Action not permitted
Modal body text goes here.
Modal Title
Modal Body
GHSA-HGQP-F75H-6P8R
Vulnerability from github – Published: 2025-02-26 18:30 – Updated: 2025-02-26 18:30
VLAI?
Details
A vulnerability in the implementation of the internal system processes of Cisco APIC could allow an authenticated, local attacker to access sensitive information on an affected device. To exploit this vulnerability, the attacker must have valid administrative credentials.
This vulnerability is due to insufficient masking of sensitive information that is displayed through system CLI commands. An attacker could exploit this vulnerability by using reconnaissance techniques at the device CLI. A successful exploit could allow the attacker to access sensitive information on an affected device that could be used for additional attacks.
Severity ?
4.4 (Medium)
{
"affected": [],
"aliases": [
"CVE-2025-20118"
],
"database_specific": {
"cwe_ids": [
"CWE-212"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-02-26T17:15:22Z",
"severity": "MODERATE"
},
"details": "A vulnerability in the implementation of the internal system processes of Cisco APIC could allow an authenticated, local attacker to access sensitive information on an affected device. To exploit this vulnerability, the attacker must have valid administrative credentials.\n\nThis vulnerability is due to insufficient masking of sensitive information that is displayed through system CLI commands. An attacker could exploit this vulnerability by using reconnaissance techniques at the device CLI. A successful exploit could allow the attacker to access sensitive information on an affected device that could be used for additional attacks.",
"id": "GHSA-hgqp-f75h-6p8r",
"modified": "2025-02-26T18:30:39Z",
"published": "2025-02-26T18:30:39Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-20118"
},
{
"type": "WEB",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apic-multi-vulns-9ummtg5"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
CVE-2025-20118 (GCVE-0-2025-20118)
Vulnerability from cvelistv5 – Published: 2025-02-26 16:23 – Updated: 2025-03-03 19:03
VLAI?
EPSS
Summary
A vulnerability in the implementation of the internal system processes of Cisco APIC could allow an authenticated, local attacker to access sensitive information on an affected device. To exploit this vulnerability, the attacker must have valid administrative credentials.
This vulnerability is due to insufficient masking of sensitive information that is displayed through system CLI commands. An attacker could exploit this vulnerability by using reconnaissance techniques at the device CLI. A successful exploit could allow the attacker to access sensitive information on an affected device that could be used for additional attacks.
Severity ?
4.4 (Medium)
CWE
- CWE-212 - Improper Removal of Sensitive Information Before Storage or Transfer
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Application Policy Infrastructure Controller (APIC) |
Affected:
3.2(8d)
