS"
},
{
"status": "affected",
"version": "2.2"
},
{
"status": "affected",
"version": "3.8.0-FED"
},
{
"status": "affected",
"version": "3.9.0"
},
{
"status": "affected",
"version": "3.8.0"
},
{
"status": "affected",
"version": "3.10.0"
},
{
"status": "affected",
"version": "3.1.1"
},
{
"status": "affected",
"version": "2.1.2"
},
{
"status": "affected",
"version": "2.2.1"
},
{
"status": "affected",
"version": "2.2.0"
},
{
"status": "affected",
"version": "3.0.2"
},
{
"status": "affected",
"version": "3.0.3"
},
{
"status": "affected",
"version": "3.0.1"
},
{
"status": "affected",
"version": "2.2.2"
},
{
"status": "affected",
"version": "2.2.3"
},
{
"status": "affected",
"version": "2.1.0"
},
{
"status": "affected",
"version": "2.1.1"
},
{
"status": "affected",
"version": "3.9.1"
},
{
"status": "affected",
"version": "2.0.10"
},
{
"status": "affected",
"version": "3.8.1"
},
{
"status": "affected",
"version": "3.7.1"
},
{
"status": "affected",
"version": "3.5.1"
},
{
"status": "affected",
"version": "3.4.2"
},
{
"status": "affected",
"version": "3.3.1"
},
{
"status": "affected",
"version": "3.1.7"
},
{
"status": "affected",
"version": "3.2.1"
},
{
"status": "affected",
"version": "3.2.2"
},
{
"status": "affected",
"version": "3.1.6"
},
{
"status": "affected",
"version": "3.1.2"
},
{
"status": "affected",
"version": "3.4.1"
},
{
"status": "affected",
"version": "3.1.3"
},
{
"status": "affected",
"version": "3.1.4"
},
{
"status": "affected",
"version": "3.0.6"
},
{
"status": "affected",
"version": "2.2.10"
},
{
"status": "affected",
"version": "3.0.4"
},
{
"status": "affected",
"version": "3.0.5"
},
{
"status": "affected",
"version": "2.1.56"
},
{
"status": "affected",
"version": "2.2.4"
},
{
"status": "affected",
"version": "2.2.9"
},
{
"status": "affected",
"version": "2.2.8"
},
{
"status": "affected",
"version": "2.2.5"
},
{
"status": "affected",
"version": "2.2.7"
},
{
"status": "affected",
"version": "2.0.39"
},
{
"status": "affected",
"version": "3.8_DP1"
},
{
"status": "affected",
"version": "3.9_DP1"
},
{
"status": "affected",
"version": "3.7_DP2"
},
{
"status": "affected",
"version": "3.6_DP1"
},
{
"status": "affected",
"version": "3.5_DP4"
},
{
"status": "affected",
"version": "3.5_DP2"
},
{
"status": "affected",
"version": "3.4_DP10"
},
{
"status": "affected",
"version": "3.7_DP1"
},
{
"status": "affected",
"version": "3.5_DP3"
},
{
"status": "affected",
"version": "3.4_DP11"
},
{
"status": "affected",
"version": "3.5_DP1"
},
{
"status": "affected",
"version": "3.4_DP8"
},
{
"status": "affected",
"version": "3.4_DP1"
},
{
"status": "affected",
"version": "3.4_DP3"
},
{
"status": "affected",
"version": "3.4_DP5"
},
{
"status": "affected",
"version": "3.4_DP2"
},
{
"status": "affected",
"version": "3.4_DP7"
},
{
"status": "affected",
"version": "3.4_DP6"
},
{
"status": "affected",
"version": "3.3_DP4"
},
{
"status": "affected",
"version": "3.4_DP4"
},
{
"status": "affected",
"version": "3.4_DP9"
},
{
"status": "affected",
"version": "3.1_DP16"
},
{
"status": "affected",
"version": "3.3_DP2"
},
{
"status": "affected",
"version": "3.3_DP3"
},
{
"status": "affected",
"version": "3.1_DP15"
},
{
"status": "affected",
"version": "3.3_DP1"
},
{
"status": "affected",
"version": "3.1_DP13"
},
{
"status": "affected",
"version": "3.2_DP2"
},
{
"status": "affected",
"version": "3.2_DP1"
},
{
"status": "affected",
"version": "3.2_DP3"
},
{
"status": "affected",
"version": "3.1_DP14"
},
{
"status": "affected",
"version": "3.2_DP4"
},
{
"status": "affected",
"version": "3.1_DP7"
},
{
"status": "affected",
"version": "3.1_DP10"
},
{
"status": "affected",
"version": "3.1_DP11"
},
{
"status": "affected",
"version": "3.1_DP4"
},
{
"status": "affected",
"version": "3.1_DP6"
},
{
"status": "affected",
"version": "3.1_DP12"
},
{
"status": "affected",
"version": "3.1_DP5"
},
{
"status": "affected",
"version": "3.0.7"
},
{
"status": "affected",
"version": "3.1_DP9"
},
{
"status": "affected",
"version": "3.1_DP8"
},
{
"status": "affected",
"version": "3.10_DP1"
},
{
"status": "affected",
"version": "3.10.2"
},
{
"status": "affected",
"version": "3.10.3"
},
{
"status": "affected",
"version": "3.10"
},
{
"status": "affected",
"version": "3.10.1"
},
{
"status": "affected",
"version": "3.7.1 Update 03"
},
{
"status": "affected",
"version": "3.7.1 Update 04"
},
{
"status": "affected",
"version": "3.7.1 Update 06"
},
{
"status": "affected",
"version": "3.7.1 Update 07"
},
{
"status": "affected",
"version": "3.8.1 Update 01"
},
{
"status": "affected",
"version": "3.8.1 Update 02"
},
{
"status": "affected",
"version": "3.8.1 Update 03"
},
{
"status": "affected",
"version": "3.8.1 Update 04"
},
{
"status": "affected",
"version": "3.9.1 Update 01"
},
{
"status": "affected",
"version": "3.9.1 Update 02"
},
{
"status": "affected",
"version": "3.9.1 Update 03"
},
{
"status": "affected",
"version": "3.9.1 Update 04"
},
{
"status": "affected",
"version": "3.10 Update 01"
},
{
"status": "affected",
"version": "3.4.2 Update 01"
},
{
"status": "affected",
"version": "3.6.0 Update 04"
},
{
"status": "affected",
"version": "3.6.0 Update 02"
},
{
"status": "affected",
"version": "3.6.0 Update 03"
},
{
"status": "affected",
"version": "3.6.0 Update 01"
},
{
"status": "affected",
"version": "3.5.1 Update 03"
},
{
"status": "affected",
"version": "3.5.1 Update 01"
},
{
"status": "affected",
"version": "3.5.1 Update 02"
},
{
"status": "affected",
"version": "3.7.0 Update 03"
},
{
"status": "affected",
"version": "2.2.3 Update 05"
},
{
"status": "affected",
"version": "2.2.3 Update 04"
},
{
"status": "affected",
"version": "2.2.3 Update 06"
},
{
"status": "affected",
"version": "2.2.3 Update 03"
},
{
"status": "affected",
"version": "2.2.3 Update 02"
},
{
"status": "affected",
"version": "2.2.1 Update 01"
},
{
"status": "affected",
"version": "2.2.2 Update 03"
},
{
"status": "affected",
"version": "2.2.2 Update 04"
},
{
"status": "affected",
"version": "3.8.0 Update 01"
},
{
"status": "affected",
"version": "3.8.0 Update 02"
},
{
"status": "affected",
"version": "3.7.1 Update 01"
},
{
"status": "affected",
"version": "3.7.1 Update 02"
},
{
"status": "affected",
"version": "3.7.1 Update 05"
},
{
"status": "affected",
"version": "3.9.0 Update 01"
},
{
"status": "affected",
"version": "3.3.0 Update 01"
},
{
"status": "affected",
"version": "3.4.1 Update 02"
},
{
"status": "affected",
"version": "3.4.1 Update 01"
},
{
"status": "affected",
"version": "3.5.0 Update 03"
},
{
"status": "affected",
"version": "3.5.0 Update 01"
},
{
"status": "affected",
"version": "3.5.0 Update 02"
},
{
"status": "affected",
"version": "3.10.4"
},
{
"status": "affected",
"version": "3.10.4 Update 01"
},
{
"status": "affected",
"version": "3.10.4 Update 02"
},
{
"status": "affected",
"version": "3.10.4 Update 03"
},
{
"status": "affected",
"version": "3.10.5"
},
{
"status": "affected",
"version": "3.10.6"
},
{
"status": "affected",
"version": "3.10.6 Update 01"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based management interface of Cisco Prime Infrastructure could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against users of the interface of an affected system.\r\n\r\nThis vulnerability exists because the web-based management interface does not properly validate user-supplied input. An attacker could exploit this vulnerability by inserting malicious code into specific data fields in the interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. To exploit this vulnerability, an attacker must have valid administrative credentials."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-798",
"description": "Use of Hard-coded Credentials",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-04T16:11:56.571Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-pi-xss-bYeVKCD",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-pi-xss-bYeVKCD"
}
],
"source": {
"advisory": "cisco-sa-pi-xss-bYeVKCD",
"defects": [
"CSCwo96708"
],
"discovery": "INTERNAL"
},
"title": "Cisco Prime Infrastructure Stored Cross-Site Scripting Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2026-20111",
"datePublished": "2026-02-04T16:11:56.571Z",
"dateReserved": "2025-10-08T11:59:15.374Z",
"dateUpdated": "2026-02-04T16:41:39.389Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-20123 (GCVE-0-2026-20123)
Vulnerability from cvelistv5 – Published: 2026-02-04 16:11 – Updated: 2026-02-04 16:40
VLAI?
Title
Cisco Prime Infrastructure and Evolved Programmable Network Manager Open Redirect Vulnerability
Summary
A vulnerability in the web-based management interface of Cisco Evolved Programmable Network Manager (EPNM) and Cisco Prime Infrastructure could allow an unauthenticated, remote attacker to redirect a user to a malicious web page.
This vulnerability is due to improper input validation of the parameters in the HTTP request. An attacker could exploit this vulnerability by intercepting and modifying an HTTP request from a user. A successful exploit could allow the attacker to redirect the user to a malicious web page.
Severity ?
4.3 (Medium)
CWE
- CWE-601 - URL Redirection to Untrusted Site ('Open Redirect')
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Cisco | Cisco Evolved Programmable Network Manager (EPNM) |
Affected:
7.1.1
Affected: 7.1.2.1 Affected: 7.1.3 Affected: 7.1.2 Affected: 7.1.0 Affected: 8.0.0 Affected: 8.0.0.1 Affected: 7.1.3.1 Affected: 7.1.4 Affected: 8.1.0 Affected: 8.0.1 Affected: 7.1.4.1 Affected: 8.0.1.1 |
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-20123",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-04T16:40:37.285394Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-04T16:40:42.923Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Cisco Evolved Programmable Network Manager (EPNM)",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "7.1.1"
},
{
"status": "affected",
"version": "7.1.2.1"
},
{
"status": "affected",
"version": "7.1.3"
},
{
"status": "affected",
"version": "7.1.2"
},
{
"status": "affected",
"version": "7.1.0"
},
{
"status": "affected",
"version": "8.0.0"
},
{
"status": "affected",
"version": "8.0.0.1"
},
{
"status": "affected",
"version": "7.1.3.1"
},
{
"status": "affected",
"version": "7.1.4"
},
{
"status": "affected",
"version": "8.1.0"
},
{
"status": "affected",
"version": "8.0.1"
},
{
"status": "affected",
"version": "7.1.4.1"
},
{
"status": "affected",
"version": "8.0.1.1"
}
]
},
{
"defaultStatus": "unknown",
"product": "Cisco Prime Infrastructure",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "3.10.0"
},
{
"status": "affected",
"version": "3.10.2"
},
{
"status": "affected",
"version": "3.10.3"
},
{
"status": "affected",
"version": "3.10"
},
{
"status": "affected",
"version": "3.10.1"
},
{
"status": "affected",
"version": "3.10 Update 01"
},
{
"status": "affected",
"version": "3.10.4"
},
{
"status": "affected",
"version": "3.10.4 Update 01"
},
{
"status": "affected",
"version": "3.10.4 Update 02"
},
{
"status": "affected",
"version": "3.10.4 Update 03"
},
{
"status": "affected",
"version": "3.10.5"
},
{
"status": "affected",
"version": "3.10.6"
},
{
"status": "affected",
"version": "3.10.6 Update 01"
},
{
"status": "affected",
"version": "3.10.6 Security Update 03"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based management interface of Cisco Evolved Programmable Network Manager (EPNM) and Cisco Prime Infrastructure could allow an unauthenticated, remote attacker to redirect a user to a malicious web page.\r\n\r\nThis vulnerability is due to improper input validation of the parameters in the HTTP request. An attacker could exploit this vulnerability by intercepting and modifying an HTTP request from a user. A successful exploit could allow the attacker to redirect the user to a malicious web page."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-601",
"description": "URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-04T16:11:56.495Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-epnm-pi-redirect-6sX82dN",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-epnm-pi-redirect-6sX82dN"
}
],
"source": {
"advisory": "cisco-sa-epnm-pi-redirect-6sX82dN",
"defects": [
"CSCwo86413"
],
"discovery": "EXTERNAL"
},
"title": "Cisco Prime Infrastructure and Evolved Programmable Network Manager Open Redirect Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2026-20123",
"datePublished": "2026-02-04T16:11:56.495Z",
"dateReserved": "2025-10-08T11:59:15.377Z",
"dateUpdated": "2026-02-04T16:40:42.923Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-20098 (GCVE-0-2026-20098)
Vulnerability from cvelistv5 – Published: 2026-02-04 16:11 – Updated: 2026-02-05 04:55
VLAI?
Title
Cisco Meeting Management Arbitrary File Upload Vulnerability
Summary
A vulnerability in the Certificate Management feature of Cisco Meeting Management could allow an authenticated, remote attacker to upload arbitrary files, execute arbitrary commands, and elevate privileges to root on an affected system.
This vulnerability is due to improper input validation in certain sections of the web-based management interface. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected system. A successful exploit could allow the attacker to upload arbitrary files to the affected system. The malicious files could overwrite system files that are processed by the root system account and allow arbitrary command execution with root privileges. To exploit this vulnerability, the attacker must have valid credentials for a user account with at least the role of video operator.
Severity ?
8.8 (High)
CWE
- CWE-434 - Unrestricted Upload of File with Dangerous Type
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Meeting Management |
Affected:
CMM3.4.0
Affected: CMM3.2.0 Affected: CMM2.9.1 Affected: CMM2.9.0 Affected: CMM3.1.0 Affected: CMM3.5.0 Affected: CMM3.6.0 Affected: CMM3.6.1 Affected: CMM3.7.0 Affected: CMM3.8.0 Affected: CMM3.9.0 Affected: CMM3.10.0 Affected: CMM3.9.1 Affected: CMM3.11.0 Affected: CMM3.12.0 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-20098",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-04T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-05T04:55:17.029Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Cisco Meeting Management",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "CMM3.4.0"
},
{
"status": "affected",
"version": "CMM3.2.0"
},
{
"status": "affected",
"version": "CMM2.9.1"
},
{
"status": "affected",
"version": "CMM2.9.0"
},
{
"status": "affected",
"version": "CMM3.1.0"
},
{
"status": "affected",
"version": "CMM3.5.0"
},
{
"status": "affected",
"version": "CMM3.6.0"
},
{
"status": "affected",
"version": "CMM3.6.1"
},
{
"status": "affected",
"version": "CMM3.7.0"
},
{
"status": "affected",
"version": "CMM3.8.0"
},
{
"status": "affected",
"version": "CMM3.9.0"
},
{
"status": "affected",
"version": "CMM3.10.0"
},
{
"status": "affected",
"version": "CMM3.9.1"
},
{
"status": "affected",
"version": "CMM3.11.0"
},
{
"status": "affected",
"version": "CMM3.12.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the Certificate Management feature of Cisco Meeting Management could allow an authenticated, remote attacker to upload arbitrary files, execute arbitrary commands, and elevate privileges to root on an affected system.\r\n\r\nThis vulnerability is due to improper input validation in certain sections of the web-based management interface. An attacker could exploit this vulnerability\u0026nbsp;by sending a crafted HTTP request to an affected system. A successful exploit could allow the attacker to upload arbitrary files to the affected system. The malicious files could overwrite system files that are processed by the\u0026nbsp;root system account and allow arbitrary command execution with\u0026nbsp;root privileges. To exploit this vulnerability, the attacker must have valid credentials for a user account with at least the role of video operator."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-434",
"description": "Unrestricted Upload of File with Dangerous Type",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-04T16:11:48.298Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-cmm-file-up-kY47n8kK",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cmm-file-up-kY47n8kK"
}
],
"source": {
"advisory": "cisco-sa-cmm-file-up-kY47n8kK",
"defects": [
"CSCwr97339"
],
"discovery": "EXTERNAL"
},
"title": "Cisco Meeting Management Arbitrary File Upload Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2026-20098",
"datePublished": "2026-02-04T16:11:48.298Z",
"dateReserved": "2025-10-08T11:59:15.369Z",
"dateUpdated": "2026-02-05T04:55:17.029Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-20056 (GCVE-0-2026-20056)
Vulnerability from cvelistv5 – Published: 2026-02-04 16:11 – Updated: 2026-02-04 16:40
VLAI?
Title
Cisco Secure Web Appliance TBD Bypass Vulnerability
Summary
A vulnerability in the Dynamic Vectoring and Streaming (DVS) Engine implementation of Cisco AsyncOS Software for Cisco Secure Web Appliance could allow an unauthenticated, remote attacker to bypass the anti-malware scanner, allowing malicious archive files to be downloaded.
This vulnerability is due to improper handling of certain archive files. An attacker could exploit this vulnerability by sending a crafted archive file, which should be blocked, through an affected device. A successful exploit could allow the attacker to bypass the anti-malware scanner and download malware onto an end user workstation. The downloaded malware will not automatically execute unless the end user extracts and launches the malicious file.
Severity ?
4 (Medium)
CWE
- CWE-494 - Download of Code Without Integrity Check
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Secure Web Appliance |
Affected:
11.8.0-453
Affected: 12.5.3-002 Affected: 12.0.3-007 Affected: 12.0.3-005 Affected: 14.1.0-032 Affected: 14.1.0-047 Affected: 14.1.0-041 Affected: 12.0.4-002 Affected: 14.0.2-012 Affected: 11.8.0-414 Affected: 12.0.1-268 Affected: 11.8.1-023 Affected: 11.8.3-021 Affected: 11.8.3-018 Affected: 12.5.1-011 Affected: 11.8.4-004 Affected: 12.5.2-007 Affected: 12.5.2-011 Affected: 14.5.0-498 Affected: 12.5.4-005 Affected: 12.5.4-011 Affected: 12.0.5-011 Affected: 14.0.3-014 Affected: 12.5.5-004 Affected: 12.5.5-005 Affected: 12.5.5-008 Affected: 14.0.4-005 Affected: 14.5.1-008 Affected: 14.5.1-016 Affected: 15.0.0-355 Affected: 15.0.0-322 Affected: 12.5.6-008 Affected: 15.1.0-287 Affected: 14.5.2-011 Affected: 15.2.0-116 Affected: 14.0.5-007 Affected: 15.2.0-164 Affected: 14.5.1-510 Affected: 12.0.2-012 Affected: 12.0.2-004 Affected: 14.5.1-607 Affected: 14.5.3-033 Affected: 15.0.1-004 Affected: 15.2.1-011 Affected: 14.5.0-673 Affected: 14.5.0-537 Affected: 12.0.1-334 Affected: 14.0.1-503 Affected: 14.0.1-053 Affected: 11.8.0-429 Affected: 14.0.1-040 Affected: 14.0.1-014 Affected: 12.5.1-043 Affected: 15.2.2-009 Affected: 15.5.0-566 Affected: 15.2.3-007 Affected: 15.5.0-574 Affected: 15.5.0-710 Affected: 15.2.4-022 Affected: 15.5.1-002 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-20056",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-04T16:40:05.362057Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-04T16:40:11.391Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Cisco Secure Web Appliance",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "11.8.0-453"
},
{
"status": "affected",
"version": "12.5.3-002"
},
{
"status": "affected",
"version": "12.0.3-007"
},
{
"status": "affected",
"version": "12.0.3-005"
},
{
"status": "affected",
"version": "14.1.0-032"
},
{
"status": "affected",
"version": "14.1.0-047"
},
{
"status": "affected",
"version": "14.1.0-041"
},
{
"status": "affected",
"version": "12.0.4-002"
},
{
"status": "affected",
"version": "14.0.2-012"
},
{
"status": "affected",
"version": "11.8.0-414"
},
{
"status": "affected",
"version": "12.0.1-268"
},
{
"status": "affected",
"version": "11.8.1-023"
},
{
"status": "affected",
"version": "11.8.3-021"
},
{
"status": "affected",
"version": "11.8.3-018"
},
{
"status": "affected",
"version": "12.5.1-011"
},
{
"status": "affected",
"version": "11.8.4-004"
},
{
"status": "affected",
"version": "12.5.2-007"
},
{
"status": "affected",
"version": "12.5.2-011"
},
{
"status": "affected",
"version": "14.5.0-498"
},
{
"status": "affected",
"version": "12.5.4-005"
},
{
"status": "affected",
"version": "12.5.4-011"
},
{
"status": "affected",
"version": "12.0.5-011"
},
{
"status": "affected",
"version": "14.0.3-014"
},
{
"status": "affected",
"version": "12.5.5-004"
},
{
"status": "affected",
"version": "12.5.5-005"
},
{
"status": "affected",
"version": "12.5.5-008"
},
{
"status": "affected",
"version": "14.0.4-005"
},
{
"status": "affected",
"version": "14.5.1-008"
},
{
"status": "affected",
"version": "14.5.1-016"
},
{
"status": "affected",
"version": "15.0.0-355"
},
{
"status": "affected",
"version": "15.0.0-322"
},
{
"status": "affected",
"version": "12.5.6-008"
},
{
"status": "affected",
"version": "15.1.0-287"
},
{
"status": "affected",
"version": "14.5.2-011"
},
{
"status": "affected",
"version": "15.2.0-116"
},
{
"status": "affected",
"version": "14.0.5-007"
},
{
"status": "affected",
"version": "15.2.0-164"
},
{
"status": "affected",
"version": "14.5.1-510"
},
{
"status": "affected",
"version": "12.0.2-012"
},
{
"status": "affected",
"version": "12.0.2-004"
},
{
"status": "affected",
"version": "14.5.1-607"
},
{
"status": "affected",
"version": "14.5.3-033"
},
{
"status": "affected",
"version": "15.0.1-004"
},
{
"status": "affected",
"version": "15.2.1-011"
},
{
"status": "affected",
"version": "14.5.0-673"
},
{
"status": "affected",
"version": "14.5.0-537"
},
{
"status": "affected",
"version": "12.0.1-334"
},
{
"status": "affected",
"version": "14.0.1-503"
},
{
"status": "affected",
"version": "14.0.1-053"
},
{
"status": "affected",
"version": "11.8.0-429"
},
{
"status": "affected",
"version": "14.0.1-040"
},
{
"status": "affected",
"version": "14.0.1-014"
},
{
"status": "affected",
"version": "12.5.1-043"
},
{
"status": "affected",
"version": "15.2.2-009"
},
{
"status": "affected",
"version": "15.5.0-566"
},
{
"status": "affected",
"version": "15.2.3-007"
},
{
"status": "affected",
"version": "15.5.0-574"
},
{
"status": "affected",
"version": "15.5.0-710"
},
{
"status": "affected",
"version": "15.2.4-022"
},
{
"status": "affected",
"version": "15.5.1-002"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the Dynamic Vectoring and Streaming (DVS) Engine implementation of Cisco AsyncOS Software for Cisco Secure Web Appliance could allow an unauthenticated, remote attacker to bypass the anti-malware scanner, allowing malicious archive files to be downloaded.\r\n\r\nThis vulnerability is due to improper handling of certain archive files. An attacker could exploit this vulnerability by sending a crafted archive file, which should be blocked, through an affected device. A successful exploit could allow the attacker to bypass the anti-malware scanner and download malware onto an end user workstation. The downloaded malware will not automatically execute unless the end user extracts and launches the malicious file.\u0026nbsp;"
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-494",
"description": "Download of Code Without Integrity Check",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-04T16:11:48.273Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-wsa-archive-bypass-Scx2e8zF",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wsa-archive-bypass-Scx2e8zF"
}
],
"source": {
"advisory": "cisco-sa-wsa-archive-bypass-Scx2e8zF",
"defects": [
"CSCwq69761"
],
"discovery": "EXTERNAL"
},
"title": "Cisco Secure Web Appliance TBD Bypass Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2026-20056",
"datePublished": "2026-02-04T16:11:48.273Z",
"dateReserved": "2025-10-08T11:59:15.356Z",
"dateUpdated": "2026-02-04T16:40:11.391Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-20045 (GCVE-0-2026-20045)
Vulnerability from cvelistv5 – Published: 2026-01-21 16:26 – Updated: 2026-02-13 20:33
VLAI?
Title
Cisco Unified Communications Products Remote Code Execution Vulnerability
Summary
A vulnerability in Cisco Unified Communications Manager (Unified CM), Cisco Unified Communications Manager Session Management Edition (Unified CM SME), Cisco Unified Communications Manager IM & Presence Service (Unified CM IM&P), Cisco Unity Connection, and Cisco Webex Calling Dedicated Instance could allow an unauthenticated, remote attacker to execute arbitrary commands on the underlying operating system of an affected device.
This vulnerability is due to improper validation of user-supplied input in HTTP requests. An attacker could exploit this vulnerability by sending a sequence of crafted HTTP requests to the web-based management interface of an affected device. A successful exploit could allow the attacker to obtain user-level access to the underlying operating system and then elevate privileges to root.
Note: Cisco has assigned this security advisory a Security Impact Rating (SIR) of Critical rather than High as the score indicates. The reason is that exploitation of this vulnerability could result in an attacker elevating privileges to root.
Severity ?