Affected: 3.2(1m) Affected: 3.2(5e) Affected: 4.1(2m) Affected: 3.2(41d) Affected: 3.2(3s) Affected: 4.0(3c) Affected: 4.1(1k) Affected: 3.2(4d) Affected: 4.2(2e) Affected: 4.2(3j) Affected: 4.2(3n) Affected: 4.0(1h) Affected: 4.1(1l) Affected: 3.2(9f) Affected: 4.2(3l) Affected: 4.2(2g) Affected: 3.2(7k) Affected: 3.2(9b) Affected: 3.2(3j) Affected: 4.1(2u) Affected: 4.2(1l) Affected: 4.1(1a) Affected: 4.0(3d) Affected: 3.2(4e) Affected: 4.1(1i) Affected: 3.2(5f) Affected: 3.2(1l) Affected: 4.2(1i) Affected: 4.1(2o) Affected: 4.2(1g) Affected: 4.1(2g) Affected: 4.2(2f) Affected: 3.2(6i) Affected: 3.2(3i) Affected: 3.2(3n) Affected: 4.1(2x) Affected: 3.2(5d) Affected: 4.2(3q) Affected: 4.1(1j) Affected: 4.1(2w) Affected: 3.2(2o) Affected: 3.2(3r) Affected: 4.0(2c) Affected: 4.1(2s) Affected: 3.2(7f) Affected: 3.2(3o) Affected: 3.2(2l) Affected: 4.2(1j) Affected: 4.2(4i) Affected: 3.2(9h) Affected: 5.0(1k) Affected: 4.2(4k) Affected: 5.0(1l) Affected: 5.0(2e) Affected: 4.2(4o) Affected: 4.2(4p) Affected: 5.0(2h) Affected: 4.2(5k) Affected: 4.2(5l) Affected: 4.2(5n) Affected: 5.1(1h) Affected: 4.2(6d) Affected: 5.1(2e) Affected: 4.2(6g) Affected: 4.2(6h) Affected: 5.1(3e) Affected: 3.2(10e) Affected: 4.2(6l) Affected: 4.2(7f) Affected: 5.1(4c) Affected: 4.2(6o) Affected: 5.2(1g) Affected: 5.2(2e) Affected: 4.2(7l) Affected: 3.2(10f) Affected: 5.2(2f) Affected: 5.2(2g) Affected: 4.2(7q) Affected: 5.2(2h) Affected: 5.2(3f) Affected: 5.2(3e) Affected: 5.2(3g) Affected: 4.2(7r) Affected: 4.2(7s) Affected: 5.2(4d) Affected: 5.2(4e) Affected: 4.2(7t) Affected: 5.2(5d) Affected: 3.2(10g) Affected: 5.2(5c) Affected: 6.0(1g) Affected: 4.2(7u) Affected: 5.2(5e) Affected: 5.2(4f) Affected: 5.2(6e) Affected: 6.0(1j) Affected: 5.2(6g) Affected: 5.2(7f) Affected: 4.2(7v) Affected: 5.2(7g) Affected: 6.0(2h) Affected: 4.2(7w) Affected: 5.2(6h) Affected: 5.2(4h) Affected: 5.2(8d) Affected: 6.0(2j) Affected: 5.2(8e) Affected: 6.0(3d) Affected: 6.0(3e) Affected: 5.2(8f) Affected: 5.2(8g) Affected: 5.3(1d) Affected: 5.2(8h) Affected: 6.0(4c) Affected: 5.3(2a) Affected: 5.2(8i) Affected: 6.0(5h) Affected: 5.3(2b) Affected: 6.0(3g) Affected: 6.0(5j) Affected: 5.3(2c) Affected: 6.0(6c) Affected: 6.1(1f) Affected: 6.0(7e) Affected: 5.3(2d) Affected: 6.0(8d) Affected: 5.3(2e) |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-20118",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-26T17:51:08.139382Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-03T19:03:28.886Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Cisco Application Policy Infrastructure Controller (APIC)",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "3.2(8d)"
},
{
"status": "affected",
"version": "3.2(1m)"
},
{
"status": "affected",
"version": "3.2(5e)"
},
{
"status": "affected",
"version": "4.1(2m)"
},
{
"status": "affected",
"version": "3.2(41d)"
},
{
"status": "affected",
"version": "3.2(3s)"
},
{
"status": "affected",
"version": "4.0(3c)"
},
{
"status": "affected",
"version": "4.1(1k)"
},
{
"status": "affected",
"version": "3.2(4d)"
},
{
"status": "affected",
"version": "4.2(2e)"
},
{
"status": "affected",
"version": "4.2(3j)"
},
{
"status": "affected",
"version": "4.2(3n)"
},
{
"status": "affected",
"version": "4.0(1h)"
},
{
"status": "affected",
"version": "4.1(1l)"
},
{
"status": "affected",
"version": "3.2(9f)"
},
{
"status": "affected",
"version": "4.2(3l)"
},
{
"status": "affected",
"version": "4.2(2g)"
},
{
"status": "affected",
"version": "3.2(7k)"
},
{
"status": "affected",
"version": "3.2(9b)"
},
{
"status": "affected",
"version": "3.2(3j)"
},
{
"status": "affected",
"version": "4.1(2u)"
},
{
"status": "affected",