8.2 (High)
CWE
- CWE-94 - Improper Control of Generation of Code ('Code Injection')
Assigner
References
Impacted products
| Vendor | Product | Version | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Cisco | Cisco Unified Communications Manager |
Affected:
12.5(1)SU2
Affected: 12.5(1)SU1 Affected: 12.5(1) Affected: 12.5(1)SU3 Affected: 12.5(1)SU4 Affected: 14 Affected: 12.5(1)SU5 Affected: 14SU1 Affected: 12.5(1)SU6 Affected: 14SU2 Affected: 12.5(1)SU7 Affected: 12.5(1)SU7a Affected: 14SU3 Affected: 12.5(1)SU8 Affected: 12.5(1)SU8a Affected: 15 Affected: 15SU1 Affected: 14SU4 Affected: 14SU4a Affected: 15SU1a Affected: 12.5(1)SU9 Affected: 15SU2 Affected: 15.0.1.13010-1 Affected: 15.0.1.13011-1 Affected: 15.0.1.13012-1 Affected: 15.0.1.13013-1 Affected: 15.0.1.13014-1 Affected: 15.0.1.13015-1 Affected: 15.0.1.13016-1 Affected: 15.0.1.13017-1 Affected: 15SU3a |
||||||||||||
|
||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-20045",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-01-21T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2026-01-21",
"reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-20045"
},
"type": "kev"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-01-22T04:55:43.320Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"government-resource"
],
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-20045"
}
],
"timeline": [
{
"lang": "en",
"time": "2026-01-21T00:00:00+00:00",
"value": "CVE-2026-20045 added to CISA KEV"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Cisco Unified Communications Manager",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "12.5(1)SU2"
},
{
"status": "affected",
"version": "12.5(1)SU1"
},
{
"status": "affected",
"version": "12.5(1)"
},
{
"status": "affected",
"version": "12.5(1)SU3"
},
{
"status": "affected",
"version": "12.5(1)SU4"
},
{
"status": "affected",
"version": "14"
},
{
"status": "affected",
"version": "12.5(1)SU5"
},
{
"status": "affected",
"version": "14SU1"
},
{
"status": "affected",
"version": "12.5(1)SU6"
},
{
"status": "affected",
"version": "14SU2"
},
{
"status": "affected",
"version": "12.5(1)SU7"
},
{
"status": "affected",
"version": "12.5(1)SU7a"
},
{
"status": "affected",
"version": "14SU3"
},
{
"status": "affected",
"version": "12.5(1)SU8"
},
{
"status": "affected",
"version": "12.5(1)SU8a"
},
{
"status": "affected",
"version": "15"
},
{
"status": "affected",
"version": "15SU1"
},
{
"status": "affected",
"version": "14SU4"
},
{
"status": "affected",
"version": "14SU4a"
},
{
"status": "affected",
"version": "15SU1a"
},
{
"status": "affected",
"version": "12.5(1)SU9"
},
{
"status": "affected",
"version": "15SU2"
},
{
"status": "affected",
"version": "15.0.1.13010-1"
},
{
"status": "affected",
"version": "15.0.1.13011-1"
},
{
"status": "affected",
"version": "15.0.1.13012-1"
},
{
"status": "affected",
"version": "15.0.1.13013-1"
},
{
"status": "affected",
"version": "15.0.1.13014-1"
},
{
"status": "affected",
"version": "15.0.1.13015-1"
},
{
"status": "affected",
"version": "15.0.1.13016-1"
},
{
"status": "affected",
"version": "15.0.1.13017-1"
},
{
"status": "affected",
"version": "15SU3a"
}
]
},
{
"defaultStatus": "unknown",
"product": "Cisco Unified Communications Manager IM and Presence Service",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "12.5(1)"
},
{
"status": "affected",
"version": "12.5(1)SU1"
},
{
"status": "affected",
"version": "12.5(1)SU2"
},
{
"status": "affected",
"version": "12.5(1)SU3"
},
{
"status": "affected",
"version": "12.5(1)SU4"
},
{
"status": "affected",
"version": "14"
},
{
"status": "affected",
"version": "12.5(1)SU5"
},
{
"status": "affected",
"version": "14SU1"
},
{
"status": "affected",
"version": "12.5(1)SU6"
},
{
"status": "affected",
"version": "14SU2"
},
{
"status": "affected",
"version": "14SU2a"
},
{
"status": "affected",
"version": "12.5(1)SU7"
},
{
"status": "affected",
"version": "14SU3"
},
{
"status": "affected",
"version": "12.5(1)SU8"
},
{
"status": "affected",
"version": "15"
},
{
"status": "affected",
"version": "15SU1"
},
{
"status": "affected",
"version": "14SU4"
},
{
"status": "affected",
"version": "12.5(1)SU9"
},
{
"status": "affected",
"version": "15SU2"
},
{
"status": "affected",
"version": "15SU3"
}
]
},
{
"defaultStatus": "unknown",
"product": "Cisco Unity Connection",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "12.5(1)"
},
{
"status": "affected",
"version": "12.5(1)SU1"
},
{
"status": "affected",
"version": "12.5(1)SU2"
},
{
"status": "affected",
"version": "12.5(1)SU3"
},
{
"status": "affected",
"version": "12.5(1)SU4"
},
{
"status": "affected",
"version": "14"
},
{
"status": "affected",
"version": "12.5(1)SU5"
},
{
"status": "affected",
"version": "14SU1"
},
{
"status": "affected",
"version": "12.5(1)SU6"
},
{
"status": "affected",
"version": "14SU2"
},
{
"status": "affected",
"version": "12.5(1)SU7"
},
{
"status": "affected",
"version": "14SU3"
},
{
"status": "affected",
"version": "12.5(1)SU8"
},
{
"status": "affected",
"version": "14SU3a"
},
{
"status": "affected",
"version": "12.5(1)SU8a"
},
{
"status": "affected",
"version": "15"
},
{
"status": "affected",
"version": "15SU1"
},
{
"status": "affected",
"version": "14SU4"
},
{
"status": "affected",
"version": "12.5(1)SU9"
},
{
"status": "affected",
"version": "15SU2"
},
{
"status": "affected",
"version": "15SU3"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in Cisco Unified Communications Manager (Unified CM), Cisco Unified Communications Manager Session Management Edition (Unified CM SME), Cisco Unified Communications Manager IM \u0026amp; Presence Service (Unified CM IM\u0026amp;P), Cisco Unity Connection, and Cisco Webex Calling Dedicated Instance could allow an unauthenticated, remote attacker to execute arbitrary commands on the underlying operating system of an affected device.\u0026nbsp;\r\n\r\nThis vulnerability is due to improper validation of user-supplied input in HTTP requests. An attacker could exploit this vulnerability by sending a sequence of crafted HTTP requests to the web-based management interface of an affected device. A successful exploit could allow the attacker to obtain user-level access to the underlying operating system and then elevate privileges to root.\u0026nbsp;\r\nNote: Cisco has assigned this security advisory a Security Impact Rating (SIR) of Critical rather than High as the score indicates. The reason is that exploitation of this vulnerability could result in an attacker elevating privileges to root."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is aware of attempted exploitation of this vulnerability in the wild. Cisco strongly recommends that customers upgrade to a fixed software release to remediate this vulnerability."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-94",
"description": "Improper Control of Generation of Code (\u0027Code Injection\u0027)",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-13T20:33:31.808Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-voice-rce-mORhqY4b",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-voice-rce-mORhqY4b"
}
],
"source": {
"advisory": "cisco-sa-voice-rce-mORhqY4b",
"defects": [
"CSCwr21851"
],
"discovery": "EXTERNAL"
},
"title": "Cisco Unified Communications Products Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2026-20045",
"datePublished": "2026-01-21T16:26:20.312Z",
"dateReserved": "2025-10-08T11:59:15.354Z",
"dateUpdated": "2026-02-13T20:33:31.808Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-20109 (GCVE-0-2026-20109)
Vulnerability from cvelistv5 – Published: 2026-01-21 16:26 – Updated: 2026-01-21 16:46
VLAI?
Title
Cisco Packaged Contact Center Enterprise and Cisco Unified Contact Center Enterprise Cross-Site Scripting Vulnerability
Summary
Multiple vulnerabilities in the web-based management interface of Cisco Packaged Contact Center Enterprise (Packaged CCE) and Cisco Unified Contact Center Enterprise (Unified CCE) could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device.
These vulnerabilities exist because the web-based management interface does not properly validate user-supplied input. An attacker could exploit these vulnerabilities by injecting malicious code into specific pages of the interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. To exploit these vulnerabilities, the attacker must have valid administrative credentials.
Severity ?
4.8 (Medium)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Cisco | Cisco Packaged Contact Center Enterprise |
Affected:
12.5(1)
Affected: 11.0(1) Affected: 12.0(1) Affected: 11.0(2) Affected: 11.5(1) Affected: 10.5(1) Affected: 10.5(2) Affected: 11.6(2) Affected: 10.5(1)_ES7 Affected: 11.6(1) Affected: 10.5(2)_ES8 Affected: 12.6(1) Affected: 12.5(2) Affected: 12.6(2) Affected: 15.0(1) |
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-20109",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-01-21T16:45:34.998195Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-01-21T16:46:11.154Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Cisco Packaged Contact Center Enterprise",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "12.5(1)"
},
{
"status": "affected",
"version": "11.0(1)"
},
{
"status": "affected",
"version": "12.0(1)"
},
{
"status": "affected",
"version": "11.0(2)"
},
{
"status": "affected",
"version": "11.5(1)"
},
{
"status": "affected",
"version": "10.5(1)"
},
{
"status": "affected",
"version": "10.5(2)"
},
{
"status": "affected",
"version": "11.6(2)"
},
{
"status": "affected",
"version": "10.5(1)_ES7"
},
{
"status": "affected",
"version": "11.6(1)"
},
{
"status": "affected",
"version": "10.5(2)_ES8"
},
{
"status": "affected",
"version": "12.6(1)"
},
{
"status": "affected",
"version": "12.5(2)"
},
{
"status": "affected",
"version": "12.6(2)"
},
{
"status": "affected",
"version": "15.0(1)"
}
]
},
{
"defaultStatus": "unknown",
"product": "Cisco Unified Contact Center Enterprise",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "12.6(1)ES3"
},
{
"status": "affected",
"version": "12.6(1)ES1"
},
{
"status": "affected",
"version": "12.6(1)"
},
{
"status": "affected",
"version": "12.6(1)ES2"
},
{
"status": "affected",
"version": "12.6(1)SecurityPatch"
},
{
"status": "affected",
"version": "12.5(1)ES1"
},
{
"status": "affected",
"version": "12.5(1)"
},
{
"status": "affected",
"version": "12.6(1)ES4"
},
{
"status": "affected",
"version": "11.0(1)"
},
{
"status": "affected",
"version": "10.5(1)"
},
{
"status": "affected",
"version": "12.0(1)"
},
{
"status": "affected",
"version": "10.5"
},
{
"status": "affected",
"version": "11.0"
},
{
"status": "affected",
"version": "11.5"
},
{
"status": "affected",
"version": "12.6(2)"
},
{
"status": "affected",
"version": "12.6(2)ES1"
},
{
"status": "affected",
"version": "12.6(2)ES2"
},
{
"status": "affected",
"version": "15.0(1)"
},
{
"status": "affected",
"version": "12.6(2)ES3"
},
{
"status": "affected",
"version": "15.0(1)ET01"
},
{
"status": "affected",
"version": "15.0(1)_SP1"
},
{
"status": "affected",
"version": "15.0(1)ES202508"
},
{
"status": "affected",
"version": "12.6(2)_ES"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Multiple vulnerabilities in the web-based management interface of Cisco Packaged Contact Center Enterprise (Packaged CCE) and Cisco Unified Contact Center Enterprise (Unified CCE) could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device.\u0026nbsp;\r\n\r\nThese vulnerabilities exist because the web-based management interface does not properly validate user-supplied input. An attacker could exploit these vulnerabilities by injecting malicious code into specific pages of the interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. To exploit these vulnerabilities, the attacker must have valid administrative credentials."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-21T16:26:19.268Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-ucce-pcce-xss-2JVyg3uD",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ucce-pcce-xss-2JVyg3uD"
}
],
"source": {
"advisory": "cisco-sa-ucce-pcce-xss-2JVyg3uD",
"defects": [
"CSCwr61043"
],
"discovery": "INTERNAL"
},
"title": "Cisco Packaged Contact Center Enterprise and Cisco Unified Contact Center Enterprise Cross-Site Scripting Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2026-20109",
"datePublished": "2026-01-21T16:26:19.268Z",
"dateReserved": "2025-10-08T11:59:15.374Z",
"dateUpdated": "2026-01-21T16:46:11.154Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-20080 (GCVE-0-2026-20080)
Vulnerability from cvelistv5 – Published: 2026-01-21 16:26 – Updated: 2026-01-21 16:47
VLAI?
Title
Cisco IEC6400 Edge Compute Appliance SSH Denial of Service Vulnerability
Summary
A vulnerability in the SSH service of Cisco IEC6400 Wireless Backhaul Edge Compute Software could allow an unauthenticated, remote attacker to cause the SSH service to stop responding.
This vulnerability exists because the SSH service lacks effective flood protection. An attacker could exploit this vulnerability by initiating a denial of service (DoS) attack against the SSH port. A successful exploit could allow the attacker to cause the SSH service to be unresponsive during the period of the DoS attack. All other operations remain stable during the attack.
Severity ?
5.3 (Medium)
CWE
- CWE-400 - Uncontrolled Resource Consumption
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Ultra-Reliable Wireless Backhaul |
Affected:
1.0.0
Affected: 1.1.0 Affected: 1.0.2 Affected: 1.0.1 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-20080",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-01-21T16:47:12.943836Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-01-21T16:47:39.610Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Cisco Ultra-Reliable Wireless Backhaul",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "1.0.0"
},
{
"status": "affected",
"version": "1.1.0"
},
{
"status": "affected",
"version": "1.0.2"
},
{
"status": "affected",
"version": "1.0.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the SSH service of Cisco IEC6400 Wireless Backhaul Edge Compute Software could allow an unauthenticated, remote attacker to cause the SSH service to stop responding.\r\n\r\nThis vulnerability exists because the SSH service lacks effective flood protection. An attacker could exploit this vulnerability by initiating a denial of service (DoS) attack against the SSH port. A successful exploit could allow the attacker to cause the SSH service to be unresponsive during the period of the DoS attack. All other operations remain stable during the attack."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-400",
"description": "Uncontrolled Resource Consumption",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-21T16:26:06.467Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-iec6400-Pem5uQ7v",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iec6400-Pem5uQ7v"
}
],
"source": {
"advisory": "cisco-sa-iec6400-Pem5uQ7v",
"defects": [
"CSCws02393"
],
"discovery": "INTERNAL"
},
"title": "Cisco IEC6400 Edge Compute Appliance SSH Denial of Service Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2026-20080",
"datePublished": "2026-01-21T16:26:06.467Z",
"dateReserved": "2025-10-08T11:59:15.363Z",
"dateUpdated": "2026-01-21T16:47:39.610Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-20055 (GCVE-0-2026-20055)
Vulnerability from cvelistv5 – Published: 2026-01-21 16:26 – Updated: 2026-01-21 16:50
VLAI?
Title
Cisco Packaged Contact Center Enterprise & Cisco Unified Contact Center Enterprise Cross-Site Scripting Vulnerability
Summary
Multiple vulnerabilities in the web-based management interface of Cisco Packaged Contact Center Enterprise (Packaged CCE) and Cisco Unified Contact Center Enterprise (Unified CCE) could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device.
These vulnerabilities exist because the web-based management interface does not properly validate user-supplied input. An attacker could exploit these vulnerabilities by injecting malicious code into specific pages of the interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. To exploit these vulnerabilities, the attacker must have valid administrative credentials.
Severity ?
4.8 (Medium)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Cisco | Cisco Packaged Contact Center Enterprise |
Affected:
12.5(1)
Affected: 11.0(1) Affected: 12.0(1) Affected: 11.0(2) Affected: 11.5(1) Affected: 10.5(1) Affected: 10.5(2) Affected: 11.6(2) Affected: 10.5(1)_ES7 Affected: 11.6(1) Affected: 10.5(2)_ES8 Affected: 12.6(1) Affected: 12.5(2) Affected: 12.6(2) Affected: 15.0(1) |
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-20055",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-01-21T16:49:34.459898Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-01-21T16:50:04.517Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Cisco Packaged Contact Center Enterprise",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "12.5(1)"
},
{
"status": "affected",
"version": "11.0(1)"
},
{
"status": "affected",
"version": "12.0(1)"
},
{
"status": "affected",
"version": "11.0(2)"
},
{
"status": "affected",
"version": "11.5(1)"
},
{
"status": "affected",
"version": "10.5(1)"
},
{
"status": "affected",
"version": "10.5(2)"
},
{
"status": "affected",
"version": "11.6(2)"
},
{
"status": "affected",
"version": "10.5(1)_ES7"
},
{
"status": "affected",
"version": "11.6(1)"
},
{
"status": "affected",
"version": "10.5(2)_ES8"
},
{
"status": "affected",
"version": "12.6(1)"
},
{
"status": "affected",
"version": "12.5(2)"
},
{
"status": "affected",
"version": "12.6(2)"
},
{
"status": "affected",
"version": "15.0(1)"
}
]
},
{
"defaultStatus": "unknown",
"product": "Cisco Unified Contact Center Enterprise",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "12.6(1)ES3"
},
{
"status": "affected",
"version": "12.6(1)ES1"
},
{
"status": "affected",
"version": "12.6(1)"
},
{
"status": "affected",
"version": "12.6(1)ES2"
},
{
"status": "affected",
"version": "12.6(1)SecurityPatch"
},
{
"status": "affected",
"version": "12.5(1)ES1"
},
{
"status": "affected",
"version": "12.5(1)"
},
{
"status": "affected",
"version": "12.6(1)ES4"
},
{
"status": "affected",
"version": "11.0(1)"
},
{
"status": "affected",
"version": "10.5(1)"
},
{
"status": "affected",
"version": "12.0(1)"
},
{
"status": "affected",
"version": "10.5"
},
{
"status": "affected",
"version": "11.0"
},
{
"status": "affected",
"version": "11.5"
},
{
"status": "affected",
"version": "12.6(2)"
},
{
"status": "affected",
"version": "12.6(2)ES1"
},
{
"status": "affected",
"version": "12.6(2)ES2"
},
{
"status": "affected",
"version": "15.0(1)"
},
{
"status": "affected",
"version": "12.6(2)ES3"
},
{
"status": "affected",
"version": "15.0(1)ET01"
},
{
"status": "affected",
"version": "15.0(1)_SP1"
},
{
"status": "affected",
"version": "15.0(1)ES202508"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Multiple vulnerabilities in the web-based management interface of Cisco Packaged Contact Center Enterprise (Packaged CCE) and Cisco Unified Contact Center Enterprise (Unified CCE) could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device.\u0026nbsp;\r\n\r\nThese vulnerabilities exist because the web-based management interface does not properly validate user-supplied input. An attacker could exploit these vulnerabilities by injecting malicious code into specific pages of the interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. To exploit these vulnerabilities, the attacker must have valid administrative credentials."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-21T16:26:05.871Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-ucce-pcce-xss-2JVyg3uD",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ucce-pcce-xss-2JVyg3uD"
}
],
"source": {
"advisory": "cisco-sa-ucce-pcce-xss-2JVyg3uD",
"defects": [
"CSCwp27481"
],
"discovery": "EXTERNAL"
},
"title": "Cisco Packaged Contact Center Enterprise \u0026 Cisco Unified Contact Center Enterprise Cross-Site Scripting Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2026-20055",
"datePublished": "2026-01-21T16:26:05.871Z",
"dateReserved": "2025-10-08T11:59:15.355Z",
"dateUpdated": "2026-01-21T16:50:04.517Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-20092 (GCVE-0-2026-20092)
Vulnerability from cvelistv5 – Published: 2026-01-21 16:26 – Updated: 2026-01-22 04:55
VLAI?
Title
Cisco Intersight Virtual Appliance Privilege Escalation Vulnerability
Summary
A vulnerability in the read-only maintenance shell of Cisco Intersight Virtual Appliance could allow an authenticated, local attacker with administrative privileges to elevate privileges to root on the virtual appliance.
This vulnerability is due to improper file permissions on configuration files for system accounts within the maintenance shell of the virtual appliance. An attacker could exploit this vulnerability by accessing the maintenance shell as a read-only administrator and manipulating system files to grant root privileges. A successful exploit could allow the attacker to elevate their privileges to root on the virtual appliance and gain full control of the appliance, giving them the ability to access sensitive information, modify workloads and configurations on the host system, and cause a denial of service (DoS).
Severity ?
6 (Medium)
CWE
- CWE-732 - Incorrect Permission Assignment for Critical Resource
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Intersight Virtual Appliance |
Affected:
1.1.4-0
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-20092",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-01-21T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-01-22T04:55:44.456Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Cisco Intersight Virtual Appliance",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "1.1.4-0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the read-only maintenance shell of Cisco Intersight Virtual Appliance could allow an authenticated, local attacker with administrative privileges to elevate privileges to root on the virtual appliance.\r\n\r\nThis vulnerability is due to improper file permissions on configuration files for system accounts within the maintenance shell of the virtual appliance. An attacker could exploit this vulnerability by accessing the maintenance shell as a read-only administrator and manipulating system files to grant root privileges. A successful exploit could allow the attacker to elevate their privileges to\u0026nbsp;root on the virtual appliance and gain full control of the appliance, giving them the ability to access sensitive information, modify workloads and configurations on the host system, and cause a denial of service (DoS)."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-732",
"description": "Incorrect Permission Assignment for Critical Resource",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-21T16:26:05.298Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-intersight-privesc-p6tBm6jk",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-intersight-privesc-p6tBm6jk"
}
],
"source": {
"advisory": "cisco-sa-intersight-privesc-p6tBm6jk",
"defects": [
"CSCwr55647"
],
"discovery": "INTERNAL"
},
"title": "Cisco Intersight Virtual Appliance Privilege Escalation Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2026-20092",
"datePublished": "2026-01-21T16:26:05.298Z",
"dateReserved": "2025-10-08T11:59:15.368Z",
"dateUpdated": "2026-01-22T04:55:44.456Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-20047 (GCVE-0-2026-20047)
Vulnerability from cvelistv5 – Published: 2026-01-15 16:32 – Updated: 2026-01-16 04:55
VLAI?
Title
Cisco Identity Services Engine Cross-Site Scripting Vulnerability
Summary
A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) and Cisco ISE Passive Identity Connector (ISE-PIC) could allow an authenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface.
This vulnerability is due to insufficient validation of user-supplied input by the web-based management interface of an affected system. An attacker could exploit this vulnerability by injecting malicious code into specific pages of the interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. To exploit this vulnerability, the attacker must have valid administrative credentials.
Severity ?
4.8 (Medium)
CWE
- CWE-80 - Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Identity Services Engine Software |
Affected:
3.1.0
Affected: 3.1.0 p1 Affected: 3.1.0 p3 Affected: 3.1.0 p2 Affected: 3.2.0 Affected: 3.1.0 p4 Affected: 3.1.0 p5 Affected: 3.2.0 p1 Affected: 3.1.0 p6 Affected: 3.2.0 p2 Affected: 3.1.0 p7 Affected: 3.3.0 Affected: 3.2.0 p3 Affected: 3.2.0 p4 Affected: 3.1.0 p8 Affected: 3.2.0 p5 Affected: 3.2.0 p6 Affected: 3.1.0 p9 Affected: 3.3 Patch 2 Affected: 3.3 Patch 1 Affected: 3.3 Patch 3 Affected: 3.4.0 Affected: 3.2.0 p7 Affected: 3.3 Patch 4 Affected: 3.4 Patch 1 Affected: 3.1.0 p10 Affected: 3.3 Patch 5 Affected: 3.3 Patch 6 Affected: 3.4 Patch 2 Affected: 3.3 Patch 7 Affected: 3.4 Patch 3 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-20047",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-01-15T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-01-16T04:55:52.838Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Cisco Identity Services Engine Software",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "3.1.0"
},
{
"status": "affected",
"version": "3.1.0 p1"
},
{
"status": "affected",
"version": "3.1.0 p3"
},
{
"status": "affected",
"version": "3.1.0 p2"
},
{
"status": "affected",
"version": "3.2.0"
},
{
"status": "affected",
"version": "3.1.0 p4"
},
{
"status": "affected",
"version": "3.1.0 p5"
},
{
"status": "affected",
"version": "3.2.0 p1"
},
{
"status": "affected",
"version": "3.1.0 p6"
},
{
"status": "affected",
"version": "3.2.0 p2"
},
{
"status": "affected",
"version": "3.1.0 p7"
},
{
"status": "affected",
"version": "3.3.0"
},
{
"status": "affected",
"version": "3.2.0 p3"
},
{
"status": "affected",
"version": "3.2.0 p4"
},
{
"status": "affected",
"version": "3.1.0 p8"
},
{
"status": "affected",
"version": "3.2.0 p5"
},
{
"status": "affected",
"version": "3.2.0 p6"
},
{
"status": "affected",
"version": "3.1.0 p9"
},
{
"status": "affected",
"version": "3.3 Patch 2"
},
{
"status": "affected",
"version": "3.3 Patch 1"
},
{
"status": "affected",
"version": "3.3 Patch 3"
},
{
"status": "affected",
"version": "3.4.0"
},
{
"status": "affected",
"version": "3.2.0 p7"
},
{
"status": "affected",
"version": "3.3 Patch 4"
},
{
"status": "affected",
"version": "3.4 Patch 1"
},
{
"status": "affected",
"version": "3.1.0 p10"
},
{
"status": "affected",
"version": "3.3 Patch 5"
},
{
"status": "affected",
"version": "3.3 Patch 6"
},
{
"status": "affected",
"version": "3.4 Patch 2"
},
{
"status": "affected",
"version": "3.3 Patch 7"
},
{
"status": "affected",
"version": "3.4 Patch 3"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) and Cisco ISE Passive Identity Connector (ISE-PIC) could allow an authenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface.\r\n\r\nThis vulnerability is due to insufficient validation of user-supplied input by the web-based management interface of an affected system. An attacker could exploit this vulnerability by injecting malicious code into specific pages of the interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. To exploit this vulnerability, the attacker must have valid administrative credentials."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-80",
"description": "Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-15T16:32:15.578Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-ise-xss-964cdxW5",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-xss-964cdxW5"
}
],
"source": {
"advisory": "cisco-sa-ise-xss-964cdxW5",
"defects": [
"CSCwq83752"
],
"discovery": "INTERNAL"
},
"title": "Cisco Identity Services Engine Cross-Site Scripting Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2026-20047",
"datePublished": "2026-01-15T16:32:15.578Z",
"dateReserved": "2025-10-08T11:59:15.355Z",
"dateUpdated": "2026-01-16T04:55:52.838Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-20075 (GCVE-0-2026-20075)
Vulnerability from cvelistv5 – Published: 2026-01-15 16:32 – Updated: 2026-01-15 18:11
VLAI?
Title
Cisco Evolved Programmable Network Manager and Cisco Prime Infrastructure Stored Cross-Site Scripting Vulnerability
Summary
A vulnerability in the web-based management interface of Cisco Evolved Programmable Network Manager (EPNM) and Cisco Prime Infrastructure could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against users of the interface of an affected system.
This vulnerability exists because the web-based management interface does not properly validate user-supplied input. An attacker could exploit this vulnerability by inserting malicious code into specific data fields in the interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. To exploit this vulnerability, an attacker must have valid administrative credentials.
Severity ?
4.8 (Medium)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Cisco | Cisco Evolved Programmable Network Manager (EPNM) |
Affected:
3.0.1
Affected: 3.1.2 Affected: 1.2 Affected: 3.1.1 Affected: 3.1.3 Affected: 3.1 Affected: 3.0.3 Affected: 3.0.2 Affected: 3.0 Affected: 2.2 Affected: 1.1 Affected: 2.1 Affected: 2.0 Affected: 4.1 Affected: 4.1.1 Affected: 4.0.3 Affected: 4.0.1 Affected: 4.0.2 Affected: 4.0 Affected: 5.0 Affected: 5.0.1 Affected: 5.1.1 Affected: 5.1 Affected: 5.0.2 Affected: 5.1.2 Affected: 5.1.3 Affected: 5.1.4 Affected: 6.1.1 Affected: 6.1 Affected: 6.0.0 Affected: 6.0.1 Affected: 6.0.2 Affected: 7.0.0 Affected: 1.2.5 Affected: 1.2.6 Affected: 2.0.1 Affected: 1.2.2 Affected: 1.2.3 Affected: 1.2.4 Affected: 1.2.7 Affected: 1.2.1.2 Affected: 2.2.1 Affected: 2.1.3 Affected: 2.0.2 Affected: 2.0.3 Affected: 2.1.2 Affected: 2.0.4 Affected: 2.1.1 Affected: 5.0.2.5 Affected: 5.1.4.3 Affected: 6.0.2.1 Affected: 6.1.1.1 Affected: 5.0.2.1 Affected: 5.0.2.2 Affected: 5.0.2.3 Affected: 5.0.2.4 Affected: 5.1.4.1 Affected: 5.1.4.2 Affected: 2.1.4 Affected: 2.2.4 Affected: 2.2.3 Affected: 2.2.5 Affected: 5.1.3.2 Affected: 5.1.3.1 Affected: 6.0.1.1 Affected: 4.1.1.2 Affected: 4.1.1.1 Affected: 4.0.3.1 Affected: 2.0.1.1 Affected: 2.1.1.3 Affected: 2.1.1.1 Affected: 2.1.1.4 Affected: 2.0.4.2 Affected: 2.0.4.1 Affected: 2.1.2.2 Affected: 2.1.2.3 Affected: 2.0.2.1 Affected: 2.1.3.4 Affected: 2.1.3.3 Affected: 2.1.3.2 Affected: 2.1.3.5 Affected: 2.2.1.2 Affected: 2.2.1.1 Affected: 2.2.1.4 Affected: 2.2.1.3 Affected: 1.2.4.2 Affected: 1.2.2.4 Affected: 6.0.3 Affected: 5.1.4.4 Affected: 5.0.2.6 Affected: 6.0.3.1 Affected: 6.1.2 Affected: 6.1.1.2.2 Affected: 6.1.2.1 Affected: 6.1.2.2 Affected: 7.1.1 Affected: 7.1.2.1 Affected: 7.0.1.3 Affected: 7.1.3 Affected: 7.1.2 Affected: 7.0.1.2 Affected: 7.0.1.1 Affected: 7.0.1 Affected: 7.1.0 Affected: 8.0.0 Affected: 6.1.2.3 Affected: 8.0.0.1 Affected: 7.1.3.1 Affected: 7.1.4 Affected: 8.1.0 Affected: 8.1.1 Affected: 8.0.1 Affected: 8.0.1.1 |
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-20075",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-01-15T18:11:47.229568Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-01-15T18:11:54.678Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Cisco Evolved Programmable Network Manager (EPNM)",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "3.0.1"
},
{
"status": "affected",
"version": "3.1.2"
},
{
"status": "affected",
"version": "1.2"
},
{
"status": "affected",
"version": "3.1.1"
},
{
"status": "affected",
"version": "3.1.3"
},
{
"status": "affected",
"version": "3.1"
},
{
"status": "affected",
"version": "3.0.3"
},
{
"status": "affected",
"version": "3.0.2"
},
{
"status": "affected",
"version": "3.0"
},
{
"status": "affected",
"version": "2.2"
},
{
"status": "affected",
"version": "1.1"
},
{
"status": "affected",
"version": "2.1"
},
{
"status": "affected",
"version": "2.0"
},
{
"status": "affected",
"version": "4.1"
},
{
"status": "affected",
"version": "4.1.1"
},
{
"status": "affected",
"version": "4.0.3"
},
{
"status": "affected",
"version": "4.0.1"
},
{
"status": "affected",
"version": "4.0.2"
},
{
"status": "affected",
"version": "4.0"
},
{
"status": "affected",
"version": "5.0"
},
{
"status": "affected",
"version": "5.0.1"
},
{
"status": "affected",
"version": "5.1.1"
},
{
"status": "affected",
"version": "5.1"
},
{
"status": "affected",
"version": "5.0.2"
},
{
"status": "affected",
"version": "5.1.2"
},
{
"status": "affected",
"version": "5.1.3"
},
{
"status": "affected",
"version": "5.1.4"
},
{
"status": "affected",
"version": "6.1.1"
},
{
"status": "affected",
"version": "6.1"
},
{
"status": "affected",
"version": "6.0.0"
},
{
"status": "affected",
"version": "6.0.1"
},
{
"status": "affected",
"version": "6.0.2"
},
{
"status": "affected",
"version": "7.0.0"
},
{
"status": "affected",
"version": "1.2.5"
},
{
"status": "affected",
"version": "1.2.6"
},
{
"status": "affected",
"version": "2.0.1"
},
{
"status": "affected",
"version": "1.2.2"
},
{
"status": "affected",
"version": "1.2.3"
},
{
"status": "affected",
"version": "1.2.4"
},
{
"status": "affected",
"version": "1.2.7"
},
{
"status": "affected",
"version": "1.2.1.2"
},
{
"status": "affected",
"version": "2.2.1"
},
{
"status": "affected",
"version": "2.1.3"
},
{
"status": "affected",
"version": "2.0.2"
},
{
"status": "affected",
"version": "2.0.3"
},
{
"status": "affected",
"version": "2.1.2"
},
{
"status": "affected",
"version": "2.0.4"
},
{
"status": "affected",
"version": "2.1.1"
},
{
"status": "affected",
"version": "5.0.2.5"
},
{
"status": "affected",
"version": "5.1.4.3"
},
{
"status": "affected",
"version": "6.0.2.1"
},
{
"status": "affected",
"version": "6.1.1.1"
},
{
"status": "affected",
"version": "5.0.2.1"
},
{
"status": "affected",
"version": "5.0.2.2"
},
{
"status": "affected",
"version": "5.0.2.3"
},
{
"status": "affected",
"version": "5.0.2.4"
},
{
"status": "affected",
"version": "5.1.4.1"
},
{
"status": "affected",
"version": "5.1.4.2"
},
{
"status": "affected",
"version": "2.1.4"
},
{
"status": "affected",
"version": "2.2.4"
},
{
"status": "affected",
"version": "2.2.3"
},
{
"status": "affected",
"version": "2.2.5"
},
{
"status": "affected",
"version": "5.1.3.2"
},
{
"status": "affected",
"version": "5.1.3.1"
},
{
"status": "affected",
"version": "6.0.1.1"
},
{
"status": "affected",
"version": "4.1.1.2"
},
{
"status": "affected",
"version": "4.1.1.1"
},
{
"status": "affected",
"version": "4.0.3.1"
},
{
"status": "affected",
"version": "2.0.1.1"
},
{
"status": "affected",
"version": "2.1.1.3"
},
{
"status": "affected",
"version": "2.1.1.1"
},
{
"status": "affected",
"version": "2.1.1.4"
},
{
"status": "affected",
"version": "2.0.4.2"
},
{
"status": "affected",
"version": "2.0.4.1"
},
{
"status": "affected",
"version": "2.1.2.2"
},
{
"status": "affected",
"version": "2.1.2.3"
},
{
"status": "affected",
"version": "2.0.2.1"
},
{
"status": "affected",
"version": "2.1.3.4"
},
{
"status": "affected",
"version": "2.1.3.3"
},
{
"status": "affected",
"version": "2.1.3.2"
},
{
"status": "affected",
"version": "2.1.3.5"
},
{
"status": "affected",
"version": "2.2.1.2"
},
{
"status": "affected",
"version": "2.2.1.1"
},
{
"status": "affected",
"version": "2.2.1.4"
},
{
"status": "affected",
"version": "2.2.1.3"
},
{
"status": "affected",
"version": "1.2.4.2"
},
{
"status": "affected",
"version": "1.2.2.4"
},
{
"status": "affected",
"version": "6.0.3"
},
{
"status": "affected",
"version": "5.1.4.4"
},
{
"status": "affected",
"version": "5.0.2.6"
},
{
"status": "affected",
"version": "6.0.3.1"
},
{
"status": "affected",
"version": "6.1.2"
},
{
"status": "affected",
"version": "6.1.1.2.2"
},
{
"status": "affected",
"version": "6.1.2.1"
},
{
"status": "affected",
"version": "6.1.2.2"
},
{
"status": "affected",
"version": "7.1.1"
},
{
"status": "affected",
"version": "7.1.2.1"
},
{
"status": "affected",
"version": "7.0.1.3"
},
{
"status": "affected",
"version": "7.1.3"
},
{
"status": "affected",
"version": "7.1.2"
},
{
"status": "affected",
"version": "7.0.1.2"
},
{
"status": "affected",
"version": "7.0.1.1"
},
{
"status": "affected",
"version": "7.0.1"
},
{
"status": "affected",
"version": "7.1.0"
},
{
"status": "affected",
"version": "8.0.0"
},
{
"status": "affected",
"version": "6.1.2.3"
},
{
"status": "affected",
"version": "8.0.0.1"
},
{
"status": "affected",
"version": "7.1.3.1"
},
{
"status": "affected",
"version": "7.1.4"
},
{
"status": "affected",
"version": "8.1.0"
},
{
"status": "affected",
"version": "8.1.1"
},
{
"status": "affected",
"version": "8.0.1"
},
{
"status": "affected",
"version": "8.0.1.1"
}
]
},
{
"defaultStatus": "unknown",
"product": "Cisco Prime Infrastructure",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "3.0.0"
},
{
"status": "affected",
"version": "3.1.0"
},
{
"status": "affected",
"version": "3.1.5"
},
{
"status": "affected",
"version": "2.1"
},
{
"status": "affected",
"version": "2.0.0"
},
{
"status": "affected",
"version": "3.6.0"
},
{
"status": "affected",
"version": "3.7.0"
},
{
"status": "affected",
"version": "3.4.0"
},
{
"status": "affected",
"version": "3.3.0"
},
{
"status": "affected",
"version": "3.2"
},
{
"status": "affected",
"version": "3.5.0"
},
{
"status": "affected",
"version": "3.2.0-FIPS"
},
{
"status": "affected",
"version": "2.2"
},
{
"status": "affected",
"version": "3.8.0-FED"
},
{
"status": "affected",
"version": "3.9.0"
},
{
"status": "affected",
"version": "3.8.0"
},
{
"status": "affected",
"version": "3.10.0"
},
{
"status": "affected",
"version": "3.1.1"
},
{
"status": "affected",
"version": "2.1.2"
},
{
"status": "affected",
"version": "2.2.1"
},
{
"status": "affected",
"version": "2.2.0"
},
{
"status": "affected",
"version": "3.0.2"
},
{
"status": "affected",
"version": "3.0.3"
},
{
"status": "affected",
"version": "3.0.1"
},
{
"status": "affected",
"version": "2.2.2"
},
{
"status": "affected",
"version": "2.2.3"
},
{
"status": "affected",
"version": "2.1.0"
},
{
"status": "affected",
"version": "2.1.1"
},
{
"status": "affected",
"version": "3.9.1"
},
{
"status": "affected",
"version": "2.0.10"
},
{
"status": "affected",
"version": "3.8.1"
},
{
"status": "affected",
"version": "3.7.1"
},
{
"status": "affected",
"version": "3.5.1"
},
{
"status": "affected",
"version": "3.4.2"
},
{
"status": "affected",
"version": "3.3.1"
},
{
"status": "affected",
"version": "3.1.7"
},
{
"status": "affected",
"version": "3.2.1"
},
{
"status": "affected",
"version": "3.2.2"
},
{
"status": "affected",
"version": "3.1.6"
},
{
"status": "affected",
"version": "3.1.2"
},
{
"status": "affected",
"version": "3.4.1"
},
{
"status": "affected",
"version": "3.1.3"
},
{
"status": "affected",
"version": "3.1.4"
},
{
"status": "affected",
"version": "3.0.6"
},
{
"status": "affected",
"version": "2.2.10"
},
{
"status": "affected",
"version": "3.0.4"
},
{
"status": "affected",
"version": "3.0.5"
},
{
"status": "affected",
"version": "2.1.56"
},
{
"status": "affected",
"version": "2.2.4"
},
{
"status": "affected",
"version": "2.2.9"
},
{
"status": "affected",
"version": "2.2.8"
},
{
"status": "affected",
"version": "2.2.5"
},
{
"status": "affected",
"version": "2.2.7"
},
{
"status": "affected",
"version": "2.0.39"
},
{
"status": "affected",
"version": "3.8_DP1"
},
{
"status": "affected",
"version": "3.9_DP1"
},
{
"status": "affected",
"version": "3.7_DP2"
},
{
"status": "affected",
"version": "3.6_DP1"
},
{
"status": "affected",
"version": "3.5_DP4"
},
{
"status": "affected",
"version": "3.5_DP2"
},
{
"status": "affected",
"version": "3.4_DP10"
},
{
"status": "affected",
"version": "3.7_DP1"
},
{
"status": "affected",
"version": "3.5_DP3"
},
{
"status": "affected",
"version": "3.4_DP11"
},
{
"status": "affected",
"version": "3.5_DP1"
},
{
"status": "affected",
"version": "3.4_DP8"
},
{
"status": "affected",
"version": "3.4_DP1"
},
{
"status": "affected",
"version": "3.4_DP3"
},
{
"status": "affected",
"version": "3.4_DP5"
},
{
"status": "affected",
"version": "3.4_DP2"
},
{
"status": "affected",
"version": "3.4_DP7"
},
{
"status": "affected",
"version": "3.4_DP6"
},
{
"status": "affected",
"version": "3.3_DP4"
},
{
"status": "affected",
"version": "3.4_DP4"
},
{
"status": "affected",
"version": "3.4_DP9"
},
{
"status": "affected",
"version": "3.1_DP16"
},
{
"status": "affected",
"version": "3.3_DP2"
},
{
"status": "affected",
"version": "3.3_DP3"
},
{
"status": "affected",
"version": "3.1_DP15"
},
{
"status": "affected",
"version": "3.3_DP1"
},
{
"status": "affected",
"version": "3.1_DP13"
},
{
"status": "affected",
"version": "3.2_DP2"
},
{
"status": "affected",
"version": "3.2_DP1"
},
{
"status": "affected",
"version": "3.2_DP3"
},
{
"status": "affected",
"version": "3.1_DP14"
},
{
"status": "affected",
"version": "3.2_DP4"
},
{
"status": "affected",
"version": "3.1_DP7"
},
{
"status": "affected",
"version": "3.1_DP10"
},
{
"status": "affected",
"version": "3.1_DP11"
},
{
"status": "affected",
"version": "3.1_DP4"
},
{
"status": "affected",
"version": "3.1_DP6"
},
{
"status": "affected",
"version": "3.1_DP12"
},
{
"status": "affected",
"version": "3.1_DP5"
},
{
"status": "affected",
"version": "3.0.7"
},
{
"status": "affected",
"version": "3.1_DP9"
},
{
"status": "affected",
"version": "3.1_DP8"
},
{
"status": "affected",
"version": "3.10_DP1"
},
{
"status": "affected",
"version": "3.10.2"
},
{
"status": "affected",
"version": "3.10.3"
},
{
"status": "affected",
"version": "3.10"
},
{
"status": "affected",
"version": "3.10.1"
},
{
"status": "affected",
"version": "3.7.1 Update 03"
},
{
"status": "affected",
"version": "3.7.1 Update 04"
},
{
"status": "affected",
"version": "3.7.1 Update 06"
},
{
"status": "affected",
"version": "3.7.1 Update 07"
},
{
"status": "affected",
"version": "3.8.1 Update 01"
},
{
"status": "affected",
"version": "3.8.1 Update 02"
},
{
"status": "affected",
"version": "3.8.1 Update 03"
},
{
"status": "affected",
"version": "3.8.1 Update 04"
},
{
"status": "affected",
"version": "3.9.1 Update 01"
},
{
"status": "affected",
"version": "3.9.1 Update 02"
},
{
"status": "affected",
"version": "3.9.1 Update 03"
},
{
"status": "affected",
"version": "3.9.1 Update 04"
},
{
"status": "affected",
"version": "3.10 Update 01"
},
{
"status": "affected",
"version": "3.4.2 Update 01"
},
{
"status": "affected",
"version": "3.6.0 Update 04"
},
{
"status": "affected",
"version": "3.6.0 Update 02"
},
{
"status": "affected",
"version": "3.6.0 Update 03"
},
{
"status": "affected",
"version": "3.6.0 Update 01"
},
{
"status": "affected",
"version": "3.5.1 Update 03"
},
{
"status": "affected",
"version": "3.5.1 Update 01"
},
{
"status": "affected",
"version": "3.5.1 Update 02"
},
{
"status": "affected",
"version": "3.7.0 Update 03"
},
{
"status": "affected",
"version": "2.2.3 Update 05"
},
{
"status": "affected",
"version": "2.2.3 Update 04"
},
{
"status": "affected",
"version": "2.2.3 Update 06"
},
{
"status": "affected",
"version": "2.2.3 Update 03"
},
{
"status": "affected",
"version": "2.2.3 Update 02"
},
{
"status": "affected",
"version": "2.2.1 Update 01"
},
{
"status": "affected",
"version": "2.2.2 Update 03"
},
{
"status": "affected",
"version": "2.2.2 Update 04"
},
{
"status": "affected",
"version": "3.8.0 Update 01"
},
{
"status": "affected",
"version": "3.8.0 Update 02"
},
{
"status": "affected",
"version": "3.7.1 Update 01"
},
{
"status": "affected",
"version": "3.7.1 Update 02"
},
{
"status": "affected",
"version": "3.7.1 Update 05"
},
{
"status": "affected",
"version": "3.9.0 Update 01"
},
{
"status": "affected",
"version": "3.3.0 Update 01"
},
{
"status": "affected",
"version": "3.4.1 Update 02"
},
{
"status": "affected",
"version": "3.4.1 Update 01"
},
{
"status": "affected",
"version": "3.5.0 Update 03"
},
{
"status": "affected",
"version": "3.5.0 Update 01"
},
{
"status": "affected",
"version": "3.5.0 Update 02"
},
{
"status": "affected",
"version": "3.10.4"
},
{
"status": "affected",
"version": "3.10.4 Update 01"
},
{
"status": "affected",
"version": "3.10.4 Update 02"
},
{
"status": "affected",
"version": "3.10.4 Update 03"
},
{
"status": "affected",
"version": "3.10.5"
},
{
"status": "affected",
"version": "3.10.6"
},
{
"status": "affected",
"version": "3.10.6 Update 01"
},
{
"status": "affected",
"version": "3.10.6 Update 02"
},
{
"status": "affected",
"version": "3.10.6 Security Update 03"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based management interface of Cisco Evolved Programmable Network Manager (EPNM) and Cisco Prime Infrastructure could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against users of the interface of an affected system.\r\n\r\nThis vulnerability exists because the web-based management interface does not properly validate user-supplied input. An attacker could exploit this vulnerability by inserting malicious code into specific data fields in the interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. To exploit this vulnerability, an attacker must have valid administrative credentials."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-15T16:32:15.838Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-epnm-pi-stored-xss-GEkX8yWK",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-epnm-pi-stored-xss-GEkX8yWK"
}
],
"source": {
"advisory": "cisco-sa-epnm-pi-stored-xss-GEkX8yWK",
"defects": [
"CSCwp95134"
],
"discovery": "INTERNAL"
},
"title": "Cisco Evolved Programmable Network Manager and Cisco Prime Infrastructure Stored Cross-Site Scripting Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2026-20075",
"datePublished": "2026-01-15T16:32:15.838Z",
"dateReserved": "2025-10-08T11:59:15.362Z",
"dateUpdated": "2026-01-15T18:11:54.678Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-20076 (GCVE-0-2026-20076)
Vulnerability from cvelistv5 – Published: 2026-01-15 16:32 – Updated: 2026-01-16 04:55
VLAI?
Title
Cisco Identity Services Engine Stored Cross-Site Scripting Vulnerability
Summary
A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface.
This vulnerability is due to insufficient validation of user-supplied input by the web-based management interface of an affected system. An attacker could exploit this vulnerability by injecting malicious code into specific pages of the interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. To exploit this vulnerability, the attacker must have valid administrative credentials.
Severity ?
4.8 (Medium)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Identity Services Engine Software |
Affected:
3.1.0
Affected: 3.1.0 p1 Affected: 3.1.0 p3 Affected: 3.1.0 p2 Affected: 3.2.0 Affected: 3.1.0 p4 Affected: 3.1.0 p5 Affected: 3.2.0 p1 Affected: 3.1.0 p6 Affected: 3.2.0 p2 Affected: 3.1.0 p7 Affected: 3.3.0 Affected: 3.2.0 p3 Affected: 3.2.0 p4 Affected: 3.1.0 p8 Affected: 3.2.0 p5 Affected: 3.2.0 p6 Affected: 3.1.0 p9 Affected: 3.3 Patch 2 Affected: 3.3 Patch 1 Affected: 3.3 Patch 3 Affected: 3.4.0 Affected: 3.2.0 p7 Affected: 3.3 Patch 4 Affected: 3.1.0 p10 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-20076",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-01-15T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-01-16T04:55:53.964Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Cisco Identity Services Engine Software",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "3.1.0"
},
{
"status": "affected",
"version": "3.1.0 p1"
},
{
"status": "affected",
"version": "3.1.0 p3"
},
{
"status": "affected",
"version": "3.1.0 p2"
},
{
"status": "affected",
"version": "3.2.0"
},
{
"status": "affected",
"version": "3.1.0 p4"
},
{
"status": "affected",
"version": "3.1.0 p5"
},
{
"status": "affected",
"version": "3.2.0 p1"
},
{
"status": "affected",
"version": "3.1.0 p6"
},
{
"status": "affected",
"version": "3.2.0 p2"
},
{
"status": "affected",
"version": "3.1.0 p7"
},
{
"status": "affected",
"version": "3.3.0"
},
{
"status": "affected",
"version": "3.2.0 p3"
},
{
"status": "affected",
"version": "3.2.0 p4"
},
{
"status": "affected",
"version": "3.1.0 p8"
},
{
"status": "affected",
"version": "3.2.0 p5"
},
{
"status": "affected",
"version": "3.2.0 p6"
},
{
"status": "affected",
"version": "3.1.0 p9"
},
{
"status": "affected",
"version": "3.3 Patch 2"
},
{
"status": "affected",
"version": "3.3 Patch 1"
},
{
"status": "affected",
"version": "3.3 Patch 3"
},
{
"status": "affected",
"version": "3.4.0"
},
{
"status": "affected",
"version": "3.2.0 p7"
},
{
"status": "affected",
"version": "3.3 Patch 4"
},
{
"status": "affected",
"version": "3.1.0 p10"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface.\r\n\r\nThis vulnerability is due to insufficient validation of user-supplied input by the web-based management interface of an affected system. An attacker could exploit this vulnerability by injecting malicious code into specific pages of the interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. To exploit this vulnerability, the attacker must have valid administrative credentials."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-15T16:32:03.744Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-ise-xss-9TDh2kx",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-xss-9TDh2kx"
}
],
"source": {
"advisory": "cisco-sa-ise-xss-9TDh2kx",
"defects": [
"CSCwk20177"
],
"discovery": "EXTERNAL"
},
"title": "Cisco Identity Services Engine Stored Cross-Site Scripting Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2026-20076",
"datePublished": "2026-01-15T16:32:03.744Z",
"dateReserved": "2025-10-08T11:59:15.362Z",
"dateUpdated": "2026-01-16T04:55:53.964Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-20027 (GCVE-0-2026-20027)
Vulnerability from cvelistv5 – Published: 2026-01-07 16:23 – Updated: 2026-02-12 18:48
VLAI?
Title
Cisco Snort DCERPC Stub Data Out of Bounds Read
Summary
Multiple Cisco products are affected by a vulnerability in the processing of DCE/RPC requests that could allow an unauthenticated, remote attacker to cause the Snort 3 Detection Engine to leak sensitive information or to restart, resulting in an interruption of packet inspection.
This vulnerability is due to an error in buffer handling logic when processing DCE/RPC requests, which can result in a buffer out-of-bounds read. An attacker could exploit this vulnerability by sending a large number of DCE/RPC requests through an established connection that is inspected by Snort 3. A successful exploit could allow the attacker to obtain sensitive information in the Snort 3 data stream.
Severity ?
5.3 (Medium)
CWE
- CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Cisco | Cisco Secure Firewall Threat Defense (FTD) Software |
Affected:
7.0.0
Affected: 7.0.0.1 Affected: 7.0.1 Affected: 7.1.0 Affected: 7.0.1.1 Affected: 7.1.0.1 Affected: 7.0.2 Affected: 7.2.0 Affected: 7.0.2.1 Affected: 7.0.3 Affected: 7.1.0.2 Affected: 7.2.0.1 Affected: 7.0.4 Affected: 7.2.1 Affected: 7.0.5 Affected: 7.3.0 Affected: 7.2.2 Affected: 7.2.3 Affected: 7.3.1 Affected: 7.1.0.3 Affected: 7.2.4 Affected: 7.0.6 Affected: 7.2.5 Affected: 7.2.4.1 Affected: 7.3.1.1 Affected: 7.4.0 Affected: 7.0.6.1 Affected: 7.2.5.1 Affected: 7.4.1 Affected: 7.2.6 Affected: 7.0.6.2 Affected: 7.4.1.1 Affected: 7.2.7 Affected: 7.2.5.2 Affected: 7.3.1.2 Affected: 7.2.8 Affected: 7.6.0 Affected: 7.4.2 Affected: 7.2.8.1 Affected: 7.0.6.3 Affected: 7.4.2.1 Affected: 7.2.9 Affected: 7.0.7 Affected: 7.7.0 Affected: 7.4.2.2 Affected: 7.2.10 Affected: 7.6.1 Affected: 7.4.2.3 Affected: 7.0.8 Affected: 7.6.2 Affected: 7.7.10 Affected: 7.0.8.1 Affected: 7.6.2.1 Affected: 7.7.10.1 Affected: 7.4.2.4 Affected: 7.2.10.2 Affected: 7.4.3 |
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-20027",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-01-07T16:50:48.278861Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-01-07T16:51:44.957Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Cisco Secure Firewall Threat Defense (FTD) Software",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "7.0.0"
},
{
"status": "affected",
"version": "7.0.0.1"
},
{
"status": "affected",
"version": "7.0.1"
},
{
"status": "affected",
"version": "7.1.0"
},
{
"status": "affected",
"version": "7.0.1.1"
},
{
"status": "affected",
"version": "7.1.0.1"
},
{
"status": "affected",
"version": "7.0.2"
},
{
"status": "affected",
"version": "7.2.0"
},
{
"status": "affected",
"version": "7.0.2.1"
},
{
"status": "affected",
"version": "7.0.3"
},
{
"status": "affected",
"version": "7.1.0.2"
},
{
"status": "affected",
"version": "7.2.0.1"
},
{
"status": "affected",
"version": "7.0.4"
},
{
"status": "affected",
"version": "7.2.1"
},
{
"status": "affected",
"version": "7.0.5"
},
{
"status": "affected",
"version": "7.3.0"
},
{
"status": "affected",
"version": "7.2.2"
},
{
"status": "affected",
"version": "7.2.3"
},
{
"status": "affected",
"version": "7.3.1"
},
{
"status": "affected",
"version": "7.1.0.3"
},
{
"status": "affected",
"version": "7.2.4"
},
{
"status": "affected",
"version": "7.0.6"
},
{
"status": "affected",
"version": "7.2.5"
},
{
"status": "affected",
"version": "7.2.4.1"
},
{
"status": "affected",
"version": "7.3.1.1"
},
{
"status": "affected",
"version": "7.4.0"
},
{
"status": "affected",
"version": "7.0.6.1"
},
{
"status": "affected",
"version": "7.2.5.1"
},
{
"status": "affected",
"version": "7.4.1"
},
{
"status": "affected",
"version": "7.2.6"
},
{
"status": "affected",
"version": "7.0.6.2"
},
{
"status": "affected",
"version": "7.4.1.1"
},
{
"status": "affected",
"version": "7.2.7"
},
{
"status": "affected",
"version": "7.2.5.2"
},
{
"status": "affected",
"version": "7.3.1.2"
},
{
"status": "affected",
"version": "7.2.8"
},
{
"status": "affected",
"version": "7.6.0"
},
{
"status": "affected",
"version": "7.4.2"
},
{
"status": "affected",
"version": "7.2.8.1"
},
{
"status": "affected",
"version": "7.0.6.3"
},
{
"status": "affected",
"version": "7.4.2.1"
},
{
"status": "affected",
"version": "7.2.9"
},
{
"status": "affected",
"version": "7.0.7"
},
{
"status": "affected",
"version": "7.7.0"
},
{
"status": "affected",
"version": "7.4.2.2"
},
{
"status": "affected",
"version": "7.2.10"
},
{
"status": "affected",
"version": "7.6.1"
},
{
"status": "affected",
"version": "7.4.2.3"
},
{
"status": "affected",
"version": "7.0.8"
},
{
"status": "affected",
"version": "7.6.2"
},
{
"status": "affected",
"version": "7.7.10"
},
{
"status": "affected",
"version": "7.0.8.1"
},
{
"status": "affected",
"version": "7.6.2.1"
},
{
"status": "affected",
"version": "7.7.10.1"
},
{
"status": "affected",
"version": "7.4.2.4"
},
{
"status": "affected",
"version": "7.2.10.2"
},
{
"status": "affected",
"version": "7.4.3"
}
]
},
{
"defaultStatus": "unknown",
"product": "Cisco UTD SNORT IPS Engine Software",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "3.17.1S"
},
{
"status": "affected",
"version": "16.12.3"
},
{
"status": "affected",
"version": "Fuji-16.9.5"
},
{
"status": "affected",
"version": "16.12.4"
},
{
"status": "affected",
"version": "17.3.1a"
},
{
"status": "affected",
"version": "16.6.6"
},
{
"status": "affected",
"version": "16.12.2"
},
{
"status": "affected",
"version": "Fuji-16.9.6"
},
{
"status": "affected",
"version": "3.17.0S"
},
{
"status": "affected",
"version": "Fuji-16.9.3"
},
{
"status": "affected",
"version": "Denali-16.3.7"
},
{
"status": "affected",
"version": "Fuji-16.9.2"
},
{
"status": "affected",
"version": "Fuji-16.9.4"
},
{
"status": "affected",
"version": "Everest-16.6.4"
},
{
"status": "affected",
"version": "Everest-16.6.3"
},
{
"status": "affected",
"version": "16.6.5"
},
{
"status": "affected",
"version": "Denali-16.3.5"
},
{
"status": "affected",
"version": "17.2.1r"
},
{
"status": "affected",
"version": "17.1.1"
},
{
"status": "affected",
"version": "Everest-16.6.2"
},
{
"status": "affected",
"version": "16.6.7a"
},
{
"status": "affected",
"version": "Denali-16.3.4"
},
{
"status": "affected",
"version": "16.6.1"
},
{
"status": "affected",
"version": "Denali-16.3.9"
},
{
"status": "affected",
"version": "Denali-16.3.3"
},
{
"status": "affected",
"version": "16.12.1a"
},
{
"status": "affected",
"version": "17.3.2"
},
{
"status": "affected",
"version": "17.4.1a"
},
{
"status": "affected",
"version": "16.12.5"
},
{
"status": "affected",
"version": "17.5.1"
},
{
"status": "affected",
"version": "Fuji-16.9.7"
},
{
"status": "affected",
"version": "16.6.9"
},
{
"status": "affected",
"version": "17.3.3"
},
{
"status": "affected",
"version": "17.5.1a"
},
{
"status": "affected",
"version": "17.3.4"
},
{
"status": "affected",
"version": "17.3.4a"
},
{
"status": "affected",
"version": "17.4.2"
},
{
"status": "affected",
"version": "17.4.1b"
},
{
"status": "affected",
"version": "17.6.1a"
},
{
"status": "affected",
"version": "16.6.10"
},
{
"status": "affected",
"version": "17.7.1a"
},
{
"status": "affected",
"version": "16.12.6"
},
{
"status": "affected",
"version": "Fuji-16.9.8"
},
{
"status": "affected",
"version": "17.6.2"
},
{
"status": "affected",
"version": "17.8.1a"
},
{
"status": "affected",
"version": "16.12.7"
},
{
"status": "affected",
"version": "17.3.5"
},
{
"status": "affected",
"version": "17.6.3"
},
{
"status": "affected",
"version": "17.6.3a"
},
{
"status": "affected",
"version": "17.7.2"
},
{
"status": "affected",
"version": "17.9.1a"
},
{
"status": "affected",
"version": "17.6.4"
},
{
"status": "affected",
"version": "17.10.1a"
},
{
"status": "affected",
"version": "17.3.6"
},
{
"status": "affected",
"version": "16.12.8"
},
{
"status": "affected",
"version": "17.3.7"
},
{
"status": "affected",
"version": "17.9.2a"
},
{
"status": "affected",
"version": "17.6.5"
},
{
"status": "affected",
"version": "17.11.1a"
},
{
"status": "affected",
"version": "17.9.3a"
},
{
"status": "affected",
"version": "17.12.1a"
},
{
"status": "affected",
"version": "17.9.4"
},
{
"status": "affected",
"version": "17.6.6"
},
{
"status": "affected",
"version": "17.3.8"
},
{
"status": "affected",
"version": "17.3.8a"
},
{
"status": "affected",
"version": "17.6.6a"
},
{
"status": "affected",
"version": "17.9.4a"
},
{
"status": "affected",
"version": "17.12.2"
},
{
"status": "affected",
"version": "17.13.1a"
},
{
"status": "affected",
"version": "17.9.5a"
},
{
"status": "affected",
"version": "17.12.3"
},
{
"status": "affected",
"version": "17.6.7"
},
{
"status": "affected",
"version": "17.14.1a"
},
{
"status": "affected",
"version": "17.12.4"
},
{
"status": "affected",
"version": "17.12.3a"
},
{
"status": "affected",
"version": "17.15.1a"
},
{
"status": "affected",
"version": "17.6.8"
},
{
"status": "affected",
"version": "17.9.6"
},
{
"status": "affected",
"version": "17.6.8a"
},
{
"status": "affected",
"version": "17.16.1a"
},
{
"status": "affected",
"version": "17.9.5e"
},
{
"status": "affected",
"version": "17.12.4a"
},
{
"status": "affected",
"version": "17.15.2c"
},
{
"status": "affected",
"version": "17.9.5f"
},
{
"status": "affected",
"version": "17.12.4b"
},
{
"status": "affected",
"version": "17.15.2a"
},
{
"status": "affected",
"version": "17.12.5"
},
{
"status": "affected",
"version": "17.17.1"
},
{
"status": "affected",
"version": "17.12.5a"
},
{
"status": "affected",
"version": "17.9.7a"
},
{
"status": "affected",
"version": "17.15.3a"
},
{
"status": "affected",
"version": "17.15.3"
},
{
"status": "affected",
"version": "17.12.5b"
},
{
"status": "affected",
"version": "17.12.5c"
},
{
"status": "affected",
"version": "17.15.4"
},
{
"status": "affected",
"version": "17.9.7b"
},
{
"status": "affected",
"version": "17.18.1"
},
{
"status": "affected",
"version": "17.18.1a"
},
{
"status": "affected",
"version": "17.12.6"
},
{
"status": "affected",
"version": "17.9.8"
},
{
"status": "affected",
"version": "17.15.4c"
},
{
"status": "affected",
"version": "17.12.5d"
},
{
"status": "affected",
"version": "17.18.2"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Multiple Cisco products are affected by a vulnerability in the processing of DCE/RPC requests that could allow an unauthenticated, remote attacker to cause the Snort 3 Detection Engine to leak sensitive information or to restart, resulting in an interruption of packet inspection.\r\n\r\nThis vulnerability is due to an error in buffer handling logic when processing DCE/RPC requests, which can result in a buffer out-of-bounds read. An attacker could exploit this vulnerability by sending a large number of DCE/RPC requests through an established connection that is inspected by Snort 3. A successful exploit could allow the attacker to obtain sensitive information in the Snort 3 data stream."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "Exposure of Sensitive Information to an Unauthorized Actor",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-12T18:48:32.446Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-snort3-dcerpc-vulns-J9HNF4tH",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snort3-dcerpc-vulns-J9HNF4tH"
}
],
"source": {
"advisory": "cisco-sa-snort3-dcerpc-vulns-J9HNF4tH",
"defects": [
"CSCwq75359"
],
"discovery": "EXTERNAL"
},
"title": "Cisco Snort DCERPC Stub Data Out of Bounds Read"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2026-20027",
"datePublished": "2026-01-07T16:23:43.301Z",
"dateReserved": "2025-10-08T11:59:15.352Z",
"dateUpdated": "2026-02-12T18:48:32.446Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-20029 (GCVE-0-2026-20029)
Vulnerability from cvelistv5 – Published: 2026-01-07 16:23 – Updated: 2026-01-07 16:40
VLAI?