"version": "4.2(1l)"
},
{
"status": "affected",
"version": "4.1(1a)"
},
{
"status": "affected",
"version": "4.0(3d)"
},
{
"status": "affected",
"version": "3.2(4e)"
},
{
"status": "affected",
"version": "4.1(1i)"
},
{
"status": "affected",
"version": "3.2(5f)"
},
{
"status": "affected",
"version": "3.2(1l)"
},
{
"status": "affected",
"version": "4.2(1i)"
},
{
"status": "affected",
"version": "4.1(2o)"
},
{
"status": "affected",
"version": "4.2(1g)"
},
{
"status": "affected",
"version": "4.1(2g)"
},
{
"status": "affected",
"version": "4.2(2f)"
},
{
"status": "affected",
"version": "3.2(6i)"
},
{
"status": "affected",
"version": "3.2(3i)"
},
{
"status": "affected",
"version": "3.2(3n)"
},
{
"status": "affected",
"version": "4.1(2x)"
},
{
"status": "affected",
"version": "3.2(5d)"
},
{
"status": "affected",
"version": "4.2(3q)"
},
{
"status": "affected",
"version": "4.1(1j)"
},
{
"status": "affected",
"version": "4.1(2w)"
},
{
"status": "affected",
"version": "3.2(2o)"
},
{
"status": "affected",
"version": "3.2(3r)"
},
{
"status": "affected",
"version": "4.0(2c)"
},
{
"status": "affected",
"version": "4.1(2s)"
},
{
"status": "affected",
"version": "3.2(7f)"
},
{
"status": "affected",
"version": "3.2(3o)"
},
{
"status": "affected",
"version": "3.2(2l)"
},
{
"status": "affected",
"version": "4.2(1j)"
},
{
"status": "affected",
"version": "4.2(4i)"
},
{
"status": "affected",
"version": "3.2(9h)"
},
{
"status": "affected",
"version": "5.0(1k)"
},
{
"status": "affected",
"version": "4.2(4k)"
},
{
"status": "affected",
"version": "5.0(1l)"
},
{
"status": "affected",
"version": "5.0(2e)"
},
{
"status": "affected",
"version": "4.2(4o)"
},
{
"status": "affected",
"version": "4.2(4p)"
},
{
"status": "affected",
"version": "5.0(2h)"
},
{
"status": "affected",
"version": "4.2(5k)"
},
{
"status": "affected",
"version": "4.2(5l)"
},
{
"status": "affected",
"version": "4.2(5n)"
},
{
"status": "affected",
"version": "5.1(1h)"
},
{
"status": "affected",
"version": "4.2(6d)"
},
{
"status": "affected",
"version": "5.1(2e)"
},
{
"status": "affected",
"version": "4.2(6g)"
},
{
"status": "affected",
"version": "4.2(6h)"
},
{
"status": "affected",
"version": "5.1(3e)"
},
{
"status": "affected",
"version": "3.2(10e)"
},
{
"status": "affected",
"version": "4.2(6l)"
},
{
"status": "affected",
"version": "4.2(7f)"
},
{
"status": "affected",
"version": "5.1(4c)"
},
{
"status": "affected",
"version": "4.2(6o)"
},
{
"status": "affected",
"version": "5.2(1g)"
},
{
"status": "affected",
"version": "5.2(2e)"
},
{
"status": "affected",
"version": "4.2(7l)"
},
{
"status": "affected",
"version": "3.2(10f)"
},
{
"status": "affected",
"version": "5.2(2f)"
},
{
"status": "affected",
"version": "5.2(2g)"
},
{
"status": "affected",
"version": "4.2(7q)"
},
{
"status": "affected",
"version": "5.2(2h)"
},
{
"status": "affected",
"version": "5.2(3f)"
},
{
"status": "affected",
"version": "5.2(3e)"
},
{
"status": "affected",
"version": "5.2(3g)"
},
{
"status": "affected",
"version": "4.2(7r)"
},
{
"status": "affected",
"version": "4.2(7s)"
},
{
"status": "affected",
"version": "5.2(4d)"
},
{
"status": "affected",
"version": "5.2(4e)"
},
{
"status": "affected",
"version": "4.2(7t)"
},
{
"status": "affected",
"version": "5.2(5d)"
},
{
"status": "affected",
"version": "3.2(10g)"
},
{
"status": "affected",