Title
Cisco Identity Services Engine XML External Entity Processing Information Disclosure Vulnerability
Summary
A vulnerability in the licensing features of Cisco Identity Services Engine (ISE) and Cisco ISE Passive Identity Connector (ISE-PIC) could allow an authenticated, remote attacker with administrative privileges to gain access to sensitive information.
This vulnerability is due to improper parsing of XML that is processed by the web-based management interface of Cisco ISE and Cisco ISE-PIC. An attacker could exploit this vulnerability by uploading a malicious file to the application. A successful exploit could allow the attacker to read arbitrary files from the underlying operating system that could include sensitive data that should otherwise be inaccessible even to administrators. To exploit this vulnerability, the attacker must have valid administrative credentials.
Severity ?
4.9 (Medium)
CWE
- CWE-611 - Improper Restriction of XML External Entity Reference
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Identity Services Engine Software |
Affected:
3.1.0
Affected: 3.1.0 p1 Affected: 3.1.0 p3 Affected: 3.1.0 p2 Affected: 3.2.0 Affected: 3.1.0 p4 Affected: 3.1.0 p5 Affected: 3.2.0 p1 Affected: 3.1.0 p6 Affected: 3.2.0 p2 Affected: 3.1.0 p7 Affected: 3.3.0 Affected: 3.2.0 p3 Affected: 3.2.0 p4 Affected: 3.1.0 p8 Affected: 3.2.0 p5 Affected: 3.2.0 p6 Affected: 3.1.0 p9 Affected: 3.3 Patch 2 Affected: 3.3 Patch 1 Affected: 3.3 Patch 3 Affected: 3.4.0 Affected: 3.2.0 p7 Affected: 3.3 Patch 4 Affected: 3.4 Patch 1 Affected: 3.1.0 p10 Affected: 3.3 Patch 5 Affected: 3.3 Patch 6 Affected: 3.4 Patch 2 Affected: 3.3 Patch 7 Affected: 3.4 Patch 3 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-20029",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-01-07T16:40:33.564050Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-01-07T16:40:58.555Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Cisco Identity Services Engine Software",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "3.1.0"
},
{
"status": "affected",
"version": "3.1.0 p1"
},
{
"status": "affected",
"version": "3.1.0 p3"
},
{
"status": "affected",
"version": "3.1.0 p2"
},
{
"status": "affected",
"version": "3.2.0"
},
{
"status": "affected",
"version": "3.1.0 p4"
},
{
"status": "affected",
"version": "3.1.0 p5"
},
{
"status": "affected",
"version": "3.2.0 p1"
},
{
"status": "affected",
"version": "3.1.0 p6"
},
{
"status": "affected",
"version": "3.2.0 p2"
},
{
"status": "affected",
"version": "3.1.0 p7"
},
{
"status": "affected",
"version": "3.3.0"
},
{
"status": "affected",
"version": "3.2.0 p3"
},
{
"status": "affected",
"version": "3.2.0 p4"
},
{
"status": "affected",
"version": "3.1.0 p8"
},
{
"status": "affected",
"version": "3.2.0 p5"
},
{
"status": "affected",
"version": "3.2.0 p6"
},
{
"status": "affected",
"version": "3.1.0 p9"
},
{
"status": "affected",
"version": "3.3 Patch 2"
},
{
"status": "affected",
"version": "3.3 Patch 1"
},
{
"status": "affected",
"version": "3.3 Patch 3"
},
{
"status": "affected",
"version": "3.4.0"
},
{
"status": "affected",
"version": "3.2.0 p7"
},
{
"status": "affected",
"version": "3.3 Patch 4"
},
{
"status": "affected",
"version": "3.4 Patch 1"
},
{
"status": "affected",
"version": "3.1.0 p10"
},
{
"status": "affected",
"version": "3.3 Patch 5"
},
{
"status": "affected",
"version": "3.3 Patch 6"
},
{
"status": "affected",
"version": "3.4 Patch 2"
},
{
"status": "affected",
"version": "3.3 Patch 7"
},
{
"status": "affected",
"version": "3.4 Patch 3"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the licensing features of\u0026nbsp;Cisco Identity Services Engine (ISE) and Cisco ISE Passive Identity Connector (ISE-PIC) could allow an authenticated, remote attacker with administrative privileges to gain access to sensitive information.\u0026nbsp;\r\n\r\nThis vulnerability is due to improper parsing of XML that is processed by the web-based management interface of Cisco ISE and Cisco ISE-PIC. An attacker could exploit this vulnerability by uploading a malicious file to the application. A successful exploit could allow the attacker to read arbitrary files from the underlying operating system that could include sensitive data that should otherwise be inaccessible even to administrators. To exploit this vulnerability, the attacker must have valid administrative credentials."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is aware that proof-of-concept exploit code is available for the vulnerability described in this advisory.\r\n\r\nThe Cisco PSIRT is not aware of any malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-611",
"description": "Improper Restriction of XML External Entity Reference",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-07T16:23:43.372Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-ise-xxe-jWSbSDKt",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-xxe-jWSbSDKt"
}
],
"source": {
"advisory": "cisco-sa-ise-xxe-jWSbSDKt",
"defects": [
"CSCwq79739"
],
"discovery": "EXTERNAL"
},
"title": "Cisco Identity Services Engine XML External Entity Processing Information Disclosure Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2026-20029",
"datePublished": "2026-01-07T16:23:43.372Z",
"dateReserved": "2025-10-08T11:59:15.353Z",
"dateUpdated": "2026-01-07T16:40:58.555Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-20026 (GCVE-0-2026-20026)
Vulnerability from cvelistv5 – Published: 2026-01-07 16:23 – Updated: 2026-02-12 18:48
VLAI?
Title
Multiple Cisco Products Snort 3 DCERPC Vulnerabilities
Summary
Multiple Cisco products are affected by a vulnerability in the processing of DCE/RPC requests that could allow an unauthenticated, remote attacker to cause the Snort 3 Detection Engine to leak sensitive information or to restart, resulting in an interruption of packet inspection.
This vulnerability is due to an error in buffer handling logic when processing DCE/RPC requests, which can result in a buffer use-after-free read. An attacker could exploit this vulnerability by sending a large number of DCE/RPC requests through an established connection that is inspected by Snort 3. A successful exploit could allow the attacker to unexpectedly restart the Snort 3 Detection Engine, which could cause a denial of service (DoS).
Severity ?
5.8 (Medium)
CWE
- CWE-415 - Double Free
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Cisco | Cisco Secure Firewall Threat Defense (FTD) Software |
Affected:
7.0.0
Affected: 7.0.0.1 Affected: 7.0.1 Affected: 7.1.0 Affected: 7.0.1.1 Affected: 7.1.0.1 Affected: 7.0.2 Affected: 7.2.0 Affected: 7.0.2.1 Affected: 7.0.3 Affected: 7.1.0.2 Affected: 7.2.0.1 Affected: 7.0.4 Affected: 7.2.1 Affected: 7.0.5 Affected: 7.3.0 Affected: 7.2.2 Affected: 7.2.3 Affected: 7.3.1 Affected: 7.1.0.3 Affected: 7.2.4 Affected: 7.0.6 Affected: 7.2.5 Affected: 7.2.4.1 Affected: 7.3.1.1 Affected: 7.4.0 Affected: 7.0.6.1 Affected: 7.2.5.1 Affected: 7.4.1 Affected: 7.2.6 Affected: 7.0.6.2 Affected: 7.4.1.1 Affected: 7.2.7 Affected: 7.2.5.2 Affected: 7.3.1.2 Affected: 7.2.8 Affected: 7.6.0 Affected: 7.4.2 Affected: 7.2.8.1 Affected: 7.0.6.3 Affected: 7.4.2.1 Affected: 7.2.9 Affected: 7.0.7 Affected: 7.7.0 Affected: 7.4.2.2 Affected: 7.2.10 Affected: 7.6.1 Affected: 7.4.2.3 Affected: 7.0.8 Affected: 7.6.2 Affected: 7.7.10 Affected: 7.0.8.1 Affected: 7.6.2.1 Affected: 7.7.10.1 Affected: 7.4.2.4 Affected: 7.2.10.2 Affected: 7.4.3 |
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-20026",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-01-07T16:53:28.503254Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-01-07T16:54:24.277Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Cisco Secure Firewall Threat Defense (FTD) Software",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "7.0.0"
},
{
"status": "affected",
"version": "7.0.0.1"
},
{
"status": "affected",
"version": "7.0.1"
},
{
"status": "affected",
"version": "7.1.0"
},
{
"status": "affected",
"version": "7.0.1.1"
},
{
"status": "affected",
"version": "7.1.0.1"
},
{
"status": "affected",
"version": "7.0.2"
},
{
"status": "affected",
"version": "7.2.0"
},
{
"status": "affected",
"version": "7.0.2.1"
},
{
"status": "affected",
"version": "7.0.3"
},
{
"status": "affected",
"version": "7.1.0.2"
},
{
"status": "affected",
"version": "7.2.0.1"
},
{
"status": "affected",
"version": "7.0.4"
},
{
"status": "affected",
"version": "7.2.1"
},
{
"status": "affected",
"version": "7.0.5"
},
{
"status": "affected",
"version": "7.3.0"
},
{
"status": "affected",
"version": "7.2.2"
},
{
"status": "affected",
"version": "7.2.3"
},
{
"status": "affected",
"version": "7.3.1"
},
{
"status": "affected",
"version": "7.1.0.3"
},
{
"status": "affected",
"version": "7.2.4"
},
{
"status": "affected",
"version": "7.0.6"
},
{
"status": "affected",
"version": "7.2.5"
},
{
"status": "affected",
"version": "7.2.4.1"
},
{
"status": "affected",
"version": "7.3.1.1"
},
{
"status": "affected",
"version": "7.4.0"
},
{
"status": "affected",
"version": "7.0.6.1"
},
{
"status": "affected",
"version": "7.2.5.1"
},
{
"status": "affected",
"version": "7.4.1"
},
{
"status": "affected",
"version": "7.2.6"
},
{
"status": "affected",
"version": "7.0.6.2"
},
{
"status": "affected",
"version": "7.4.1.1"
},
{
"status": "affected",
"version": "7.2.7"
},
{
"status": "affected",
"version": "7.2.5.2"
},
{
"status": "affected",
"version": "7.3.1.2"
},
{
"status": "affected",
"version": "7.2.8"
},
{
"status": "affected",
"version": "7.6.0"
},
{
"status": "affected",
"version": "7.4.2"
},
{
"status": "affected",
"version": "7.2.8.1"
},
{
"status": "affected",
"version": "7.0.6.3"
},
{
"status": "affected",
"version": "7.4.2.1"
},
{
"status": "affected",
"version": "7.2.9"
},
{
"status": "affected",
"version": "7.0.7"
},
{
"status": "affected",
"version": "7.7.0"
},
{
"status": "affected",
"version": "7.4.2.2"
},
{
"status": "affected",
"version": "7.2.10"
},
{
"status": "affected",
"version": "7.6.1"
},
{
"status": "affected",
"version": "7.4.2.3"
},
{
"status": "affected",
"version": "7.0.8"
},
{
"status": "affected",
"version": "7.6.2"
},
{
"status": "affected",
"version": "7.7.10"
},
{
"status": "affected",
"version": "7.0.8.1"
},
{
"status": "affected",
"version": "7.6.2.1"
},
{
"status": "affected",
"version": "7.7.10.1"
},
{
"status": "affected",
"version": "7.4.2.4"
},
{
"status": "affected",
"version": "7.2.10.2"
},
{
"status": "affected",
"version": "7.4.3"
}
]
},
{
"defaultStatus": "unknown",
"product": "Cisco UTD SNORT IPS Engine Software",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "3.17.1S"
},
{
"status": "affected",
"version": "16.12.3"
},
{
"status": "affected",
"version": "Fuji-16.9.5"
},
{
"status": "affected",
"version": "16.12.4"
},
{
"status": "affected",
"version": "17.3.1a"
},
{
"status": "affected",
"version": "16.6.6"
},
{
"status": "affected",
"version": "16.12.2"
},
{
"status": "affected",
"version": "Fuji-16.9.6"
},
{
"status": "affected",
"version": "3.17.0S"
},
{
"status": "affected",
"version": "Fuji-16.9.3"
},
{
"status": "affected",
"version": "Denali-16.3.7"
},
{
"status": "affected",
"version": "Fuji-16.9.2"
},
{
"status": "affected",
"version": "Fuji-16.9.4"
},
{
"status": "affected",
"version": "Everest-16.6.4"
},
{
"status": "affected",
"version": "Everest-16.6.3"
},
{
"status": "affected",
"version": "16.6.5"
},
{
"status": "affected",
"version": "Denali-16.3.5"
},
{
"status": "affected",
"version": "17.2.1r"
},
{
"status": "affected",
"version": "17.1.1"
},
{
"status": "affected",
"version": "Everest-16.6.2"
},
{
"status": "affected",
"version": "16.6.7a"
},
{
"status": "affected",
"version": "Denali-16.3.4"
},
{
"status": "affected",
"version": "16.6.1"
},
{
"status": "affected",
"version": "Denali-16.3.9"
},
{
"status": "affected",
"version": "Denali-16.3.3"
},
{
"status": "affected",
"version": "16.12.1a"
},
{
"status": "affected",
"version": "17.3.2"
},
{
"status": "affected",
"version": "17.4.1a"
},
{
"status": "affected",
"version": "16.12.5"
},
{
"status": "affected",
"version": "17.5.1"
},
{
"status": "affected",
"version": "Fuji-16.9.7"
},
{
"status": "affected",
"version": "16.6.9"
},
{
"status": "affected",
"version": "17.3.3"
},
{
"status": "affected",
"version": "17.5.1a"
},
{
"status": "affected",
"version": "17.3.4"
},
{
"status": "affected",
"version": "17.3.4a"
},
{
"status": "affected",
"version": "17.4.2"
},
{
"status": "affected",
"version": "17.4.1b"
},
{
"status": "affected",
"version": "17.6.1a"
},
{
"status": "affected",
"version": "16.6.10"
},
{
"status": "affected",
"version": "17.7.1a"
},
{
"status": "affected",
"version": "16.12.6"
},
{
"status": "affected",
"version": "Fuji-16.9.8"
},
{
"status": "affected",
"version": "17.6.2"
},
{
"status": "affected",
"version": "17.8.1a"
},
{
"status": "affected",
"version": "16.12.7"
},
{
"status": "affected",
"version": "17.3.5"
},
{
"status": "affected",
"version": "17.6.3"
},
{
"status": "affected",
"version": "17.6.3a"
},
{
"status": "affected",
"version": "17.7.2"
},
{
"status": "affected",
"version": "17.9.1a"
},
{
"status": "affected",
"version": "17.6.4"
},
{
"status": "affected",
"version": "17.10.1a"
},
{
"status": "affected",
"version": "17.3.6"
},
{
"status": "affected",
"version": "16.12.8"
},
{
"status": "affected",
"version": "17.3.7"
},
{
"status": "affected",
"version": "17.9.2a"
},
{
"status": "affected",
"version": "17.6.5"
},
{
"status": "affected",
"version": "17.11.1a"
},
{
"status": "affected",
"version": "17.9.3a"
},
{
"status": "affected",
"version": "17.12.1a"
},
{
"status": "affected",
"version": "17.9.4"
},
{
"status": "affected",
"version": "17.6.6"
},
{
"status": "affected",
"version": "17.3.8"
},
{
"status": "affected",
"version": "17.3.8a"
},
{
"status": "affected",
"version": "17.6.6a"
},
{
"status": "affected",
"version": "17.9.4a"
},
{
"status": "affected",
"version": "17.12.2"
},
{
"status": "affected",
"version": "17.13.1a"
},
{
"status": "affected",
"version": "17.9.5a"
},
{
"status": "affected",
"version": "17.12.3"
},
{
"status": "affected",
"version": "17.6.7"
},
{
"status": "affected",
"version": "17.14.1a"
},
{
"status": "affected",
"version": "17.12.4"
},
{
"status": "affected",
"version": "17.12.3a"
},
{
"status": "affected",
"version": "17.15.1a"
},
{
"status": "affected",
"version": "17.6.8"
},
{
"status": "affected",
"version": "17.9.6"
},
{
"status": "affected",
"version": "17.6.8a"
},
{
"status": "affected",
"version": "17.16.1a"
},
{
"status": "affected",
"version": "17.9.5e"
},
{
"status": "affected",
"version": "17.12.4a"
},
{
"status": "affected",
"version": "17.15.2c"
},
{
"status": "affected",
"version": "17.9.5f"
},
{
"status": "affected",
"version": "17.12.4b"
},
{
"status": "affected",
"version": "17.15.2a"
},
{
"status": "affected",
"version": "17.12.5"
},
{
"status": "affected",
"version": "17.17.1"
},
{
"status": "affected",
"version": "17.12.5a"
},
{
"status": "affected",
"version": "17.9.7a"
},
{
"status": "affected",
"version": "17.15.3a"
},
{
"status": "affected",
"version": "17.15.3"
},
{
"status": "affected",
"version": "17.12.5b"
},
{
"status": "affected",
"version": "17.12.5c"
},
{
"status": "affected",
"version": "17.15.4"
},
{
"status": "affected",
"version": "17.9.7b"
},
{
"status": "affected",
"version": "17.18.1"
},
{
"status": "affected",
"version": "17.18.1a"
},
{
"status": "affected",
"version": "17.12.6"
},
{
"status": "affected",
"version": "17.9.8"
},
{
"status": "affected",
"version": "17.15.4c"
},
{
"status": "affected",
"version": "17.12.5d"
},
{
"status": "affected",
"version": "17.18.2"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Multiple\u0026nbsp;Cisco products are affected by a vulnerability in the processing of DCE/RPC requests that could allow an unauthenticated, remote attacker to cause the Snort 3 Detection Engine to leak sensitive information or to restart, resulting in an interruption of packet inspection.\r\n\r\nThis vulnerability is due to an error in buffer handling logic when processing DCE/RPC requests, which can result in a buffer use-after-free read. An attacker could exploit this vulnerability by sending a large number of DCE/RPC requests through an established connection that is inspected by Snort 3. A successful exploit could allow the attacker to unexpectedly restart the Snort 3 Detection Engine, which could cause a denial of service (DoS)."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-415",
"description": "Double Free",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-12T18:48:34.084Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-snort3-dcerpc-vulns-J9HNF4tH",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snort3-dcerpc-vulns-J9HNF4tH"
}
],
"source": {
"advisory": "cisco-sa-snort3-dcerpc-vulns-J9HNF4tH",
"defects": [
"CSCwq75339"
],
"discovery": "EXTERNAL"
},
"title": "Multiple Cisco Products Snort 3 DCERPC Vulnerabilities"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2026-20026",
"datePublished": "2026-01-07T16:23:43.283Z",
"dateReserved": "2025-10-08T11:59:15.352Z",
"dateUpdated": "2026-02-12T18:48:34.084Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-20393 (GCVE-0-2025-20393)
Vulnerability from cvelistv5 – Published: 2025-12-17 16:47 – Updated: 2026-01-15 16:32
VLAI?
Title
Cisco Secure Email Gateway and Cisco Secure Email and Web Manager Remote Command Execution Vulnerability
Summary
A vulnerability in the Spam Quarantine feature of Cisco AsyncOS Software for Cisco Secure Email Gateway and Cisco Secure Email and Web Manager could allow an unauthenticated, remote attacker to execute arbitrary system commands on an affected device with root privileges.
This vulnerability is due to insufficient validation of HTTP requests by the Spam Quarantine feature. An attacker could exploit this vulnerability by sending a crafted HTTP request to the affected device. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with root privileges.
Severity ?
10 (Critical)
CWE
- CWE-20 - Improper Input Validation
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Cisco | Cisco Secure Email |
Affected:
14.0.0-698
Affected: 13.5.1-277 Affected: 13.0.0-392 Affected: 14.2.0-620 Affected: 13.0.5-007 Affected: 13.5.4-038 Affected: 14.2.1-020 Affected: 14.3.0-032 Affected: 15.0.0-104 Affected: 15.0.1-030 Affected: 15.5.0-048 Affected: 15.5.1-055 Affected: 15.5.2-018 Affected: 16.0.0-050 Affected: 15.0.3-002 Affected: 16.0.0-054 Affected: 15.5.3-022 Affected: 16.0.1-017 |
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-20393",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-12-17T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-12-18T04:55:21.334Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"government-resource"
],
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-20393"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Cisco Secure Email",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "14.0.0-698"
},
{
"status": "affected",
"version": "13.5.1-277"
},
{
"status": "affected",
"version": "13.0.0-392"
},
{
"status": "affected",
"version": "14.2.0-620"
},
{
"status": "affected",
"version": "13.0.5-007"
},
{
"status": "affected",
"version": "13.5.4-038"
},
{
"status": "affected",
"version": "14.2.1-020"
},
{
"status": "affected",
"version": "14.3.0-032"
},
{
"status": "affected",
"version": "15.0.0-104"
},
{
"status": "affected",
"version": "15.0.1-030"
},
{
"status": "affected",
"version": "15.5.0-048"
},
{
"status": "affected",
"version": "15.5.1-055"
},
{
"status": "affected",
"version": "15.5.2-018"
},
{
"status": "affected",
"version": "16.0.0-050"
},
{
"status": "affected",
"version": "15.0.3-002"
},
{
"status": "affected",
"version": "16.0.0-054"
},
{
"status": "affected",
"version": "15.5.3-022"
},
{
"status": "affected",
"version": "16.0.1-017"
}
]
},
{
"defaultStatus": "unknown",
"product": "Cisco Secure Email and Web Manager",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "13.6.2-023"
},
{
"status": "affected",
"version": "13.6.2-078"
},
{
"status": "affected",
"version": "13.0.0-249"
},
{
"status": "affected",
"version": "13.0.0-277"
},
{
"status": "affected",
"version": "13.8.1-052"
},
{
"status": "affected",
"version": "13.8.1-068"
},
{
"status": "affected",
"version": "13.8.1-074"
},
{
"status": "affected",
"version": "14.0.0-404"
},
{
"status": "affected",
"version": "12.8.1-002"
},
{
"status": "affected",
"version": "14.1.0-227"
},
{
"status": "affected",
"version": "13.6.1-201"
},
{
"status": "affected",
"version": "14.2.0-203"
},
{
"status": "affected",
"version": "14.2.0-212"
},
{
"status": "affected",
"version": "12.8.1-021"
},
{
"status": "affected",
"version": "13.8.1-108"
},
{
"status": "affected",
"version": "14.2.0-224"
},
{
"status": "affected",
"version": "14.3.0-120"
},
{
"status": "affected",
"version": "15.0.0-334"
},
{
"status": "affected",
"version": "15.5.1-024"
},
{
"status": "affected",
"version": "15.5.1-029"
},
{
"status": "affected",
"version": "15.5.2-005"
},
{
"status": "affected",
"version": "16.0.0-195"
},
{
"status": "affected",
"version": "15.5.3-017"
},
{
"status": "affected",
"version": "16.0.1-010"
},
{
"status": "affected",
"version": "15.0.1-035"
},
{
"status": "affected",
"version": "16.0.2-088"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the Spam Quarantine feature of Cisco AsyncOS Software for Cisco Secure Email Gateway and Cisco Secure Email and Web Manager could allow an unauthenticated, remote attacker to execute arbitrary system commands on an affected device with root privileges.\r\n\r\nThis vulnerability is due to insufficient validation of HTTP requests by the Spam Quarantine feature. An attacker could exploit this vulnerability by sending a crafted HTTP request to the affected device. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with\u0026nbsp;root privileges."
}
],
"exploits": [
{
"lang": "en",
"value": "In December 2025, the Cisco Product Security Incident Response Team (PSIRT) became aware of potentially malicious activity that targets Cisco Secure Email Gateway and Cisco Secure Email and Web Manager appliances."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 10,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "Improper Input Validation",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-15T16:32:03.740Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-sma-attack-N9bf4",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sma-attack-N9bf4"
}
],
"source": {
"advisory": "cisco-sa-sma-attack-N9bf4",
"defects": [
"CSCws36549"
],
"discovery": "EXTERNAL"
},
"title": "Cisco Secure Email Gateway and Cisco Secure Email and Web Manager Remote Command Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2025-20393",
"datePublished": "2025-12-17T16:47:13.128Z",
"dateReserved": "2024-10-10T19:15:13.266Z",
"dateUpdated": "2026-01-15T16:32:03.740Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-20346 (GCVE-0-2025-20346)
Vulnerability from cvelistv5 – Published: 2025-11-13 16:27 – Updated: 2025-12-01 15:36
VLAI?
Title
Cisco Catalyst Center Privilege Escalation Vulnerability
Summary
A vulnerability in Cisco Catalyst Center could allow an authenticated, remote attacker to execute operations that should require Administrator privileges. The attacker would need valid read-only user credentials.
This vulnerability is due to improper role-based access control (RBAC). An attacker could exploit this vulnerability by logging in to an affected system and modifying certain policy configurations. A successful exploit could allow the attacker to modify policy configurations that are reserved for the Administrator role. To exploit this vulnerability, the attacker must have valid credentials for a user account with at least the role of Observer.
Severity ?
4.3 (Medium)
CWE
- CWE-269 - Improper Privilege Management
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Digital Network Architecture Center (DNA Center) |
Affected:
2.1.1.0
Affected: 2.1.1.3 Affected: 2.1.2.0 Affected: 2.1.2.3 Affected: 2.1.2.5 Affected: 2.2.1.0 Affected: 2.1.2.6 Affected: 2.2.2.0 Affected: 2.2.2.3 Affected: 2.1.2.7 Affected: 2.2.1.3 Affected: 2.2.3.0 Affected: 2.2.2.4 Affected: 2.2.2.5 Affected: 2.2.3.3 Affected: 2.2.2.7 Affected: 2.2.2.6 Affected: 2.2.2.8 Affected: 2.2.3.4 Affected: 2.3.2.1 Affected: 2.3.2.1-AIRGAP Affected: 2.3.2.1-AIRGAP-CA Affected: 2.2.3.5 Affected: 2.3.3.3 Affected: 2.3.3.1-AIRGAP Affected: 2.3.3.1 Affected: 2.3.2.3 Affected: 2.3.3.3-AIRGAP Affected: 2.2.2.9 Affected: 2.3.3.0-AIRGAP Affected: 2.3.3.4 Affected: 2.3.3.4-AIRGAP Affected: 2.3.3.4-AIRGAP-MDNAC Affected: 2.3.3.5 Affected: 2.3.3.5-AIRGAP Affected: 2.3.4.0-AIRGAP Affected: 2.3.4.3 Affected: 2.3.4.3-AIRGAP Affected: 2.3.3.6 Affected: 2.3.3.6-AIRGAP Affected: 2.3.3.6-AIRGAP-MDNAC Affected: 2.3.5.0-AIRGAP-MDNAC Affected: VA Launchpad 1.0.3 Affected: VA Launchpad 1.0.4 Affected: 2.3.3.7 Affected: 2.3.3.7-AIRGAP Affected: 2.3.3.7-AIRGAP-MDNAC Affected: 2.3.6.0 Affected: 2.3.3.6-70045-HF1 Affected: VA Launchpad 1.2.1 Affected: 2.3.3.7-72328-AIRGAP Affected: 2.3.3.7-72323 Affected: 2.3.3.7-72328-MDNAC Affected: 2.3.5.3 Affected: 2.3.5.3-AIRGAP-MDNAC Affected: 2.3.5.3-AIRGAP Affected: 2.3.6.0-AIRGAP Affected: VA Launchpad 1.3.0 Affected: VA Launchpad 1.5.0 Affected: 2.3.7.0 Affected: 2.3.7.0-AIRGAP Affected: 2.3.7.0-AIRGAP-MDNAC Affected: 2.3.7.0-VA Affected: 2.3.5.4-AIRGAP Affected: 2.3.5.4-AIRGAP-MDNAC Affected: VA Launchpad 1.6.0 Affected: 2.3.7.3 Affected: 2.3.7.3-AIRGAP Affected: 2.3.7.3-AIRGAP-MDNAC Affected: VA Launchpad 1.7.0 Affected: 2.3.5.5-AIRGAP Affected: 2.3.5.5 Affected: 2.3.5.5-AIRGAP-MDNAC Affected: 2.3.7.4 Affected: 2.3.7.4-AIRGAP Affected: 2.3.7.5-AIRGAP Affected: VA Launchpad 1.9.0 Affected: 2.3.5.6-AIRGAP Affected: 2.3.5.6-AIRGAP-MDNAC Affected: 1.0.0.0 Affected: Cisco CCGM 1.0.0.0 Affected: 2.3.7.6-AIRGAP Affected: 2.3.7.6 Affected: 2.3.7.6-VA Affected: 2.3.5.5-70026-HF70 Affected: 2.3.5.5-70026-HF51 Affected: 2.3.5.6-70143-HF20 Affected: 2.3.7.6-AIRGAP-MDNAC Affected: 2.3.5.5-70026-HF53 Affected: 2.3.5.5-70026-HF71 Affected: 2.3.7.7 Affected: 2.3.7.7-VA Affected: 2.3.7.7-AIRGAP Affected: 2.3.7.7-AIRGAP-MDNAC Affected: 2.3.7.9-VA Affected: 2.3.7.9 Affected: 2.3.7.9-AIRGAP Affected: 2.3.7.9-AIRGAP-MDNAC Affected: Cisco CCGM 1.1.1 Affected: 2.3.7.9-70301-GSMU10 Affected: 2.3.7.9-70301-SMU1 Affected: 2.3.7.9-75403-SMU10 Affected: 2.3.7.9-75403-GSMU10 Affected: Cisco CCGM 1.2.1 Affected: 2.3.5.3-EULA Affected: 2.3.7.9.75403.10-VA Affected: 0.0.0.0 Affected: 1.16.54 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-20346",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-11-14T04:55:38.854695Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-12-01T15:36:40.791Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Cisco Digital Network Architecture Center (DNA Center)",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "2.1.1.0"
},
{
"status": "affected",
"version": "2.1.1.3"
},
{
"status": "affected",
"version": "2.1.2.0"
},
{
"status": "affected",
"version": "2.1.2.3"
},
{
"status": "affected",
"version": "2.1.2.5"
},
{
"status": "affected",
"version": "2.2.1.0"
},
{
"status": "affected",
"version": "2.1.2.6"
},
{
"status": "affected",
"version": "2.2.2.0"
},
{
"status": "affected",
"version": "2.2.2.3"
},
{
"status": "affected",
"version": "2.1.2.7"
},
{
"status": "affected",
"version": "2.2.1.3"
},
{
"status": "affected",
"version": "2.2.3.0"
},
{
"status": "affected",
"version": "2.2.2.4"
},
{
"status": "affected",
"version": "2.2.2.5"
},
{
"status": "affected",
"version": "2.2.3.3"
},
{
"status": "affected",
"version": "2.2.2.7"
},
{
"status": "affected",
"version": "2.2.2.6"
},
{
"status": "affected",
"version": "2.2.2.8"
},
{
"status": "affected",
"version": "2.2.3.4"
},
{
"status": "affected",
"version": "2.3.2.1"
},
{
"status": "affected",
"version": "2.3.2.1-AIRGAP"
},
{
"status": "affected",
"version": "2.3.2.1-AIRGAP-CA"
},
{
"status": "affected",
"version": "2.2.3.5"
},
{
"status": "affected",
"version": "2.3.3.3"
},
{
"status": "affected",
"version": "2.3.3.1-AIRGAP"
},
{
"status": "affected",
"version": "2.3.3.1"
},
{
"status": "affected",
"version": "2.3.2.3"
},
{
"status": "affected",
"version": "2.3.3.3-AIRGAP"
},
{
"status": "affected",
"version": "2.2.2.9"
},
{
"status": "affected",
"version": "2.3.3.0-AIRGAP"
},
{
"status": "affected",
"version": "2.3.3.4"
},
{
"status": "affected",
"version": "2.3.3.4-AIRGAP"
},
{
"status": "affected",
"version": "2.3.3.4-AIRGAP-MDNAC"
},
{
"status": "affected",
"version": "2.3.3.5"
},
{
"status": "affected",
"version": "2.3.3.5-AIRGAP"
},
{
"status": "affected",
"version": "2.3.4.0-AIRGAP"
},
{
"status": "affected",
"version": "2.3.4.3"
},
{
"status": "affected",
"version": "2.3.4.3-AIRGAP"
},
{
"status": "affected",
"version": "2.3.3.6"
},
{
"status": "affected",
"version": "2.3.3.6-AIRGAP"
},
{
"status": "affected",
"version": "2.3.3.6-AIRGAP-MDNAC"
},
{
"status": "affected",
"version": "2.3.5.0-AIRGAP-MDNAC"
},
{
"status": "affected",
"version": "VA Launchpad 1.0.3"
},
{
"status": "affected",
"version": "VA Launchpad 1.0.4"
},
{
"status": "affected",
"version": "2.3.3.7"
},
{
"status": "affected",
"version": "2.3.3.7-AIRGAP"
},
{
"status": "affected",
"version": "2.3.3.7-AIRGAP-MDNAC"
},
{
"status": "affected",
"version": "2.3.6.0"
},
{
"status": "affected",
"version": "2.3.3.6-70045-HF1"
},
{
"status": "affected",
"version": "VA Launchpad 1.2.1"
},
{
"status": "affected",
"version": "2.3.3.7-72328-AIRGAP"
},
{
"status": "affected",
"version": "2.3.3.7-72323"
},
{
"status": "affected",
"version": "2.3.3.7-72328-MDNAC"
},
{
"status": "affected",
"version": "2.3.5.3"
},
{
"status": "affected",
"version": "2.3.5.3-AIRGAP-MDNAC"
},
{
"status": "affected",
"version": "2.3.5.3-AIRGAP"
},
{
"status": "affected",
"version": "2.3.6.0-AIRGAP"
},
{
"status": "affected",
"version": "VA Launchpad 1.3.0"
},
{
"status": "affected",
"version": "VA Launchpad 1.5.0"
},
{
"status": "affected",
"version": "2.3.7.0"
},
{
"status": "affected",
"version": "2.3.7.0-AIRGAP"
},
{
"status": "affected",
"version": "2.3.7.0-AIRGAP-MDNAC"
},
{
"status": "affected",
"version": "2.3.7.0-VA"
},
{
"status": "affected",
"version": "2.3.5.4-AIRGAP"
},
{
"status": "affected",
"version": "2.3.5.4-AIRGAP-MDNAC"
},
{
"status": "affected",
"version": "VA Launchpad 1.6.0"
},
{
"status": "affected",
"version": "2.3.7.3"
},
{
"status": "affected",
"version": "2.3.7.3-AIRGAP"
},
{
"status": "affected",
"version": "2.3.7.3-AIRGAP-MDNAC"
},
{
"status": "affected",
"version": "VA Launchpad 1.7.0"
},
{
"status": "affected",
"version": "2.3.5.5-AIRGAP"
},
{
"status": "affected",
"version": "2.3.5.5"
},
{
"status": "affected",
"version": "2.3.5.5-AIRGAP-MDNAC"
},
{
"status": "affected",
"version": "2.3.7.4"
},
{
"status": "affected",
"version": "2.3.7.4-AIRGAP"
},
{
"status": "affected",
"version": "2.3.7.5-AIRGAP"
},
{
"status": "affected",
"version": "VA Launchpad 1.9.0"
},
{
"status": "affected",
"version": "2.3.5.6-AIRGAP"
},
{
"status": "affected",
"version": "2.3.5.6-AIRGAP-MDNAC"
},
{
"status": "affected",
"version": "1.0.0.0"
},
{
"status": "affected",
"version": "Cisco CCGM 1.0.0.0"
},
{
"status": "affected",
"version": "2.3.7.6-AIRGAP"
},
{
"status": "affected",
"version": "2.3.7.6"
},
{
"status": "affected",
"version": "2.3.7.6-VA"
},
{
"status": "affected",
"version": "2.3.5.5-70026-HF70"
},
{
"status": "affected",
"version": "2.3.5.5-70026-HF51"
},
{
"status": "affected",
"version": "2.3.5.6-70143-HF20"
},
{
"status": "affected",
"version": "2.3.7.6-AIRGAP-MDNAC"
},
{
"status": "affected",
"version": "2.3.5.5-70026-HF53"
},
{
"status": "affected",
"version": "2.3.5.5-70026-HF71"
},
{
"status": "affected",
"version": "2.3.7.7"
},
{
"status": "affected",
"version": "2.3.7.7-VA"
},
{
"status": "affected",
"version": "2.3.7.7-AIRGAP"
},
{
"status": "affected",
"version": "2.3.7.7-AIRGAP-MDNAC"
},
{
"status": "affected",
"version": "2.3.7.9-VA"
},
{
"status": "affected",
"version": "2.3.7.9"
},
{
"status": "affected",
"version": "2.3.7.9-AIRGAP"
},
{
"status": "affected",
"version": "2.3.7.9-AIRGAP-MDNAC"
},
{
"status": "affected",
"version": "Cisco CCGM 1.1.1"
},
{
"status": "affected",
"version": "2.3.7.9-70301-GSMU10"
},
{
"status": "affected",
"version": "2.3.7.9-70301-SMU1"
},
{
"status": "affected",
"version": "2.3.7.9-75403-SMU10"
},
{
"status": "affected",
"version": "2.3.7.9-75403-GSMU10"
},
{
"status": "affected",
"version": "Cisco CCGM 1.2.1"
},
{
"status": "affected",
"version": "2.3.5.3-EULA"
},
{
"status": "affected",
"version": "2.3.7.9.75403.10-VA"
},
{
"status": "affected",
"version": "0.0.0.0"
},
{
"status": "affected",
"version": "1.16.54"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in Cisco Catalyst Center could allow an authenticated, remote attacker to execute operations that should require Administrator privileges. The attacker would need valid read-only user credentials.\r\n\r\nThis vulnerability is due to improper role-based access control (RBAC). An attacker could exploit this vulnerability by logging in to an affected system and modifying certain policy configurations. A successful exploit could allow the attacker to modify policy configurations that are reserved for the Administrator role. To exploit this vulnerability, the attacker must have valid credentials for a user account with at least the role of Observer."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-269",
"description": "Improper Privilege Management",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-13T16:27:30.871Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-privesc-catc-rYjReeLU",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-privesc-catc-rYjReeLU"
}
],
"source": {
"advisory": "cisco-sa-privesc-catc-rYjReeLU",
"defects": [
"CSCwo05088"
],
"discovery": "INTERNAL"
},
"title": "Cisco Catalyst Center Privilege Escalation Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2025-20346",
"datePublished": "2025-11-13T16:27:30.871Z",
"dateReserved": "2024-10-10T19:15:13.256Z",
"dateUpdated": "2025-12-01T15:36:40.791Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-20355 (GCVE-0-2025-20355)
Vulnerability from cvelistv5 – Published: 2025-11-13 16:18 – Updated: 2025-11-13 16:51
VLAI?
Title
Cisco Catalyst Center Software HTTP Open Redirect Vulnerability
Summary
A vulnerability in the web-based management interface of Cisco Catalyst Center Virtual Appliance could allow an unauthenticated, remote attacker to redirect a user to a malicious web page.
This vulnerability is due to improper input validation of HTTP request parameters. An attacker could exploit this vulnerability by intercepting and modifying an HTTP request from a user. A successful exploit could allow the attacker to redirect the user to a malicious web page.
Severity ?
4.7 (Medium)
CWE
- CWE-601 - URL Redirection to Untrusted Site ('Open Redirect')
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Digital Network Architecture Center (DNA Center) |
Affected:
1.4.0.0
Affected: 2.1.1.0 Affected: 2.1.1.3 Affected: 2.1.2.0 Affected: 2.1.2.3 Affected: 2.1.2.4 Affected: 2.1.2.5 Affected: 2.2.1.0 Affected: 2.1.2.6 Affected: 2.2.2.0 Affected: 2.2.2.1 Affected: 2.2.2.3 Affected: 2.1.2.7 Affected: 2.2.1.3 Affected: 2.2.3.0 Affected: 2.2.2.4 Affected: 2.2.2.5 Affected: 2.2.3.3 Affected: 2.2.2.7 Affected: 2.2.2.6 Affected: 2.2.2.8 Affected: 2.2.3.4 Affected: 2.1.2.8 Affected: 2.3.2.1 Affected: 2.3.2.1-AIRGAP Affected: 2.3.2.1-AIRGAP-CA Affected: 2.2.3.5 Affected: 2.3.3.0 Affected: 2.3.3.3 Affected: 2.3.3.1-AIRGAP Affected: 2.3.3.1 Affected: 2.3.2.3 Affected: 2.3.3.3-AIRGAP Affected: 2.2.3.6 Affected: 2.2.2.9 Affected: 2.3.3.0-AIRGAP Affected: 2.3.3.3-AIRGAP-CA Affected: 2.3.3.4 Affected: 2.3.3.4-AIRGAP Affected: 2.3.3.4-AIRGAP-MDNAC Affected: 2.3.3.4-HF1 Affected: 2.3.4.0 Affected: 2.3.3.5 Affected: 2.3.3.5-AIRGAP Affected: 2.3.4.0-AIRGAP Affected: 2.3.4.3 Affected: 2.3.4.3-AIRGAP Affected: 2.3.3.6 Affected: 2.3.5.0 Affected: 2.3.3.6-AIRGAP Affected: 2.3.5.0-AIRGAP Affected: 2.3.3.6-AIRGAP-MDNAC Affected: 2.3.5.0-AIRGAP-MDNAC Affected: 2.3.3.7 Affected: 2.3.3.7-AIRGAP Affected: 2.3.3.7-AIRGAP-MDNAC Affected: 2.3.6.0 Affected: 2.3.3.6-70045-HF1 Affected: 2.3.3.7-72328-AIRGAP Affected: 2.3.3.7-72323 Affected: 2.3.3.7-72328-MDNAC Affected: 2.3.5.3 Affected: 2.3.5.3-AIRGAP-MDNAC Affected: 2.3.5.3-AIRGAP Affected: 2.3.6.0-AIRGAP Affected: 2.3.7.0 Affected: 2.3.7.0-AIRGAP Affected: 2.3.7.0-AIRGAP-MDNAC Affected: 2.3.7.0-VA Affected: 2.3.5.4 Affected: 2.3.5.4-AIRGAP Affected: 2.3.5.4-AIRGAP-MDNAC Affected: 2.3.7.3 Affected: 2.3.7.3-AIRGAP Affected: 2.3.7.3-AIRGAP-MDNAC Affected: 2.3.5.5-AIRGAP Affected: 2.3.5.5 Affected: 2.3.5.5-AIRGAP-MDNAC Affected: 2.3.7.4 Affected: 2.3.7.4-AIRGAP Affected: 2.3.7.4-AIRGAP-MDNAC Affected: 2.3.7.5-AIRGAP Affected: 2.3.7.5-VA Affected: 2.3.5.6-AIRGAP Affected: 2.3.5.6 Affected: 2.3.5.6-AIRGAP-MDNAC Affected: 1.0.0.0 Affected: 2.3.7.6-AIRGAP Affected: 2.3.7.6 Affected: 2.3.7.6-VA Affected: 2.3.5.5-70026-HF70 Affected: 2.3.5.5-70026-HF51 Affected: 2.3.5.6-70143-HF20 Affected: 2.3.7.6-AIRGAP-MDNAC Affected: 2.3.5.5-70026-HF52 Affected: 2.3.5.5-70026-HF53 Affected: 2.3.5.5-70026-HF71 Affected: 2.3.7.7 Affected: 2.3.7.7-VA Affected: 2.3.7.7-AIRGAP Affected: 2.3.7.7-AIRGAP-MDNAC Affected: 2.3.5.5-70026-HF72 Affected: 2.3.7.9-VA Affected: 2.3.7.9 Affected: 2.3.7.9-AIRGAP Affected: 2.3.7.9-AIRGAP-MDNAC Affected: 2.3.7.9-70301-GSMU10 Affected: 2.3.7.9-75403-SMU10 Affected: 2.3.7.9-75403-GSMU10 Affected: 2.3.7.9.75403.10-VA |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-20355",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-11-13T16:47:11.902334Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-11-13T16:51:21.740Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Cisco Digital Network Architecture Center (DNA Center)",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "1.4.0.0"
},
{
"status": "affected",
"version": "2.1.1.0"
},
{
"status": "affected",
"version": "2.1.1.3"
},
{
"status": "affected",
"version": "2.1.2.0"
},
{
"status": "affected",
"version": "2.1.2.3"
},
{
"status": "affected",
"version": "2.1.2.4"
},
{
"status": "affected",
"version": "2.1.2.5"
},
{
"status": "affected",
"version": "2.2.1.0"
},
{
"status": "affected",
"version": "2.1.2.6"
},
{
"status": "affected",
"version": "2.2.2.0"
},
{
"status": "affected",
"version": "2.2.2.1"
},
{
"status": "affected",
"version": "2.2.2.3"
},
{
"status": "affected",
"version": "2.1.2.7"
},
{
"status": "affected",
"version": "2.2.1.3"
},
{
"status": "affected",
"version": "2.2.3.0"
},
{
"status": "affected",
"version": "2.2.2.4"
},
{
"status": "affected",
"version": "2.2.2.5"
},
{
"status": "affected",
"version": "2.2.3.3"
},
{
"status": "affected",
"version": "2.2.2.7"
},
{
"status": "affected",
"version": "2.2.2.6"
},
{
"status": "affected",
"version": "2.2.2.8"
},
{
"status": "affected",
"version": "2.2.3.4"
},
{
"status": "affected",
"version": "2.1.2.8"
},
{
"status": "affected",
"version": "2.3.2.1"
},
{
"status": "affected",
"version": "2.3.2.1-AIRGAP"
},
{
"status": "affected",
"version": "2.3.2.1-AIRGAP-CA"
},
{
"status": "affected",
"version": "2.2.3.5"
},
{
"status": "affected",
"version": "2.3.3.0"
},
{
"status": "affected",
"version": "2.3.3.3"
},
{
"status": "affected",
"version": "2.3.3.1-AIRGAP"
},
{
"status": "affected",
"version": "2.3.3.1"
},
{
"status": "affected",
"version": "2.3.2.3"
},
{
"status": "affected",
"version": "2.3.3.3-AIRGAP"
},
{
"status": "affected",
"version": "2.2.3.6"
},
{
"status": "affected",
"version": "2.2.2.9"
},
{
"status": "affected",
"version": "2.3.3.0-AIRGAP"
},
{
"status": "affected",
"version": "2.3.3.3-AIRGAP-CA"
},
{
"status": "affected",
"version": "2.3.3.4"
},
{
"status": "affected",
"version": "2.3.3.4-AIRGAP"
},
{
"status": "affected",
"version": "2.3.3.4-AIRGAP-MDNAC"
},
{
"status": "affected",
"version": "2.3.3.4-HF1"
},
{
"status": "affected",
"version": "2.3.4.0"
},
{
"status": "affected",
"version": "2.3.3.5"
},
{
"status": "affected",
"version": "2.3.3.5-AIRGAP"
},
{
"status": "affected",
"version": "2.3.4.0-AIRGAP"
},
{
"status": "affected",
"version": "2.3.4.3"
},
{
"status": "affected",
"version": "2.3.4.3-AIRGAP"
},
{
"status": "affected",
"version": "2.3.3.6"
},
{
"status": "affected",
"version": "2.3.5.0"
},
{
"status": "affected",
"version": "2.3.3.6-AIRGAP"
},
{
"status": "affected",
"version": "2.3.5.0-AIRGAP"
},
{
"status": "affected",
"version": "2.3.3.6-AIRGAP-MDNAC"
},
{
"status": "affected",
"version": "2.3.5.0-AIRGAP-MDNAC"
},
{
"status": "affected",
"version": "2.3.3.7"
},
{
"status": "affected",
"version": "2.3.3.7-AIRGAP"
},
{
"status": "affected",
"version": "2.3.3.7-AIRGAP-MDNAC"
},
{
"status": "affected",
"version": "2.3.6.0"
},
{
"status": "affected",
"version": "2.3.3.6-70045-HF1"
},
{
"status": "affected",
"version": "2.3.3.7-72328-AIRGAP"
},
{
"status": "affected",
"version": "2.3.3.7-72323"
},
{
"status": "affected",
"version": "2.3.3.7-72328-MDNAC"
},
{
"status": "affected",
"version": "2.3.5.3"
},
{
"status": "affected",
"version": "2.3.5.3-AIRGAP-MDNAC"
},
{
"status": "affected",
"version": "2.3.5.3-AIRGAP"
},
{
"status": "affected",
"version": "2.3.6.0-AIRGAP"
},
{
"status": "affected",
"version": "2.3.7.0"
},
{
"status": "affected",
"version": "2.3.7.0-AIRGAP"
},
{
"status": "affected",
"version": "2.3.7.0-AIRGAP-MDNAC"
},
{
"status": "affected",
"version": "2.3.7.0-VA"
},
{
"status": "affected",
"version": "2.3.5.4"
},
{
"status": "affected",
"version": "2.3.5.4-AIRGAP"
},
{
"status": "affected",
"version": "2.3.5.4-AIRGAP-MDNAC"
},
{
"status": "affected",
"version": "2.3.7.3"
},
{
"status": "affected",
"version": "2.3.7.3-AIRGAP"
},
{
"status": "affected",
"version": "2.3.7.3-AIRGAP-MDNAC"
},
{
"status": "affected",
"version": "2.3.5.5-AIRGAP"
},
{
"status": "affected",
"version": "2.3.5.5"
},
{
"status": "affected",
"version": "2.3.5.5-AIRGAP-MDNAC"
},
{
"status": "affected",
"version": "2.3.7.4"
},
{
"status": "affected",
"version": "2.3.7.4-AIRGAP"
},
{
"status": "affected",
"version": "2.3.7.4-AIRGAP-MDNAC"
},
{
"status": "affected",
"version": "2.3.7.5-AIRGAP"
},
{
"status": "affected",
"version": "2.3.7.5-VA"
},
{
"status": "affected",
"version": "2.3.5.6-AIRGAP"
},
{
"status": "affected",
"version": "2.3.5.6"
},
{
"status": "affected",
"version": "2.3.5.6-AIRGAP-MDNAC"
},
{
"status": "affected",
"version": "1.0.0.0"
},
{
"status": "affected",
"version": "2.3.7.6-AIRGAP"
},
{
"status": "affected",
"version": "2.3.7.6"
},
{
"status": "affected",
"version": "2.3.7.6-VA"
},
{
"status": "affected",
"version": "2.3.5.5-70026-HF70"
},
{
"status": "affected",
"version": "2.3.5.5-70026-HF51"
},
{
"status": "affected",
"version": "2.3.5.6-70143-HF20"
},
{
"status": "affected",
"version": "2.3.7.6-AIRGAP-MDNAC"
},
{
"status": "affected",
"version": "2.3.5.5-70026-HF52"
},
{
"status": "affected",
"version": "2.3.5.5-70026-HF53"
},
{
"status": "affected",
"version": "2.3.5.5-70026-HF71"
},
{
"status": "affected",
"version": "2.3.7.7"
},
{
"status": "affected",
"version": "2.3.7.7-VA"
},
{
"status": "affected",
"version": "2.3.7.7-AIRGAP"
},
{
"status": "affected",
"version": "2.3.7.7-AIRGAP-MDNAC"
},
{
"status": "affected",
"version": "2.3.5.5-70026-HF72"
},
{
"status": "affected",
"version": "2.3.7.9-VA"
},
{
"status": "affected",
"version": "2.3.7.9"
},
{
"status": "affected",
"version": "2.3.7.9-AIRGAP"
},
{
"status": "affected",
"version": "2.3.7.9-AIRGAP-MDNAC"
},
{
"status": "affected",
"version": "2.3.7.9-70301-GSMU10"
},
{
"status": "affected",
"version": "2.3.7.9-75403-SMU10"
},
{
"status": "affected",
"version": "2.3.7.9-75403-GSMU10"
},
{
"status": "affected",
"version": "2.3.7.9.75403.10-VA"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based management interface of Cisco Catalyst Center Virtual Appliance could allow an unauthenticated, remote attacker to redirect a user to a malicious web page.\r\n\r\nThis vulnerability is due to improper input validation of HTTP request parameters. An attacker could exploit this vulnerability by intercepting and modifying an HTTP request from a user. A successful exploit could allow the attacker to redirect the user to a malicious web page."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-601",
"description": "URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-13T16:27:42.125Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-catc-open-redirect-3W5Bk3Je",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-catc-open-redirect-3W5Bk3Je"
}
],
"source": {
"advisory": "cisco-sa-catc-open-redirect-3W5Bk3Je",
"defects": [
"CSCwk40834"
],
"discovery": "INTERNAL"
},
"title": "Cisco Catalyst Center Software HTTP Open Redirect Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2025-20355",
"datePublished": "2025-11-13T16:18:14.450Z",
"dateReserved": "2024-10-10T19:15:13.257Z",
"dateUpdated": "2025-11-13T16:51:21.740Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-20353 (GCVE-0-2025-20353)
Vulnerability from cvelistv5 – Published: 2025-11-13 16:18 – Updated: 2025-11-13 17:11
VLAI?