"version": "5.2(5c)"
},
{
"status": "affected",
"version": "6.0(1g)"
},
{
"status": "affected",
"version": "4.2(7u)"
},
{
"status": "affected",
"version": "5.2(5e)"
},
{
"status": "affected",
"version": "5.2(4f)"
},
{
"status": "affected",
"version": "5.2(6e)"
},
{
"status": "affected",
"version": "6.0(1j)"
},
{
"status": "affected",
"version": "5.2(6g)"
},
{
"status": "affected",
"version": "5.2(7f)"
},
{
"status": "affected",
"version": "4.2(7v)"
},
{
"status": "affected",
"version": "5.2(7g)"
},
{
"status": "affected",
"version": "6.0(2h)"
},
{
"status": "affected",
"version": "4.2(7w)"
},
{
"status": "affected",
"version": "5.2(6h)"
},
{
"status": "affected",
"version": "5.2(4h)"
},
{
"status": "affected",
"version": "5.2(8d)"
},
{
"status": "affected",
"version": "6.0(2j)"
},
{
"status": "affected",
"version": "5.2(8e)"
},
{
"status": "affected",
"version": "6.0(3d)"
},
{
"status": "affected",
"version": "6.0(3e)"
},
{
"status": "affected",
"version": "5.2(8f)"
},
{
"status": "affected",
"version": "5.2(8g)"
},
{
"status": "affected",
"version": "5.3(1d)"
},
{
"status": "affected",
"version": "5.2(8h)"
},
{
"status": "affected",
"version": "6.0(4c)"
},
{
"status": "affected",
"version": "5.3(2a)"
},
{
"status": "affected",
"version": "5.2(8i)"
},
{
"status": "affected",
"version": "6.0(5h)"
},
{
"status": "affected",
"version": "5.3(2b)"
},
{
"status": "affected",
"version": "6.0(3g)"
},
{
"status": "affected",
"version": "6.0(5j)"
},
{
"status": "affected",
"version": "5.3(2c)"
},
{
"status": "affected",
"version": "6.0(6c)"
},
{
"status": "affected",
"version": "6.1(1f)"
},
{
"status": "affected",
"version": "6.0(7e)"
},
{
"status": "affected",
"version": "5.3(2d)"
},
{
"status": "affected",
"version": "6.0(8d)"
},
{
"status": "affected",
"version": "5.3(2e)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the implementation of the internal system processes of Cisco APIC could allow an authenticated, local attacker to access sensitive information on an affected device. To exploit this vulnerability, the attacker must have valid administrative credentials.\r\n\r\nThis vulnerability is due to insufficient masking of sensitive information that is displayed through system CLI commands. An attacker could exploit this vulnerability by using reconnaissance techniques at the device CLI. A successful exploit could allow the attacker to access sensitive information on an affected device that could be used for additional attacks."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-212",
"description": "Improper Removal of Sensitive Information Before Storage or Transfer",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-02-26T17:13:05.215Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-apic-multi-vulns-9ummtg5",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apic-multi-vulns-9ummtg5"
}
],
"source": {
"advisory": "cisco-sa-apic-multi-vulns-9ummtg5",
"defects": [
"CSCwk18864"
],
"discovery": "EXTERNAL"
},
"title": "Cisco Application Policy Infrastructure Controller Authenticated Command Injection Due to Sensitive Disclosure Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2025-20118",
"datePublished": "2025-02-26T16:23:28.132Z",
"dateReserved": "2024-10-10T19:15:13.211Z",
"dateUpdated": "2025-03-03T19:03:28.886Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…