Title
Cisco Catalyst Center Cross-Site Scripting Vulnerability
Summary
A vulnerability in the web-based management interface of Cisco Catalyst Center could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface of an affected device.
This vulnerability is due to insufficient validation of user input. An attacker could exploit this vulnerability by persuading a user of the web-based management interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information.
Severity ?
6.1 (Medium)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Digital Network Architecture Center (DNA Center) |
Affected:
2.1.1.0
Affected: 2.1.1.3 Affected: 2.1.2.0 Affected: 2.1.2.3 Affected: 2.1.2.4 Affected: 2.1.2.5 Affected: 2.2.1.0 Affected: 2.1.2.6 Affected: 2.2.2.0 Affected: 2.2.2.1 Affected: 2.2.2.3 Affected: 2.1.2.7 Affected: 2.2.1.3 Affected: 2.2.3.0 Affected: 2.2.2.4 Affected: 2.2.2.5 Affected: 2.2.3.3 Affected: 2.2.2.7 Affected: 2.2.2.6 Affected: 2.2.2.8 Affected: 2.2.3.4 Affected: 2.1.2.8 Affected: 2.3.2.1 Affected: 2.3.2.1-AIRGAP Affected: 2.3.2.1-AIRGAP-CA Affected: 2.2.3.5 Affected: 2.3.3.0 Affected: 2.3.3.3 Affected: 2.3.3.1-AIRGAP Affected: 2.3.3.1 Affected: 2.3.2.3 Affected: 2.3.3.3-AIRGAP Affected: 2.2.3.6 Affected: 2.2.2.9 Affected: 2.3.3.0-AIRGAP Affected: 2.3.3.3-AIRGAP-CA Affected: 2.3.3.4 Affected: 2.3.3.4-AIRGAP Affected: 2.3.3.4-AIRGAP-MDNAC Affected: 2.3.3.4-HF1 Affected: 2.3.4.0 Affected: 2.3.3.5 Affected: 2.3.3.5-AIRGAP Affected: 2.3.4.0-AIRGAP Affected: 2.3.4.3 Affected: 2.3.4.3-AIRGAP Affected: 2.3.3.6 Affected: 2.3.5.0 Affected: 2.3.3.6-AIRGAP Affected: 2.3.5.0-AIRGAP Affected: 2.3.3.6-AIRGAP-MDNAC Affected: 2.3.5.0-AIRGAP-MDNAC Affected: 2.3.3.7 Affected: 2.3.3.7-AIRGAP Affected: 2.3.3.7-AIRGAP-MDNAC Affected: 2.3.6.0 Affected: 2.3.3.6-70045-HF1 Affected: 2.3.3.7-72328-AIRGAP Affected: 2.3.3.7-72323 Affected: 2.3.3.7-72328-MDNAC Affected: 2.3.5.3 Affected: 2.3.5.3-AIRGAP-MDNAC Affected: 2.3.5.3-AIRGAP Affected: 2.3.6.0-AIRGAP Affected: 2.3.7.0 Affected: 2.3.7.0-AIRGAP Affected: 2.3.7.0-AIRGAP-MDNAC Affected: 2.3.5.4 Affected: 2.3.5.4-AIRGAP Affected: 2.3.5.4-AIRGAP-MDNAC Affected: 2.3.7.3 Affected: 2.3.7.3-AIRGAP Affected: 2.3.7.3-AIRGAP-MDNAC Affected: 2.3.5.5-AIRGAP Affected: 2.3.5.5 Affected: 2.3.5.5-AIRGAP-MDNAC Affected: 2.3.7.4 Affected: 2.3.7.4-AIRGAP Affected: 2.3.7.4-AIRGAP-MDNAC Affected: 2.3.7.5-AIRGAP Affected: 2.3.5.6-AIRGAP Affected: 2.3.5.6 Affected: 2.3.5.6-AIRGAP-MDNAC Affected: 2.3.7.6-AIRGAP Affected: 2.3.7.6 Affected: 2.3.5.5-70026-HF70 Affected: 2.3.5.5-70026-HF51 Affected: 2.3.5.6-70143-HF20 Affected: 2.3.7.6-AIRGAP-MDNAC Affected: 2.3.5.5-70026-HF52 Affected: 2.3.5.5-70026-HF53 Affected: 2.3.5.5-70026-HF71 Affected: 2.3.7.7 Affected: 2.3.7.7-AIRGAP Affected: 2.3.7.7-AIRGAP-MDNAC Affected: 2.3.5.5-70026-HF72 Affected: 2.3.7.9 Affected: 2.3.7.9-AIRGAP Affected: 2.3.7.9-AIRGAP-MDNAC Affected: 2.3.7.9-70301-GSMU10 Affected: 2.3.7.9-70301-SMU1 Affected: 2.3.7.9-75403-SMU10 Affected: 2.3.7.9-75403-GSMU10 Affected: 2.3.5.3-EULA |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-20353",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-11-13T17:11:03.069694Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-11-13T17:11:16.452Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Cisco Digital Network Architecture Center (DNA Center)",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "2.1.1.0"
},
{
"status": "affected",
"version": "2.1.1.3"
},
{
"status": "affected",
"version": "2.1.2.0"
},
{
"status": "affected",
"version": "2.1.2.3"
},
{
"status": "affected",
"version": "2.1.2.4"
},
{
"status": "affected",
"version": "2.1.2.5"
},
{
"status": "affected",
"version": "2.2.1.0"
},
{
"status": "affected",
"version": "2.1.2.6"
},
{
"status": "affected",
"version": "2.2.2.0"
},
{
"status": "affected",
"version": "2.2.2.1"
},
{
"status": "affected",
"version": "2.2.2.3"
},
{
"status": "affected",
"version": "2.1.2.7"
},
{
"status": "affected",
"version": "2.2.1.3"
},
{
"status": "affected",
"version": "2.2.3.0"
},
{
"status": "affected",
"version": "2.2.2.4"
},
{
"status": "affected",
"version": "2.2.2.5"
},
{
"status": "affected",
"version": "2.2.3.3"
},
{
"status": "affected",
"version": "2.2.2.7"
},
{
"status": "affected",
"version": "2.2.2.6"
},
{
"status": "affected",
"version": "2.2.2.8"
},
{
"status": "affected",
"version": "2.2.3.4"
},
{
"status": "affected",
"version": "2.1.2.8"
},
{
"status": "affected",
"version": "2.3.2.1"
},
{
"status": "affected",
"version": "2.3.2.1-AIRGAP"
},
{
"status": "affected",
"version": "2.3.2.1-AIRGAP-CA"
},
{
"status": "affected",
"version": "2.2.3.5"
},
{
"status": "affected",
"version": "2.3.3.0"
},
{
"status": "affected",
"version": "2.3.3.3"
},
{
"status": "affected",
"version": "2.3.3.1-AIRGAP"
},
{
"status": "affected",
"version": "2.3.3.1"
},
{
"status": "affected",
"version": "2.3.2.3"
},
{
"status": "affected",
"version": "2.3.3.3-AIRGAP"
},
{
"status": "affected",
"version": "2.2.3.6"
},
{
"status": "affected",
"version": "2.2.2.9"
},
{
"status": "affected",
"version": "2.3.3.0-AIRGAP"
},
{
"status": "affected",
"version": "2.3.3.3-AIRGAP-CA"
},
{
"status": "affected",
"version": "2.3.3.4"
},
{
"status": "affected",
"version": "2.3.3.4-AIRGAP"
},
{
"status": "affected",
"version": "2.3.3.4-AIRGAP-MDNAC"
},
{
"status": "affected",
"version": "2.3.3.4-HF1"
},
{
"status": "affected",
"version": "2.3.4.0"
},
{
"status": "affected",
"version": "2.3.3.5"
},
{
"status": "affected",
"version": "2.3.3.5-AIRGAP"
},
{
"status": "affected",
"version": "2.3.4.0-AIRGAP"
},
{
"status": "affected",
"version": "2.3.4.3"
},
{
"status": "affected",
"version": "2.3.4.3-AIRGAP"
},
{
"status": "affected",
"version": "2.3.3.6"
},
{
"status": "affected",
"version": "2.3.5.0"
},
{
"status": "affected",
"version": "2.3.3.6-AIRGAP"
},
{
"status": "affected",
"version": "2.3.5.0-AIRGAP"
},
{
"status": "affected",
"version": "2.3.3.6-AIRGAP-MDNAC"
},
{
"status": "affected",
"version": "2.3.5.0-AIRGAP-MDNAC"
},
{
"status": "affected",
"version": "2.3.3.7"
},
{
"status": "affected",
"version": "2.3.3.7-AIRGAP"
},
{
"status": "affected",
"version": "2.3.3.7-AIRGAP-MDNAC"
},
{
"status": "affected",
"version": "2.3.6.0"
},
{
"status": "affected",
"version": "2.3.3.6-70045-HF1"
},
{
"status": "affected",
"version": "2.3.3.7-72328-AIRGAP"
},
{
"status": "affected",
"version": "2.3.3.7-72323"
},
{
"status": "affected",
"version": "2.3.3.7-72328-MDNAC"
},
{
"status": "affected",
"version": "2.3.5.3"
},
{
"status": "affected",
"version": "2.3.5.3-AIRGAP-MDNAC"
},
{
"status": "affected",
"version": "2.3.5.3-AIRGAP"
},
{
"status": "affected",
"version": "2.3.6.0-AIRGAP"
},
{
"status": "affected",
"version": "2.3.7.0"
},
{
"status": "affected",
"version": "2.3.7.0-AIRGAP"
},
{
"status": "affected",
"version": "2.3.7.0-AIRGAP-MDNAC"
},
{
"status": "affected",
"version": "2.3.5.4"
},
{
"status": "affected",
"version": "2.3.5.4-AIRGAP"
},
{
"status": "affected",
"version": "2.3.5.4-AIRGAP-MDNAC"
},
{
"status": "affected",
"version": "2.3.7.3"
},
{
"status": "affected",
"version": "2.3.7.3-AIRGAP"
},
{
"status": "affected",
"version": "2.3.7.3-AIRGAP-MDNAC"
},
{
"status": "affected",
"version": "2.3.5.5-AIRGAP"
},
{
"status": "affected",
"version": "2.3.5.5"
},
{
"status": "affected",
"version": "2.3.5.5-AIRGAP-MDNAC"
},
{
"status": "affected",
"version": "2.3.7.4"
},
{
"status": "affected",
"version": "2.3.7.4-AIRGAP"
},
{
"status": "affected",
"version": "2.3.7.4-AIRGAP-MDNAC"
},
{
"status": "affected",
"version": "2.3.7.5-AIRGAP"
},
{
"status": "affected",
"version": "2.3.5.6-AIRGAP"
},
{
"status": "affected",
"version": "2.3.5.6"
},
{
"status": "affected",
"version": "2.3.5.6-AIRGAP-MDNAC"
},
{
"status": "affected",
"version": "2.3.7.6-AIRGAP"
},
{
"status": "affected",
"version": "2.3.7.6"
},
{
"status": "affected",
"version": "2.3.5.5-70026-HF70"
},
{
"status": "affected",
"version": "2.3.5.5-70026-HF51"
},
{
"status": "affected",
"version": "2.3.5.6-70143-HF20"
},
{
"status": "affected",
"version": "2.3.7.6-AIRGAP-MDNAC"
},
{
"status": "affected",
"version": "2.3.5.5-70026-HF52"
},
{
"status": "affected",
"version": "2.3.5.5-70026-HF53"
},
{
"status": "affected",
"version": "2.3.5.5-70026-HF71"
},
{
"status": "affected",
"version": "2.3.7.7"
},
{
"status": "affected",
"version": "2.3.7.7-AIRGAP"
},
{
"status": "affected",
"version": "2.3.7.7-AIRGAP-MDNAC"
},
{
"status": "affected",
"version": "2.3.5.5-70026-HF72"
},
{
"status": "affected",
"version": "2.3.7.9"
},
{
"status": "affected",
"version": "2.3.7.9-AIRGAP"
},
{
"status": "affected",
"version": "2.3.7.9-AIRGAP-MDNAC"
},
{
"status": "affected",
"version": "2.3.7.9-70301-GSMU10"
},
{
"status": "affected",
"version": "2.3.7.9-70301-SMU1"
},
{
"status": "affected",
"version": "2.3.7.9-75403-SMU10"
},
{
"status": "affected",
"version": "2.3.7.9-75403-GSMU10"
},
{
"status": "affected",
"version": "2.3.5.3-EULA"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based management interface of Cisco Catalyst Center could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface of an affected device.\r\n\r\nThis vulnerability is due to insufficient validation of user input. An attacker could exploit this vulnerability by persuading a user of the web-based management interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-13T16:27:42.137Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-dnac-xss-weXtVZ59",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-dnac-xss-weXtVZ59"
}
],
"source": {
"advisory": "cisco-sa-dnac-xss-weXtVZ59",
"defects": [
"CSCwn51440"
],
"discovery": "INTERNAL"
},
"title": "Cisco Catalyst Center Cross-Site Scripting Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2025-20353",
"datePublished": "2025-11-13T16:18:12.708Z",
"dateReserved": "2024-10-10T19:15:13.257Z",
"dateUpdated": "2025-11-13T17:11:16.452Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-20349 (GCVE-0-2025-20349)
Vulnerability from cvelistv5 – Published: 2025-11-13 16:18 – Updated: 2025-11-14 04:55
VLAI?
Title
Cisco DNA Center API Command Injection Vulnerability
Summary
A vulnerability in the REST API of Cisco Catalyst Center could allow an authenticated, remote attacker to execute arbitrary commands in a restricted container as the root user.
This vulnerability is due to insufficient validation of user-supplied input in REST API request parameters. An attacker could exploit this vulnerability by sending a crafted API request to an affected device. A successful exploit could allow the attacker to inject arbitrary commands that would then be executed in a restricted container with root privileges. To exploit this vulnerability, the attacker must have valid credentials for a user account with at least the role of Observer.
Severity ?
6.3 (Medium)
CWE
- CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Digital Network Architecture Center (DNA Center) |
Affected:
1.4.0.0
Affected: 2.1.1.0 Affected: 2.1.1.3 Affected: 2.1.2.0 Affected: 2.1.2.3 Affected: 2.1.2.4 Affected: 2.1.2.5 Affected: 2.2.1.0 Affected: 2.1.2.6 Affected: 2.2.2.0 Affected: 2.2.2.1 Affected: 2.2.2.3 Affected: 2.1.2.7 Affected: 2.2.1.3 Affected: 2.2.3.0 Affected: 2.2.2.4 Affected: 2.2.2.5 Affected: 2.2.3.3 Affected: 2.2.2.7 Affected: 2.2.2.6 Affected: 2.2.2.8 Affected: 2.2.3.4 Affected: 2.1.2.8 Affected: 2.3.2.1 Affected: 2.3.2.1-AIRGAP Affected: 2.3.2.1-AIRGAP-CA Affected: 2.2.3.5 Affected: 2.3.3.0 Affected: 2.3.3.3 Affected: 2.3.3.1-AIRGAP Affected: 2.3.3.1 Affected: 2.3.2.3 Affected: 2.3.3.3-AIRGAP Affected: 2.2.3.6 Affected: 2.2.2.9 Affected: 2.3.3.0-AIRGAP Affected: 2.3.3.3-AIRGAP-CA Affected: 2.3.3.4 Affected: 2.3.3.4-AIRGAP Affected: 2.3.3.4-AIRGAP-MDNAC Affected: 2.3.3.4-HF1 Affected: 2.3.4.0 Affected: 2.3.3.5 Affected: 2.3.3.5-AIRGAP Affected: 2.3.4.0-AIRGAP Affected: 2.3.4.3 Affected: 2.3.4.3-AIRGAP Affected: 2.3.3.6 Affected: 2.3.5.0 Affected: 2.3.3.6-AIRGAP Affected: 2.3.5.0-AIRGAP Affected: 2.3.3.6-AIRGAP-MDNAC Affected: 2.3.5.0-AIRGAP-MDNAC Affected: 2.3.3.7 Affected: 2.3.3.7-AIRGAP Affected: 2.3.3.7-AIRGAP-MDNAC Affected: 2.3.6.0 Affected: 2.3.3.6-70045-HF1 Affected: 2.3.3.7-72328-AIRGAP Affected: 2.3.3.7-72323 Affected: 2.3.3.7-72328-MDNAC Affected: 2.3.5.3 Affected: 2.3.5.3-AIRGAP-MDNAC Affected: 2.3.5.3-AIRGAP Affected: 2.3.6.0-AIRGAP Affected: 2.3.7.0 Affected: 2.3.7.0-AIRGAP Affected: 2.3.7.0-AIRGAP-MDNAC Affected: 2.3.7.0-VA Affected: 2.3.5.4 Affected: 2.3.5.4-AIRGAP Affected: 2.3.5.4-AIRGAP-MDNAC Affected: 2.3.7.3 Affected: 2.3.7.3-AIRGAP Affected: 2.3.7.3-AIRGAP-MDNAC Affected: 2.3.5.5-AIRGAP Affected: 2.3.5.5 Affected: 2.3.5.5-AIRGAP-MDNAC Affected: 2.3.7.4 Affected: 2.3.7.4-AIRGAP Affected: 2.3.7.4-AIRGAP-MDNAC Affected: 2.3.7.5-AIRGAP Affected: 2.3.7.5-VA Affected: 2.3.5.6-AIRGAP Affected: 2.3.5.6 Affected: 2.3.5.6-AIRGAP-MDNAC Affected: 1.0.0.0 Affected: 2.3.7.6-AIRGAP Affected: 2.3.7.6 Affected: 2.3.7.6-VA Affected: 2.3.5.5-70026-HF70 Affected: 2.3.5.5-70026-HF51 Affected: 2.3.5.6-70143-HF20 Affected: 2.3.7.6-AIRGAP-MDNAC Affected: 2.3.5.5-70026-HF52 Affected: 2.3.5.5-70026-HF53 Affected: 2.3.5.5-70026-HF71 Affected: 2.3.7.7 Affected: 2.3.7.7-VA Affected: 2.3.7.7-AIRGAP Affected: 2.3.7.7-AIRGAP-MDNAC Affected: 2.3.5.5-70026-HF72 Affected: 2.3.7.9-VA Affected: 2.3.7.9 Affected: 2.3.7.9-AIRGAP Affected: 2.3.7.9-AIRGAP-MDNAC Affected: 2.3.7.9-70301-SMU1 Affected: 2.3.5.3-EULA Affected: 0.0.0.0 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-20349",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-11-13T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-11-14T04:55:36.331Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Cisco Digital Network Architecture Center (DNA Center)",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "1.4.0.0"
},
{
"status": "affected",
"version": "2.1.1.0"
},
{
"status": "affected",
"version": "2.1.1.3"
},
{
"status": "affected",
"version": "2.1.2.0"
},
{
"status": "affected",
"version": "2.1.2.3"
},
{
"status": "affected",
"version": "2.1.2.4"
},
{
"status": "affected",
"version": "2.1.2.5"
},
{
"status": "affected",
"version": "2.2.1.0"
},
{
"status": "affected",
"version": "2.1.2.6"
},
{
"status": "affected",
"version": "2.2.2.0"
},
{
"status": "affected",
"version": "2.2.2.1"
},
{
"status": "affected",
"version": "2.2.2.3"
},
{
"status": "affected",
"version": "2.1.2.7"
},
{
"status": "affected",
"version": "2.2.1.3"
},
{
"status": "affected",
"version": "2.2.3.0"
},
{
"status": "affected",
"version": "2.2.2.4"
},
{
"status": "affected",
"version": "2.2.2.5"
},
{
"status": "affected",
"version": "2.2.3.3"
},
{
"status": "affected",
"version": "2.2.2.7"
},
{
"status": "affected",
"version": "2.2.2.6"
},
{
"status": "affected",
"version": "2.2.2.8"
},
{
"status": "affected",
"version": "2.2.3.4"
},
{
"status": "affected",
"version": "2.1.2.8"
},
{
"status": "affected",
"version": "2.3.2.1"
},
{
"status": "affected",
"version": "2.3.2.1-AIRGAP"
},
{
"status": "affected",
"version": "2.3.2.1-AIRGAP-CA"
},
{
"status": "affected",
"version": "2.2.3.5"
},
{
"status": "affected",
"version": "2.3.3.0"
},
{
"status": "affected",
"version": "2.3.3.3"
},
{
"status": "affected",
"version": "2.3.3.1-AIRGAP"
},
{
"status": "affected",
"version": "2.3.3.1"
},
{
"status": "affected",
"version": "2.3.2.3"
},
{
"status": "affected",
"version": "2.3.3.3-AIRGAP"
},
{
"status": "affected",
"version": "2.2.3.6"
},
{
"status": "affected",
"version": "2.2.2.9"
},
{
"status": "affected",
"version": "2.3.3.0-AIRGAP"
},
{
"status": "affected",
"version": "2.3.3.3-AIRGAP-CA"
},
{
"status": "affected",
"version": "2.3.3.4"
},
{
"status": "affected",
"version": "2.3.3.4-AIRGAP"
},
{
"status": "affected",
"version": "2.3.3.4-AIRGAP-MDNAC"
},
{
"status": "affected",
"version": "2.3.3.4-HF1"
},
{
"status": "affected",
"version": "2.3.4.0"
},
{
"status": "affected",
"version": "2.3.3.5"
},
{
"status": "affected",
"version": "2.3.3.5-AIRGAP"
},
{
"status": "affected",
"version": "2.3.4.0-AIRGAP"
},
{
"status": "affected",
"version": "2.3.4.3"
},
{
"status": "affected",
"version": "2.3.4.3-AIRGAP"
},
{
"status": "affected",
"version": "2.3.3.6"
},
{
"status": "affected",
"version": "2.3.5.0"
},
{
"status": "affected",
"version": "2.3.3.6-AIRGAP"
},
{
"status": "affected",
"version": "2.3.5.0-AIRGAP"
},
{
"status": "affected",
"version": "2.3.3.6-AIRGAP-MDNAC"
},
{
"status": "affected",
"version": "2.3.5.0-AIRGAP-MDNAC"
},
{
"status": "affected",
"version": "2.3.3.7"
},
{
"status": "affected",
"version": "2.3.3.7-AIRGAP"
},
{
"status": "affected",
"version": "2.3.3.7-AIRGAP-MDNAC"
},
{
"status": "affected",
"version": "2.3.6.0"
},
{
"status": "affected",
"version": "2.3.3.6-70045-HF1"
},
{
"status": "affected",
"version": "2.3.3.7-72328-AIRGAP"
},
{
"status": "affected",
"version": "2.3.3.7-72323"
},
{
"status": "affected",
"version": "2.3.3.7-72328-MDNAC"
},
{
"status": "affected",
"version": "2.3.5.3"
},
{
"status": "affected",
"version": "2.3.5.3-AIRGAP-MDNAC"
},
{
"status": "affected",
"version": "2.3.5.3-AIRGAP"
},
{
"status": "affected",
"version": "2.3.6.0-AIRGAP"
},
{
"status": "affected",
"version": "2.3.7.0"
},
{
"status": "affected",
"version": "2.3.7.0-AIRGAP"
},
{
"status": "affected",
"version": "2.3.7.0-AIRGAP-MDNAC"
},
{
"status": "affected",
"version": "2.3.7.0-VA"
},
{
"status": "affected",
"version": "2.3.5.4"
},
{
"status": "affected",
"version": "2.3.5.4-AIRGAP"
},
{
"status": "affected",
"version": "2.3.5.4-AIRGAP-MDNAC"
},
{
"status": "affected",
"version": "2.3.7.3"
},
{
"status": "affected",
"version": "2.3.7.3-AIRGAP"
},
{
"status": "affected",
"version": "2.3.7.3-AIRGAP-MDNAC"
},
{
"status": "affected",
"version": "2.3.5.5-AIRGAP"
},
{
"status": "affected",
"version": "2.3.5.5"
},
{
"status": "affected",
"version": "2.3.5.5-AIRGAP-MDNAC"
},
{
"status": "affected",
"version": "2.3.7.4"
},
{
"status": "affected",
"version": "2.3.7.4-AIRGAP"
},
{
"status": "affected",
"version": "2.3.7.4-AIRGAP-MDNAC"
},
{
"status": "affected",
"version": "2.3.7.5-AIRGAP"
},
{
"status": "affected",
"version": "2.3.7.5-VA"
},
{
"status": "affected",
"version": "2.3.5.6-AIRGAP"
},
{
"status": "affected",
"version": "2.3.5.6"
},
{
"status": "affected",
"version": "2.3.5.6-AIRGAP-MDNAC"
},
{
"status": "affected",
"version": "1.0.0.0"
},
{
"status": "affected",
"version": "2.3.7.6-AIRGAP"
},
{
"status": "affected",
"version": "2.3.7.6"
},
{
"status": "affected",
"version": "2.3.7.6-VA"
},
{
"status": "affected",
"version": "2.3.5.5-70026-HF70"
},
{
"status": "affected",
"version": "2.3.5.5-70026-HF51"
},
{
"status": "affected",
"version": "2.3.5.6-70143-HF20"
},
{
"status": "affected",
"version": "2.3.7.6-AIRGAP-MDNAC"
},
{
"status": "affected",
"version": "2.3.5.5-70026-HF52"
},
{
"status": "affected",
"version": "2.3.5.5-70026-HF53"
},
{
"status": "affected",
"version": "2.3.5.5-70026-HF71"
},
{
"status": "affected",
"version": "2.3.7.7"
},
{
"status": "affected",
"version": "2.3.7.7-VA"
},
{
"status": "affected",
"version": "2.3.7.7-AIRGAP"
},
{
"status": "affected",
"version": "2.3.7.7-AIRGAP-MDNAC"
},
{
"status": "affected",
"version": "2.3.5.5-70026-HF72"
},
{
"status": "affected",
"version": "2.3.7.9-VA"
},
{
"status": "affected",
"version": "2.3.7.9"
},
{
"status": "affected",
"version": "2.3.7.9-AIRGAP"
},
{
"status": "affected",
"version": "2.3.7.9-AIRGAP-MDNAC"
},
{
"status": "affected",
"version": "2.3.7.9-70301-SMU1"
},
{
"status": "affected",
"version": "2.3.5.3-EULA"
},
{
"status": "affected",
"version": "0.0.0.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the REST API of Cisco Catalyst Center could allow an authenticated, remote attacker to execute arbitrary commands in a restricted container as the root user.\r\n\r\nThis vulnerability is due to insufficient validation of user-supplied input in REST API request parameters. An attacker could exploit this vulnerability by sending a crafted API request to an affected device. A successful exploit could allow the attacker to inject arbitrary commands that would then be executed in a restricted container with root privileges. To exploit this vulnerability, the attacker must have valid credentials for a user account with at least the role of Observer."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-13T16:27:31.359Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-dnac-ci-ZWLQVSwT",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-dnac-ci-ZWLQVSwT"
}
],
"source": {
"advisory": "cisco-sa-dnac-ci-ZWLQVSwT",
"defects": [
"CSCwo77762"
],
"discovery": "INTERNAL"
},
"title": "Cisco DNA Center API Command Injection Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2025-20349",
"datePublished": "2025-11-13T16:18:03.689Z",
"dateReserved": "2024-10-10T19:15:13.257Z",
"dateUpdated": "2025-11-14T04:55:36.331Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-20341 (GCVE-0-2025-20341)
Vulnerability from cvelistv5 – Published: 2025-11-13 16:18 – Updated: 2025-11-14 04:55
VLAI?
Title
Cisco Catalyst Center Privilege Escalation Vulnerability
Summary
A vulnerability in Cisco Catalyst Center Virtual Appliance could allow an authenticated, remote attacker to elevate privileges to Administrator on an affected system.
This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by submitting a crafted HTTP request to an affected system. A successful exploit could allow the attacker to perform unauthorized modifications to the system, including creating new user accounts or elevating their own privileges on an affected system. To exploit this vulnerability, the attacker must have valid credentials for a user account with at least the role of Observer.
Severity ?
8.8 (High)
CWE
- CWE-284 - Improper Access Control
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Digital Network Architecture Center (DNA Center) |
Affected:
2.3.7.5-VA
Affected: 2.3.7.6-VA Affected: 2.3.7.7-VA Affected: 2.3.7.9-VA Affected: 2.3.7.9.75403.10-VA |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-20341",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-11-13T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-11-14T04:55:35.637Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Cisco Digital Network Architecture Center (DNA Center)",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "2.3.7.5-VA"
},
{
"status": "affected",
"version": "2.3.7.6-VA"
},
{
"status": "affected",
"version": "2.3.7.7-VA"
},
{
"status": "affected",
"version": "2.3.7.9-VA"
},
{
"status": "affected",
"version": "2.3.7.9.75403.10-VA"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in Cisco Catalyst Center Virtual Appliance could allow an authenticated, remote attacker to elevate privileges to Administrator on an affected system.\r\n\r\nThis vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by submitting a crafted HTTP request to an affected system. A successful exploit could allow the attacker to perform unauthorized modifications to the system, including creating new user accounts or elevating their own privileges on an affected system. To exploit this vulnerability, the attacker must have valid credentials for a user account with at least the role of Observer."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "Improper Access Control",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-13T16:27:30.810Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-catc-priv-esc-VS8EeCuX",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-catc-priv-esc-VS8EeCuX"
}
],
"source": {
"advisory": "cisco-sa-catc-priv-esc-VS8EeCuX",
"defects": [
"CSCwo97875"
],
"discovery": "EXTERNAL"
},
"title": "Cisco Catalyst Center Privilege Escalation Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2025-20341",
"datePublished": "2025-11-13T16:18:03.687Z",
"dateReserved": "2024-10-10T19:15:13.255Z",
"dateUpdated": "2025-11-14T04:55:35.637Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-20304 (GCVE-0-2025-20304)
Vulnerability from cvelistv5 – Published: 2025-11-05 16:33 – Updated: 2025-12-04 20:41
VLAI?
Summary
Multiple vulnerabilities in the web-based management interface of Cisco ISE and Cisco ISE-PIC could allow an authenticated, remote attacker to conduct a reflected XSS attack against a user of the interface.
These vulnerabilities are due to insufficient validation of user-supplied input by the web-based management interface of an affected system. An attacker could exploit these vulnerabilities by injecting malicious code into specific pages of the interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. To exploit these vulnerabilities, the attacker must have at least a low-privileged account on the affected device.
Severity ?
5.4 (Medium)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Identity Services Engine Software |
Affected:
3.1.0
Affected: 3.1.0 p1 Affected: 3.1.0 p3 Affected: 3.1.0 p2 Affected: 3.1.0 p4 Affected: 3.1.0 p5 Affected: 3.1.0 p6 Affected: 3.1.0 p7 Affected: 3.1.0 p8 Affected: 3.1.0 p9 Affected: 3.1.0 p10 Affected: 3.2.0 Affected: 3.2.0 p1 Affected: 3.2.0 p2 Affected: 3.2.0 p3 Affected: 3.2.0 p4 Affected: 3.2.0 p5 Affected: 3.2.0 p6 Affected: 3.2.0 p7 Affected: 3.3.0 Affected: 3.3 Patch 2 Affected: 3.3 Patch 1 Affected: 3.3 Patch 3 Affected: 3.3 Patch 4 Affected: 3.3 Patch 5 Affected: 3.3 Patch 6 Affected: 3.3 Patch 7 Affected: 3.4.0 Affected: 3.4 Patch 1 Affected: 3.4 Patch 2 Affected: 3.4 Patch 3 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-20304",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-11-05T20:19:56.586902Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-11-05T20:20:07.804Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco Identity Services Engine Software",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "3.1.0"
},
{
"status": "affected",
"version": "3.1.0 p1"
},
{
"status": "affected",
"version": "3.1.0 p3"
},
{
"status": "affected",
"version": "3.1.0 p2"
},
{
"status": "affected",
"version": "3.1.0 p4"
},
{
"status": "affected",
"version": "3.1.0 p5"
},
{
"status": "affected",
"version": "3.1.0 p6"
},
{
"status": "affected",
"version": "3.1.0 p7"
},
{
"status": "affected",
"version": "3.1.0 p8"
},
{
"status": "affected",
"version": "3.1.0 p9"
},
{
"status": "affected",
"version": "3.1.0 p10"
},
{
"status": "affected",
"version": "3.2.0"
},
{
"status": "affected",
"version": "3.2.0 p1"
},
{
"status": "affected",
"version": "3.2.0 p2"
},
{
"status": "affected",
"version": "3.2.0 p3"
},
{
"status": "affected",
"version": "3.2.0 p4"
},
{
"status": "affected",
"version": "3.2.0 p5"
},
{
"status": "affected",
"version": "3.2.0 p6"
},
{
"status": "affected",
"version": "3.2.0 p7"
},
{
"status": "affected",
"version": "3.3.0"
},
{
"status": "affected",
"version": "3.3 Patch 2"
},
{
"status": "affected",
"version": "3.3 Patch 1"
},
{
"status": "affected",
"version": "3.3 Patch 3"
},
{
"status": "affected",
"version": "3.3 Patch 4"
},
{
"status": "affected",
"version": "3.3 Patch 5"
},
{
"status": "affected",
"version": "3.3 Patch 6"
},
{
"status": "affected",
"version": "3.3 Patch 7"
},
{
"status": "affected",
"version": "3.4.0"
},
{
"status": "affected",
"version": "3.4 Patch 1"
},
{
"status": "affected",
"version": "3.4 Patch 2"
},
{
"status": "affected",
"version": "3.4 Patch 3"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Multiple vulnerabilities in the web-based management interface of Cisco ISE and Cisco ISE-PIC could allow an authenticated, remote attacker to conduct a reflected XSS attack against a user of the interface.\r\n\r These vulnerabilities are due to insufficient validation of user-supplied input by the web-based management interface of an affected system. An attacker could exploit these vulnerabilities by injecting malicious code into specific pages of the interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. To exploit these vulnerabilities, the attacker must have at least a low-privileged account on the affected device."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-12-04T20:41:09.536Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-ise-multiple-vulns-O9BESWJH",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-multiple-vulns-O9BESWJH"
}
],
"source": {
"advisory": "cisco-sa-ise-multiple-vulns-O9BESWJH",
"defects": [
"CSCwo37216"
],
"discovery": "EXTERNAL"
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2025-20304",
"datePublished": "2025-11-05T16:33:27.573Z",
"dateReserved": "2024-10-10T19:15:13.252Z",
"dateUpdated": "2025-12-04T20:41:09.536Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-20305 (GCVE-0-2025-20305)
Vulnerability from cvelistv5 – Published: 2025-11-05 16:32 – Updated: 2025-12-04 20:41
VLAI?
Summary
A vulnerability in the web-based management interface of Cisco ISE could allow an authenticated, remote attacker to obtain sensitive information from an affected device.
This vulnerability exists because certain files lack proper data protection mechanisms. An attacker with read-only Administrator privileges could exploit this vulnerability by performing actions where the results should only be viewable to a high-privileged user. A successful exploit could allow the attacker to view passwords that are normally not visible to read-only administrators.
Severity ?
4.3 (Medium)
CWE
- CWE-1220 - Insufficient Granularity of Access Control
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Identity Services Engine Software |
Affected:
3.1.0
Affected: 3.1.0 p1 Affected: 3.1.0 p3 Affected: 3.1.0 p2 Affected: 3.1.0 p4 Affected: 3.1.0 p5 Affected: 3.1.0 p6 Affected: 3.1.0 p7 Affected: 3.1.0 p8 Affected: 3.1.0 p9 Affected: 3.1.0 p10 Affected: 3.2.0 Affected: 3.2.0 p1 Affected: 3.2.0 p2 Affected: 3.2.0 p3 Affected: 3.2.0 p4 Affected: 3.2.0 p5 Affected: 3.2.0 p6 Affected: 3.2.0 p7 Affected: 3.3.0 Affected: 3.3 Patch 2 Affected: 3.3 Patch 1 Affected: 3.3 Patch 3 Affected: 3.3 Patch 4 Affected: 3.3 Patch 5 Affected: 3.3 Patch 6 Affected: 3.3 Patch 7 Affected: 3.4.0 Affected: 3.4 Patch 1 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-20305",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-11-05T20:19:22.682276Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-11-05T20:19:33.833Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco Identity Services Engine Software",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "3.1.0"
},
{
"status": "affected",
"version": "3.1.0 p1"
},
{
"status": "affected",
"version": "3.1.0 p3"
},
{
"status": "affected",
"version": "3.1.0 p2"
},
{
"status": "affected",
"version": "3.1.0 p4"
},
{
"status": "affected",
"version": "3.1.0 p5"
},
{
"status": "affected",
"version": "3.1.0 p6"
},
{
"status": "affected",
"version": "3.1.0 p7"
},
{
"status": "affected",
"version": "3.1.0 p8"
},
{
"status": "affected",
"version": "3.1.0 p9"
},
{
"status": "affected",
"version": "3.1.0 p10"
},
{
"status": "affected",
"version": "3.2.0"
},
{
"status": "affected",
"version": "3.2.0 p1"
},
{
"status": "affected",
"version": "3.2.0 p2"
},
{
"status": "affected",
"version": "3.2.0 p3"
},
{
"status": "affected",
"version": "3.2.0 p4"
},
{
"status": "affected",
"version": "3.2.0 p5"
},
{
"status": "affected",
"version": "3.2.0 p6"
},
{
"status": "affected",
"version": "3.2.0 p7"
},
{
"status": "affected",
"version": "3.3.0"
},
{
"status": "affected",
"version": "3.3 Patch 2"
},
{
"status": "affected",
"version": "3.3 Patch 1"
},
{
"status": "affected",
"version": "3.3 Patch 3"
},
{
"status": "affected",
"version": "3.3 Patch 4"
},
{
"status": "affected",
"version": "3.3 Patch 5"
},
{
"status": "affected",
"version": "3.3 Patch 6"
},
{
"status": "affected",
"version": "3.3 Patch 7"
},
{
"status": "affected",
"version": "3.4.0"
},
{
"status": "affected",
"version": "3.4 Patch 1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based management interface of Cisco ISE could allow an authenticated, remote attacker to obtain sensitive information from an affected device.\r\n\r This vulnerability exists because certain files lack proper data protection mechanisms. An attacker with read-only Administrator privileges could exploit this vulnerability by performing actions where the results should only be viewable to a high-privileged user. A successful exploit could allow the attacker to view passwords that are normally not visible to read-only administrators."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1220",
"description": "Insufficient Granularity of Access Control",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-12-04T20:41:27.628Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-ise-multiple-vulns-O9BESWJH",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-multiple-vulns-O9BESWJH"
}
],
"source": {
"advisory": "cisco-sa-ise-multiple-vulns-O9BESWJH",
"defects": [
"CSCwo37181"
],
"discovery": "EXTERNAL"
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2025-20305",
"datePublished": "2025-11-05T16:32:52.800Z",
"dateReserved": "2024-10-10T19:15:13.252Z",
"dateUpdated": "2025-12-04T20:41:27.628Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-20289 (GCVE-0-2025-20289)
Vulnerability from cvelistv5 – Published: 2025-11-05 16:32 – Updated: 2025-12-04 20:41
VLAI?
Summary
Multiple vulnerabilities in the web-based management interface of Cisco ISE and Cisco ISE-PIC could allow an authenticated, remote attacker to conduct a reflected XSS attack against a user of the interface.
These vulnerabilities are due to insufficient validation of user-supplied input by the web-based management interface of an affected system. An attacker could exploit these vulnerabilities by injecting malicious code into specific pages of the interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. To exploit these vulnerabilities, the attacker must have at least a low-privileged account on the affected device.
Severity ?
4.8 (Medium)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Identity Services Engine Software |
Affected:
3.1.0
Affected: 3.1.0 p1 Affected: 3.1.0 p3 Affected: 3.1.0 p2 Affected: 3.1.0 p4 Affected: 3.1.0 p5 Affected: 3.1.0 p6 Affected: 3.1.0 p7 Affected: 3.1.0 p8 Affected: 3.1.0 p9 Affected: 3.1.0 p10 Affected: 3.2.0 Affected: 3.2.0 p1 Affected: 3.2.0 p2 Affected: 3.2.0 p3 Affected: 3.2.0 p4 Affected: 3.2.0 p5 Affected: 3.2.0 p6 Affected: 3.2.0 p7 Affected: 3.3.0 Affected: 3.3 Patch 2 Affected: 3.3 Patch 1 Affected: 3.3 Patch 3 Affected: 3.3 Patch 4 Affected: 3.3 Patch 5 Affected: 3.3 Patch 6 Affected: 3.3 Patch 7 Affected: 3.4.0 Affected: 3.4 Patch 1 Affected: 3.4 Patch 2 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-20289",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-11-05T20:18:21.471725Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-11-05T20:18:33.404Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco Identity Services Engine Software",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "3.1.0"
},
{
"status": "affected",
"version": "3.1.0 p1"
},
{
"status": "affected",
"version": "3.1.0 p3"
},
{
"status": "affected",
"version": "3.1.0 p2"
},
{
"status": "affected",
"version": "3.1.0 p4"
},
{
"status": "affected",
"version": "3.1.0 p5"
},
{
"status": "affected",
"version": "3.1.0 p6"
},
{
"status": "affected",
"version": "3.1.0 p7"
},
{
"status": "affected",
"version": "3.1.0 p8"
},
{
"status": "affected",
"version": "3.1.0 p9"
},
{
"status": "affected",
"version": "3.1.0 p10"
},
{
"status": "affected",
"version": "3.2.0"
},
{
"status": "affected",
"version": "3.2.0 p1"
},
{
"status": "affected",
"version": "3.2.0 p2"
},
{
"status": "affected",
"version": "3.2.0 p3"
},
{
"status": "affected",
"version": "3.2.0 p4"
},
{
"status": "affected",
"version": "3.2.0 p5"
},
{
"status": "affected",
"version": "3.2.0 p6"
},
{
"status": "affected",
"version": "3.2.0 p7"
},
{
"status": "affected",
"version": "3.3.0"
},
{
"status": "affected",
"version": "3.3 Patch 2"
},
{
"status": "affected",
"version": "3.3 Patch 1"
},
{
"status": "affected",
"version": "3.3 Patch 3"
},
{
"status": "affected",
"version": "3.3 Patch 4"
},
{
"status": "affected",
"version": "3.3 Patch 5"
},
{
"status": "affected",
"version": "3.3 Patch 6"
},
{
"status": "affected",
"version": "3.3 Patch 7"
},
{
"status": "affected",
"version": "3.4.0"
},
{
"status": "affected",
"version": "3.4 Patch 1"
},
{
"status": "affected",
"version": "3.4 Patch 2"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Multiple vulnerabilities in the web-based management interface of Cisco ISE and Cisco ISE-PIC could allow an authenticated, remote attacker to conduct a reflected XSS attack against a user of the interface.\r\n\r These vulnerabilities are due to insufficient validation of user-supplied input by the web-based management interface of an affected system. An attacker could exploit these vulnerabilities by injecting malicious code into specific pages of the interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. To exploit these vulnerabilities, the attacker must have at least a low-privileged account on the affected device."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-12-04T20:41:58.362Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-ise-multiple-vulns-O9BESWJH",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-multiple-vulns-O9BESWJH"
}
],
"source": {
"advisory": "cisco-sa-ise-multiple-vulns-O9BESWJH",
"defects": [
"CSCwo37212"
],
"discovery": "EXTERNAL"
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2025-20289",
"datePublished": "2025-11-05T16:32:28.860Z",
"dateReserved": "2024-10-10T19:15:13.251Z",
"dateUpdated": "2025-12-04T20:41:58.362Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-20303 (GCVE-0-2025-20303)
Vulnerability from cvelistv5 – Published: 2025-11-05 16:32 – Updated: 2025-12-04 20:41
VLAI?
Summary
Multiple vulnerabilities in the web-based management interface of Cisco ISE and Cisco ISE-PIC could allow an authenticated, remote attacker to conduct a reflected XSS attack against a user of the interface.
These vulnerabilities are due to insufficient validation of user-supplied input by the web-based management interface of an affected system. An attacker could exploit these vulnerabilities by injecting malicious code into specific pages of the interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. To exploit these vulnerabilities, the attacker must have at least a low-privileged account on the affected device.
Severity ?
5.4 (Medium)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Identity Services Engine Software |
Affected:
3.1.0
Affected: 3.1.0 p1 Affected: 3.1.0 p3 Affected: 3.1.0 p2 Affected: 3.1.0 p4 Affected: 3.1.0 p5 Affected: 3.1.0 p6 Affected: 3.1.0 p7 Affected: 3.1.0 p8 Affected: 3.1.0 p9 Affected: 3.1.0 p10 Affected: 3.2.0 Affected: 3.2.0 p1 Affected: 3.2.0 p2 Affected: 3.2.0 p3 Affected: 3.2.0 p4 Affected: 3.2.0 p5 Affected: 3.2.0 p6 Affected: 3.2.0 p7 Affected: 3.3.0 Affected: 3.3 Patch 2 Affected: 3.3 Patch 1 Affected: 3.3 Patch 3 Affected: 3.3 Patch 4 Affected: 3.3 Patch 5 Affected: 3.3 Patch 6 Affected: 3.3 Patch 7 Affected: 3.4.0 Affected: 3.4 Patch 1 Affected: 3.4 Patch 2 Affected: 3.4 Patch 3 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-20303",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-11-05T20:16:57.119152Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-11-05T20:17:21.630Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco Identity Services Engine Software",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "3.1.0"
},
{
"status": "affected",
"version": "3.1.0 p1"
},
{
"status": "affected",
"version": "3.1.0 p3"
},
{
"status": "affected",
"version": "3.1.0 p2"
},
{
"status": "affected",
"version": "3.1.0 p4"
},
{
"status": "affected",
"version": "3.1.0 p5"
},
{
"status": "affected",
"version": "3.1.0 p6"
},
{
"status": "affected",
"version": "3.1.0 p7"
},
{
"status": "affected",
"version": "3.1.0 p8"
},
{
"status": "affected",
"version": "3.1.0 p9"
},
{
"status": "affected",
"version": "3.1.0 p10"
},
{
"status": "affected",
"version": "3.2.0"
},
{
"status": "affected",
"version": "3.2.0 p1"
},
{
"status": "affected",
"version": "3.2.0 p2"
},
{
"status": "affected",
"version": "3.2.0 p3"
},
{
"status": "affected",
"version": "3.2.0 p4"
},
{
"status": "affected",
"version": "3.2.0 p5"
},
{
"status": "affected",
"version": "3.2.0 p6"
},
{
"status": "affected",
"version": "3.2.0 p7"
},
{
"status": "affected",
"version": "3.3.0"
},
{
"status": "affected",
"version": "3.3 Patch 2"
},
{
"status": "affected",
"version": "3.3 Patch 1"
},
{
"status": "affected",
"version": "3.3 Patch 3"
},
{
"status": "affected",
"version": "3.3 Patch 4"
},
{
"status": "affected",
"version": "3.3 Patch 5"
},
{
"status": "affected",
"version": "3.3 Patch 6"
},
{
"status": "affected",
"version": "3.3 Patch 7"
},
{
"status": "affected",
"version": "3.4.0"
},
{
"status": "affected",
"version": "3.4 Patch 1"
},
{
"status": "affected",
"version": "3.4 Patch 2"
},
{
"status": "affected",
"version": "3.4 Patch 3"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Multiple vulnerabilities in the web-based management interface of Cisco ISE and Cisco ISE-PIC could allow an authenticated, remote attacker to conduct a reflected XSS attack against a user of the interface.\r\n\r These vulnerabilities are due to insufficient validation of user-supplied input by the web-based management interface of an affected system. An attacker could exploit these vulnerabilities by injecting malicious code into specific pages of the interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. To exploit these vulnerabilities, the attacker must have at least a low-privileged account on the affected device."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-12-04T20:41:38.708Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-ise-multiple-vulns-O9BESWJH",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-multiple-vulns-O9BESWJH"
}
],
"source": {
"advisory": "cisco-sa-ise-multiple-vulns-O9BESWJH",
"defects": [
"CSCwo37218"
],
"discovery": "EXTERNAL"
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2025-20303",
"datePublished": "2025-11-05T16:32:02.482Z",
"dateReserved": "2024-10-10T19:15:13.252Z",
"dateUpdated": "2025-12-04T20:41:38.708Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-20377 (GCVE-0-2025-20377)
Vulnerability from cvelistv5 – Published: 2025-11-05 16:31 – Updated: 2025-11-21 14:23
VLAI?
Title
Cisco Unified Intelligence Center API Information Disclosure Vulnerability
Summary
A vulnerability in the API subsystem of Cisco Unified Intelligence Center could allow an authenticated, remote attacker to obtain sensitive information from an affected system.
This vulnerability is due to improper validation of requests to certain API endpoints. An attacker could exploit this vulnerability by sending a valid request to a specific API endpoint within the affected system. A successful exploit could allow a low-privileged user to view sensitive information on the affected system that should be restricted. To exploit this vulnerability, the attacker must have valid user credentials on the affected system.
Severity ?
4.3 (Medium)
CWE
- CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Cisco | Cisco Packaged Contact Center Enterprise |
Affected:
12.5(1)
Affected: 11.0(1) Affected: 12.0(1) Affected: 11.0(2) Affected: 11.5(1) Affected: 10.5(1) Affected: 10.5(2) Affected: 11.6(2) Affected: 10.5(1)_ES7 Affected: 11.6(1) Affected: 10.5(2)_ES8 Affected: 12.6(1) Affected: 12.5(2) Affected: 12.6(2) Affected: 15.0(1) |
|||||||||||||||||
|
|||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-20377",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-11-05T20:13:55.442333Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-11-05T20:14:05.911Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Cisco Packaged Contact Center Enterprise",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "12.5(1)"
},
{
"status": "affected",
"version": "11.0(1)"
},
{
"status": "affected",
"version": "12.0(1)"
},
{
"status": "affected",
"version": "11.0(2)"
},
{
"status": "affected",
"version": "11.5(1)"
},
{
"status": "affected",
"version": "10.5(1)"
},
{
"status": "affected",
"version": "10.5(2)"
},
{
"status": "affected",
"version": "11.6(2)"
},
{
"status": "affected",
"version": "10.5(1)_ES7"
},
{
"status": "affected",
"version": "11.6(1)"
},
{
"status": "affected",
"version": "10.5(2)_ES8"
},
{
"status": "affected",
"version": "12.6(1)"
},
{
"status": "affected",
"version": "12.5(2)"
},
{
"status": "affected",
"version": "12.6(2)"
},
{
"status": "affected",
"version": "15.0(1)"
}
]
},
{
"defaultStatus": "unknown",
"product": "Cisco Unified Contact Center Enterprise",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "12.6(1)ES3"
},
{
"status": "affected",
"version": "12.6(1)ES1"
},
{
"status": "affected",
"version": "12.6(1)"
},
{
"status": "affected",
"version": "12.6(1)ES2"
},
{
"status": "affected",
"version": "12.6(1)SecurityPatch"
},
{
"status": "affected",
"version": "12.5(1)ES1"
},
{
"status": "affected",
"version": "12.5(1)"
},
{
"status": "affected",
"version": "12.6(1)ES4"
},
{
"status": "affected",
"version": "11.0(1)"
},
{
"status": "affected",
"version": "10.5(1)"
},
{
"status": "affected",
"version": "12.0(1)"
},
{
"status": "affected",
"version": "10.5"
},
{
"status": "affected",
"version": "11.0"
},
{
"status": "affected",
"version": "11.5"
},
{
"status": "affected",
"version": "12.6(2)"
},
{
"status": "affected",
"version": "12.6(2)ES1"
},
{
"status": "affected",
"version": "12.6(2)ES2"
},
{
"status": "affected",
"version": "15.0(1)"
},
{
"status": "affected",
"version": "12.6(2)ES3"
},
{
"status": "affected",
"version": "15.0(1)ET01"
},
{
"status": "affected",
"version": "15.0(1)_SP1"
}
]
},
{
"defaultStatus": "unknown",
"product": "Cisco Unified Contact Center Express",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "10.5(1)SU1"
},
{
"status": "affected",
"version": "10.6(1)"
},
{
"status": "affected",
"version": "11.6(1)"
},
{
"status": "affected",
"version": "10.6(1)SU1"
},
{
"status": "affected",
"version": "10.6(1)SU3"
},
{
"status": "affected",
"version": "11.6(2)"
},
{
"status": "affected",
"version": "12.0(1)"
},
{
"status": "affected",
"version": "11.0(1)SU1"
},
{
"status": "affected",
"version": "11.5(1)SU1"
},
{
"status": "affected",
"version": "10.5(1)"
},
{
"status": "affected",
"version": "12.5(1)"
},
{
"status": "affected",
"version": "12.5(1)SU1"
},
{
"status": "affected",
"version": "12.5(1)SU2"
},
{
"status": "affected",
"version": "12.5(1)SU3"
},
{
"status": "affected",
"version": "12.5(1)_SU03_ES01"
},
{
"status": "affected",
"version": "12.5(1)_SU03_ES02"
},
{
"status": "affected",
"version": "12.5(1)_SU02_ES03"
},
{
"status": "affected",
"version": "12.5(1)_SU02_ES04"
},
{
"status": "affected",
"version": "12.5(1)_SU02_ES02"
},
{
"status": "affected",
"version": "12.5(1)_SU01_ES02"
},
{
"status": "affected",
"version": "12.5(1)_SU01_ES03"
},
{
"status": "affected",
"version": "12.5(1)_SU02_ES01"
},
{
"status": "affected",
"version": "11.6(2)ES07"
},
{
"status": "affected",
"version": "11.6(2)ES08"
},
{
"status": "affected",
"version": "12.5(1)_SU01_ES01"
},
{
"status": "affected",
"version": "12.0(1)ES04"
},
{
"status": "affected",
"version": "12.5(1)ES02"
},
{
"status": "affected",
"version": "12.5(1)ES03"
},
{
"status": "affected",
"version": "11.6(2)ES06"
},
{
"status": "affected",
"version": "12.5(1)ES01"
},
{
"status": "affected",
"version": "12.0(1)ES03"
},
{
"status": "affected",
"version": "12.0(1)ES01"
},
{
"status": "affected",
"version": "11.6(2)ES05"
},
{
"status": "affected",
"version": "12.0(1)ES02"
},
{
"status": "affected",
"version": "11.6(2)ES04"
},
{
"status": "affected",
"version": "11.6(2)ES03"
},
{
"status": "affected",
"version": "11.6(2)ES02"
},
{
"status": "affected",
"version": "11.6(2)ES01"
},
{
"status": "affected",
"version": "10.6(1)SU3ES03"
},
{
"status": "affected",
"version": "11.0(1)SU1ES03"
},
{
"status": "affected",
"version": "10.6(1)SU3ES01"
},
{
"status": "affected",
"version": "10.5(1)SU1ES10"
},
{
"status": "affected",
"version": "11.5(1)SU1ES03"
},
{
"status": "affected",
"version": "11.6(1)ES02"
},
{
"status": "affected",
"version": "11.5(1)ES01"
},
{
"status": "affected",
"version": "10.6(1)SU2"
},
{
"status": "affected",
"version": "10.6(1)SU2ES04"
},
{
"status": "affected",
"version": "11.6(1)ES01"
},
{
"status": "affected",
"version": "10.6(1)SU3ES02"
},
{
"status": "affected",
"version": "11.5(1)SU1ES02"
},
{
"status": "affected",
"version": "11.5(1)SU1ES01"
},
{
"status": "affected",
"version": "11.0(1)SU1ES02"
},
{
"status": "affected",
"version": "12.5(1)_SU03_ES03"
},
{
"status": "affected",
"version": "12.5(1)_SU03_ES04"
},
{
"status": "affected",
"version": "12.5(1)_SU03_ES05"
},
{
"status": "affected",
"version": "UCCX 15.0.1"
},
{
"status": "affected",
"version": "12.5(1)_SU03_ES06"
}
]
},
{
"defaultStatus": "unknown",
"product": "Cisco Unified Intelligence Center",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "11.6(1)"
},
{
"status": "affected",
"version": "10.5(1)"
},
{
"status": "affected",
"version": "11.0(1)"
},
{
"status": "affected",
"version": "11.5(1)"
},
{
"status": "affected",
"version": "12.0(1)"
},
{
"status": "affected",
"version": "12.5(1)"
},
{
"status": "affected",
"version": "11.0(2)"
},
{
"status": "affected",
"version": "12.6(1)"
},
{
"status": "affected",
"version": "12.5(1)SU"
},
{
"status": "affected",
"version": "12.6(1)_ET"
},
{
"status": "affected",
"version": "12.6(1)_ES05_ET"
},
{
"status": "affected",
"version": "11.0(3)"
},
{
"status": "affected",
"version": "12.6(2)"
},
{
"status": "affected",
"version": "12.6(2)_504_Issue_ET"
},
{
"status": "affected",
"version": "12.6.1_ExcelIssue_ET"
},
{
"status": "affected",
"version": "12.6(2)_Permalink_ET"
},
{
"status": "affected",
"version": "12.6.2_CSCwk19536_ET"
},
{
"status": "affected",
"version": "12.6.2_CSCwm96922_ET"
},
{
"status": "affected",
"version": "12.6.2_Amq_OOS_ET"
},
{
"status": "affected",
"version": "12.5(2)ET_CSCwi79933"
},
{
"status": "affected",
"version": "12.6(2)_ET"
},
{
"status": "affected",
"version": "12.6.2_CSCwn48501_ET"
},
{
"status": "affected",
"version": "15.0(1)"
},
{
"status": "affected",
"version": "12.6.2_CSCwp61293_ET"
},
{
"status": "affected",
"version": "12.6.2_CSCwp92614_ET"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the API subsystem of Cisco Unified Intelligence Center could allow an authenticated, remote attacker to obtain sensitive information from an affected system.\r\n\r\nThis vulnerability is due to improper validation of requests to certain API endpoints. An attacker could exploit this vulnerability by sending a valid request to a specific API endpoint within the affected system. A successful exploit could allow a low-privileged user to view sensitive information on the affected system that should be restricted. To exploit this vulnerability, the attacker must have valid user credentials on the affected system."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "Exposure of Sensitive Information to an Unauthorized Actor",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-21T14:23:13.993Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-cc-mult-vuln-gK4TFXSn",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cc-mult-vuln-gK4TFXSn"
}
],
"source": {
"advisory": "cisco-sa-cc-mult-vuln-gK4TFXSn",
"defects": [
"CSCwo38545"
],
"discovery": "EXTERNAL"
},
"title": "Cisco Unified Intelligence Center API Information Disclosure Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2025-20377",
"datePublished": "2025-11-05T16:31:52.595Z",
"dateReserved": "2024-10-10T19:15:13.263Z",
"dateUpdated": "2025-11-21T14:23:13.993Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-20375 (GCVE-0-2025-20375)
Vulnerability from cvelistv5 – Published: 2025-11-05 16:31 – Updated: 2025-11-06 04:55
VLAI?
Title
Cisco Unified Contact Center Express Arbitrary File Upload Vulnerability
Summary
A vulnerability in the web UI of Cisco Unified CCX could allow an authenticated, remote attacker to upload and execute arbitrary files.
This vulnerability is due to an insufficient input validation associated to specific UI features. An attacker could exploit this vulnerability by uploading a crafted file to the web UI. A successful exploit could allow the attacker to upload arbitrary files to a vulnerable system and execute them, gaining access to the underlying operating system. To exploit this vulnerability, the attacker must have valid administrative credentials.
Severity ?
6.5 (Medium)
CWE
- CWE-434 - Unrestricted Upload of File with Dangerous Type
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Unified Contact Center Express |
Affected:
10.5(1)SU1
Affected: 10.6(1) Affected: 11.6(1) Affected: 10.6(1)SU1 Affected: 10.6(1)SU3 Affected: 11.6(2) Affected: 12.0(1) Affected: 11.0(1)SU1 Affected: 11.5(1)SU1 Affected: 10.5(1) Affected: 12.5(1) Affected: 12.5(1)SU1 Affected: 12.5(1)SU2 Affected: 12.5(1)SU3 Affected: 12.5(1)_SU03_ES01 Affected: 12.5(1)_SU03_ES02 Affected: 12.5(1)_SU02_ES03 Affected: 12.5(1)_SU02_ES04 Affected: 12.5(1)_SU02_ES02 Affected: 12.5(1)_SU01_ES02 Affected: 12.5(1)_SU01_ES03 Affected: 12.5(1)_SU02_ES01 Affected: 11.6(2)ES07 Affected: 11.6(2)ES08 Affected: 12.5(1)_SU01_ES01 Affected: 12.0(1)ES04 Affected: 12.5(1)ES02 Affected: 12.5(1)ES03 Affected: 11.6(2)ES06 Affected: 12.5(1)ES01 Affected: 12.0(1)ES03 Affected: 12.0(1)ES01 Affected: 11.6(2)ES05 Affected: 12.0(1)ES02 Affected: 11.6(2)ES04 Affected: 11.6(2)ES03 Affected: 11.6(2)ES02 Affected: 11.6(2)ES01 Affected: 10.6(1)SU3ES03 Affected: 11.0(1)SU1ES03 Affected: 10.6(1)SU3ES01 Affected: 10.5(1)SU1ES10 Affected: 11.5(1)SU1ES03 Affected: 11.6(1)ES02 Affected: 11.5(1)ES01 Affected: 10.6(1)SU2 Affected: 10.6(1)SU2ES04 Affected: 11.6(1)ES01 Affected: 10.6(1)SU3ES02 Affected: 11.5(1)SU1ES02 Affected: 11.5(1)SU1ES01 Affected: 11.0(1)SU1ES02 Affected: 12.5(1)_SU03_ES03 Affected: 12.5(1)_SU03_ES04 Affected: 12.5(1)_SU03_ES05 Affected: UCCX 15.0.1 Affected: 12.5(1)_SU03_ES06 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-20375",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-11-05T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-11-06T04:55:45.946Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Cisco Unified Contact Center Express",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "10.5(1)SU1"
},
{
"status": "affected",
"version": "10.6(1)"
},
{
"status": "affected",
"version": "11.6(1)"
},
{
"status": "affected",
"version": "10.6(1)SU1"
},
{
"status": "affected",
"version": "10.6(1)SU3"
},
{
"status": "affected",
"version": "11.6(2)"
},
{
"status": "affected",
"version": "12.0(1)"
},
{
"status": "affected",
"version": "11.0(1)SU1"
},
{
"status": "affected",
"version": "11.5(1)SU1"
},
{
"status": "affected",
"version": "10.5(1)"
},
{
"status": "affected",
"version": "12.5(1)"
},
{
"status": "affected",
"version": "12.5(1)SU1"
},
{
"status": "affected",
"version": "12.5(1)SU2"
},
{
"status": "affected",
"version": "12.5(1)SU3"
},
{
"status": "affected",
"version": "12.5(1)_SU03_ES01"
},
{
"status": "affected",
"version": "12.5(1)_SU03_ES02"
},
{
"status": "affected",
"version": "12.5(1)_SU02_ES03"
},
{
"status": "affected",
"version": "12.5(1)_SU02_ES04"
},
{
"status": "affected",
"version": "12.5(1)_SU02_ES02"
},
{
"status": "affected",
"version": "12.5(1)_SU01_ES02"
},
{
"status": "affected",
"version": "12.5(1)_SU01_ES03"
},
{
"status": "affected",
"version": "12.5(1)_SU02_ES01"
},
{
"status": "affected",
"version": "11.6(2)ES07"
},
{
"status": "affected",
"version": "11.6(2)ES08"
},
{
"status": "affected",
"version": "12.5(1)_SU01_ES01"
},
{
"status": "affected",
"version": "12.0(1)ES04"
},
{
"status": "affected",
"version": "12.5(1)ES02"
},
{
"status": "affected",
"version": "12.5(1)ES03"
},
{
"status": "affected",
"version": "11.6(2)ES06"
},
{
"status": "affected",
"version": "12.5(1)ES01"
},
{
"status": "affected",
"version": "12.0(1)ES03"
},
{
"status": "affected",
"version": "12.0(1)ES01"
},
{
"status": "affected",
"version": "11.6(2)ES05"
},
{
"status": "affected",
"version": "12.0(1)ES02"
},
{
"status": "affected",
"version": "11.6(2)ES04"
},
{
"status": "affected",
"version": "11.6(2)ES03"
},
{
"status": "affected",
"version": "11.6(2)ES02"
},
{
"status": "affected",
"version": "11.6(2)ES01"
},
{
"status": "affected",
"version": "10.6(1)SU3ES03"
},
{
"status": "affected",
"version": "11.0(1)SU1ES03"
},
{
"status": "affected",
"version": "10.6(1)SU3ES01"
},
{
"status": "affected",
"version": "10.5(1)SU1ES10"
},
{
"status": "affected",
"version": "11.5(1)SU1ES03"
},
{
"status": "affected",
"version": "11.6(1)ES02"
},
{
"status": "affected",
"version": "11.5(1)ES01"
},
{
"status": "affected",
"version": "10.6(1)SU2"
},
{
"status": "affected",
"version": "10.6(1)SU2ES04"
},
{
"status": "affected",
"version": "11.6(1)ES01"
},
{
"status": "affected",
"version": "10.6(1)SU3ES02"
},
{
"status": "affected",
"version": "11.5(1)SU1ES02"
},
{
"status": "affected",
"version": "11.5(1)SU1ES01"
},
{
"status": "affected",
"version": "11.0(1)SU1ES02"
},
{
"status": "affected",
"version": "12.5(1)_SU03_ES03"
},
{
"status": "affected",
"version": "12.5(1)_SU03_ES04"
},
{
"status": "affected",
"version": "12.5(1)_SU03_ES05"
},
{
"status": "affected",
"version": "UCCX 15.0.1"
},
{
"status": "affected",
"version": "12.5(1)_SU03_ES06"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web UI of Cisco Unified CCX could allow an authenticated, remote attacker to upload and execute arbitrary files.\r\n\r\nThis vulnerability is due to an insufficient input validation associated to specific UI features. An attacker could exploit this vulnerability by uploading a crafted file to the web UI. A successful exploit could allow the attacker to upload arbitrary files to a vulnerable system and execute them, gaining access to the underlying operating system. To exploit this vulnerability, the attacker must have valid administrative credentials."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-434",
"description": "Unrestricted Upload of File with Dangerous Type",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-05T16:31:43.035Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-cc-mult-vuln-gK4TFXSn",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cc-mult-vuln-gK4TFXSn"
}
],
"source": {
"advisory": "cisco-sa-cc-mult-vuln-gK4TFXSn",
"defects": [
"CSCwq36645"
],
"discovery": "EXTERNAL"
},
"title": "Cisco Unified Contact Center Express Arbitrary File Upload Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2025-20375",
"datePublished": "2025-11-05T16:31:43.035Z",
"dateReserved": "2024-10-10T19:15:13.262Z",
"dateUpdated": "2025-11-06T04:55:45.946Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-20376 (GCVE-0-2025-20376)
Vulnerability from cvelistv5 – Published: 2025-11-05 16:31 – Updated: 2025-11-06 04:55
VLAI?
Title
Cisco Unified Contact Center Express Remote Code Execution Vulnerability
Summary
A vulnerability in the web UI of Cisco Unified CCX could allow an authenticated, remote attacker to upload and execute arbitrary files.
This vulnerability is due to an insufficient input validation associated to file upload mechanisms. An attacker could exploit this vulnerability by uploading a malicious file to the web UI and executing it. A successful exploit could allow the attacker to execute arbitrary commands on the underlying system and elevate privileges to root. To exploit this vulnerability, the attacker must have valid administrative credentials.
Severity ?
6.5 (Medium)
CWE
- CWE-434 - Unrestricted Upload of File with Dangerous Type
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Unified Contact Center Express |
Affected:
10.5(1)SU1
Affected: 10.6(1) Affected: 11.6(1) Affected: 10.6(1)SU1 Affected: 10.6(1)SU3 Affected: 11.6(2) Affected: 12.0(1) Affected: 11.0(1)SU1 Affected: 11.5(1)SU1 Affected: 10.5(1) Affected: 12.5(1) Affected: 12.5(1)SU1 Affected: 12.5(1)SU2 Affected: 12.5(1)SU3 Affected: 12.5(1)_SU03_ES01 Affected: 12.5(1)_SU03_ES02 Affected: 12.5(1)_SU02_ES03 Affected: 12.5(1)_SU02_ES04 Affected: 12.5(1)_SU02_ES02 Affected: 12.5(1)_SU01_ES02 Affected: 12.5(1)_SU01_ES03 Affected: 12.5(1)_SU02_ES01 Affected: 11.6(2)ES07 Affected: 11.6(2)ES08 Affected: 12.5(1)_SU01_ES01 Affected: 12.0(1)ES04 Affected: 12.5(1)ES02 Affected: 12.5(1)ES03 Affected: 11.6(2)ES06 Affected: 12.5(1)ES01 Affected: 12.0(1)ES03 Affected: 12.0(1)ES01 Affected: 11.6(2)ES05 Affected: 12.0(1)ES02 Affected: 11.6(2)ES04 Affected: 11.6(2)ES03 Affected: 11.6(2)ES02 Affected: 11.6(2)ES01 Affected: 10.6(1)SU3ES03 Affected: 11.0(1)SU1ES03 Affected: 10.6(1)SU3ES01 Affected: 10.5(1)SU1ES10 Affected: 11.5(1)SU1ES03 Affected: 11.6(1)ES02 Affected: 11.5(1)ES01 Affected: 10.6(1)SU2 Affected: 10.6(1)SU2ES04 Affected: 11.6(1)ES01 Affected: 10.6(1)SU3ES02 Affected: 11.5(1)SU1ES02 Affected: 11.5(1)SU1ES01 Affected: 11.0(1)SU1ES02 Affected: 12.5(1)_SU03_ES03 Affected: 12.5(1)_SU03_ES04 Affected: 12.5(1)_SU03_ES05 Affected: UCCX 15.0.1 Affected: 12.5(1)_SU03_ES06 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-20376",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-11-05T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-11-06T04:55:44.673Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Cisco Unified Contact Center Express",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "10.5(1)SU1"
},
{
"status": "affected",
"version": "10.6(1)"
},
{
"status": "affected",
"version": "11.6(1)"
},
{
"status": "affected",
"version": "10.6(1)SU1"
},
{
"status": "affected",
"version": "10.6(1)SU3"
},
{
"status": "affected",
"version": "11.6(2)"
},
{
"status": "affected",
"version": "12.0(1)"
},
{
"status": "affected",
"version": "11.0(1)SU1"
},
{
"status": "affected",
"version": "11.5(1)SU1"
},
{
"status": "affected",
"version": "10.5(1)"
},
{
"status": "affected",
"version": "12.5(1)"
},
{
"status": "affected",
"version": "12.5(1)SU1"
},
{
"status": "affected",
"version": "12.5(1)SU2"
},
{
"status": "affected",
"version": "12.5(1)SU3"
},
{
"status": "affected",
"version": "12.5(1)_SU03_ES01"
},
{
"status": "affected",
"version": "12.5(1)_SU03_ES02"
},
{
"status": "affected",
"version": "12.5(1)_SU02_ES03"
},
{
"status": "affected",
"version": "12.5(1)_SU02_ES04"
},
{
"status": "affected",
"version": "12.5(1)_SU02_ES02"
},
{
"status": "affected",
"version": "12.5(1)_SU01_ES02"
},
{
"status": "affected",
"version": "12.5(1)_SU01_ES03"
},
{
"status": "affected",
"version": "12.5(1)_SU02_ES01"
},
{
"status": "affected",
"version": "11.6(2)ES07"
},
{
"status": "affected",
"version": "11.6(2)ES08"
},
{
"status": "affected",
"version": "12.5(1)_SU01_ES01"
},
{
"status": "affected",
"version": "12.0(1)ES04"
},
{
"status": "affected",
"version": "12.5(1)ES02"
},
{
"status": "affected",
"version": "12.5(1)ES03"
},
{
"status": "affected",
"version": "11.6(2)ES06"
},
{
"status": "affected",
"version": "12.5(1)ES01"
},
{
"status": "affected",
"version": "12.0(1)ES03"
},
{
"status": "affected",
"version": "12.0(1)ES01"
},
{
"status": "affected",
"version": "11.6(2)ES05"
},
{
"status": "affected",
"version": "12.0(1)ES02"
},
{
"status": "affected",
"version": "11.6(2)ES04"
},
{
"status": "affected",
"version": "11.6(2)ES03"
},
{
"status": "affected",
"version": "11.6(2)ES02"
},
{
"status": "affected",
"version": "11.6(2)ES01"
},
{
"status": "affected",
"version": "10.6(1)SU3ES03"
},
{
"status": "affected",
"version": "11.0(1)SU1ES03"
},
{
"status": "affected",
"version": "10.6(1)SU3ES01"
},
{
"status": "affected",
"version": "10.5(1)SU1ES10"
},
{
"status": "affected",
"version": "11.5(1)SU1ES03"
},
{
"status": "affected",
"version": "11.6(1)ES02"
},
{
"status": "affected",
"version": "11.5(1)ES01"
},
{
"status": "affected",
"version": "10.6(1)SU2"
},
{
"status": "affected",
"version": "10.6(1)SU2ES04"
},
{
"status": "affected",
"version": "11.6(1)ES01"
},
{
"status": "affected",
"version": "10.6(1)SU3ES02"
},
{
"status": "affected",
"version": "11.5(1)SU1ES02"
},
{
"status": "affected",
"version": "11.5(1)SU1ES01"
},
{
"status": "affected",
"version": "11.0(1)SU1ES02"
},
{
"status": "affected",
"version": "12.5(1)_SU03_ES03"
},
{
"status": "affected",
"version": "12.5(1)_SU03_ES04"
},
{
"status": "affected",
"version": "12.5(1)_SU03_ES05"
},
{
"status": "affected",
"version": "UCCX 15.0.1"
},
{
"status": "affected",
"version": "12.5(1)_SU03_ES06"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web UI of Cisco Unified CCX could allow an authenticated, remote attacker to upload and execute arbitrary files.\r\n\r\nThis vulnerability is due to an insufficient input validation associated to file upload mechanisms. An attacker could exploit this vulnerability by uploading a malicious file to the web UI and executing it. A successful exploit could allow the attacker to execute arbitrary commands on the underlying system and elevate privileges to root. To exploit this vulnerability, the attacker must have valid administrative credentials."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-434",
"description": "Unrestricted Upload of File with Dangerous Type",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-05T16:31:38.793Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-cc-mult-vuln-gK4TFXSn",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cc-mult-vuln-gK4TFXSn"
}
],
"source": {
"advisory": "cisco-sa-cc-mult-vuln-gK4TFXSn",
"defects": [
"CSCwq36567"
],
"discovery": "EXTERNAL"
},
"title": "Cisco Unified Contact Center Express Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2025-20376",
"datePublished": "2025-11-05T16:31:38.793Z",
"dateReserved": "2024-10-10T19:15:13.262Z",
"dateUpdated": "2025-11-06T04:55:44.673Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-20358 (GCVE-0-2025-20358)
Vulnerability from cvelistv5 – Published: 2025-11-05 16:31 – Updated: 2025-11-06 04:55
VLAI?
Title
Cisco Unified Contact Center Express Editor Authentication Bypass Vulnerability
Summary
A vulnerability in the Contact Center Express (CCX) Editor application of Cisco Unified CCX could allow an unauthenticated, remote attacker to bypass authentication and obtain administrative permissions pertaining to script creation and execution.
This vulnerability is due to improper authentication mechanisms in the communication between the CCX Editor and an affected Unified CCX server. An attacker could exploit this vulnerability by redirecting the authentication flow to a malicious server and tricking the CCX Editor into believing the authentication was successful. A successful exploit could allow the attacker to create and execute arbitrary scripts on the underlying operating system of an affected Unified CCX server, as an internal non-root user account.
Severity ?
9.4 (Critical)
CWE
- CWE-306 - Missing Authentication for Critical Function
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Unified Contact Center Express |
Affected:
10.5(1)SU1
Affected: 10.6(1) Affected: 11.6(1) Affected: 10.6(1)SU1 Affected: 10.6(1)SU3 Affected: 11.6(2) Affected: 12.0(1) Affected: 11.0(1)SU1 Affected: 11.5(1)SU1 Affected: 10.5(1) Affected: 12.5(1) Affected: 12.5(1)SU1 Affected: 12.5(1)SU2 Affected: 12.5(1)SU3 Affected: 12.5(1)_SU03_ES01 Affected: 12.5(1)_SU03_ES02 Affected: 12.5(1)_SU02_ES03 Affected: 12.5(1)_SU02_ES04 Affected: 12.5(1)_SU02_ES02 Affected: 12.5(1)_SU01_ES02 Affected: 12.5(1)_SU01_ES03 Affected: 12.5(1)_SU02_ES01 Affected: 11.6(2)ES07 Affected: 11.6(2)ES08 Affected: 12.5(1)_SU01_ES01 Affected: 12.0(1)ES04 Affected: 12.5(1)ES02 Affected: 12.5(1)ES03 Affected: 11.6(2)ES06 Affected: 12.5(1)ES01 Affected: 12.0(1)ES03 Affected: 12.0(1)ES01 Affected: 11.6(2)ES05 Affected: 12.0(1)ES02 Affected: 11.6(2)ES04 Affected: 11.6(2)ES03 Affected: 11.6(2)ES02 Affected: 11.6(2)ES01 Affected: 10.6(1)SU3ES03 Affected: 11.0(1)SU1ES03 Affected: 10.6(1)SU3ES01 Affected: 10.5(1)SU1ES10 Affected: 11.5(1)SU1ES03 Affected: 11.6(1)ES02 Affected: 11.5(1)ES01 Affected: 10.6(1)SU2 Affected: 10.6(1)SU2ES04 Affected: 11.6(1)ES01 Affected: 10.6(1)SU3ES02 Affected: 11.5(1)SU1ES02 Affected: 11.5(1)SU1ES01 Affected: 11.0(1)SU1ES02 Affected: 12.5(1)_SU03_ES03 Affected: 12.5(1)_SU03_ES04 Affected: 12.5(1)_SU03_ES05 Affected: UCCX 15.0.1 Affected: 12.5(1)_SU03_ES06 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-20358",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-11-05T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-11-06T04:55:43.689Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Cisco Unified Contact Center Express",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "10.5(1)SU1"
},
{
"status": "affected",
"version": "10.6(1)"
},
{
"status": "affected",
"version": "11.6(1)"
},
{
"status": "affected",
"version": "10.6(1)SU1"
},
{
"status": "affected",
"version": "10.6(1)SU3"
},
{
"status": "affected",
"version": "11.6(2)"
},
{
"status": "affected",
"version": "12.0(1)"
},
{
"status": "affected",
"version": "11.0(1)SU1"
},
{
"status": "affected",
"version": "11.5(1)SU1"
},
{
"status": "affected",
"version": "10.5(1)"
},
{
"status": "affected",
"version": "12.5(1)"
},
{
"status": "affected",
"version": "12.5(1)SU1"
},
{
"status": "affected",
"version": "12.5(1)SU2"
},
{
"status": "affected",
"version": "12.5(1)SU3"
},
{
"status": "affected",
"version": "12.5(1)_SU03_ES01"
},
{
"status": "affected",
"version": "12.5(1)_SU03_ES02"
},
{
"status": "affected",
"version": "12.5(1)_SU02_ES03"
},
{
"status": "affected",
"version": "12.5(1)_SU02_ES04"
},
{
"status": "affected",
"version": "12.5(1)_SU02_ES02"
},
{
"status": "affected",
"version": "12.5(1)_SU01_ES02"
},
{
"status": "affected",
"version": "12.5(1)_SU01_ES03"
},
{
"status": "affected",
"version": "12.5(1)_SU02_ES01"
},
{
"status": "affected",
"version": "11.6(2)ES07"
},
{
"status": "affected",
"version": "11.6(2)ES08"
},
{
"status": "affected",
"version": "12.5(1)_SU01_ES01"
},
{
"status": "affected",
"version": "12.0(1)ES04"
},
{
"status": "affected",
"version": "12.5(1)ES02"
},
{
"status": "affected",
"version": "12.5(1)ES03"
},
{
"status": "affected",
"version": "11.6(2)ES06"
},
{
"status": "affected",
"version": "12.5(1)ES01"
},
{
"status": "affected",
"version": "12.0(1)ES03"
},
{
"status": "affected",
"version": "12.0(1)ES01"
},
{
"status": "affected",
"version": "11.6(2)ES05"
},
{
"status": "affected",
"version": "12.0(1)ES02"
},
{
"status": "affected",
"version": "11.6(2)ES04"
},
{
"status": "affected",
"version": "11.6(2)ES03"
},
{
"status": "affected",
"version": "11.6(2)ES02"
},
{
"status": "affected",
"version": "11.6(2)ES01"
},
{
"status": "affected",
"version": "10.6(1)SU3ES03"
},
{
"status": "affected",
"version": "11.0(1)SU1ES03"
},
{
"status": "affected",
"version": "10.6(1)SU3ES01"
},
{
"status": "affected",
"version": "10.5(1)SU1ES10"
},
{
"status": "affected",
"version": "11.5(1)SU1ES03"
},
{
"status": "affected",
"version": "11.6(1)ES02"
},
{
"status": "affected",
"version": "11.5(1)ES01"
},
{
"status": "affected",
"version": "10.6(1)SU2"
},
{
"status": "affected",
"version": "10.6(1)SU2ES04"
},
{
"status": "affected",
"version": "11.6(1)ES01"
},
{
"status": "affected",
"version": "10.6(1)SU3ES02"
},
{
"status": "affected",
"version": "11.5(1)SU1ES02"
},
{
"status": "affected",
"version": "11.5(1)SU1ES01"
},
{
"status": "affected",
"version": "11.0(1)SU1ES02"
},
{
"status": "affected",
"version": "12.5(1)_SU03_ES03"
},
{
"status": "affected",
"version": "12.5(1)_SU03_ES04"
},
{
"status": "affected",
"version": "12.5(1)_SU03_ES05"
},
{
"status": "affected",
"version": "UCCX 15.0.1"
},
{
"status": "affected",
"version": "12.5(1)_SU03_ES06"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the Contact Center Express (CCX) Editor application of Cisco Unified CCX could allow an unauthenticated, remote attacker to bypass authentication and obtain administrative permissions pertaining to script creation and execution.\r\n\r\nThis vulnerability is due to improper authentication mechanisms in the communication between the CCX Editor and an affected Unified CCX server. An attacker could exploit this vulnerability by redirecting the authentication flow to a malicious server and tricking the CCX Editor into believing the authentication was successful. A successful exploit could allow the attacker to create and execute arbitrary scripts on the underlying operating system of an affected Unified CCX server, as an internal non-root user account."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 9.4,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-306",
"description": "Missing Authentication for Critical Function",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-05T16:31:23.210Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-cc-unauth-rce-QeN8h7mQ",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cc-unauth-rce-QeN8h7mQ"
}
],
"source": {
"advisory": "cisco-sa-cc-unauth-rce-QeN8h7mQ",
"defects": [
"CSCwq36573"
],
"discovery": "EXTERNAL"
},
"title": "Cisco Unified Contact Center Express Editor Authentication Bypass Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2025-20358",
"datePublished": "2025-11-05T16:31:23.210Z",
"dateReserved": "2024-10-10T19:15:13.257Z",
"dateUpdated": "2025-11-06T04:55:43.689Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}