{"uuid": "1c708ac6-dd52-44a8-ac0d-372766a796ac", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-20125", "type": "seen", "source": "https://t.me/cvedetector/17312", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-20125 - Cisco ISE API Unauthorized Read-Only Privilege Escalation\", \n  \"Content\": \"CVE ID : CVE-2025-20125 \nPublished : Feb. 5, 2025, 5:15 p.m. | 49\u00a0minutes ago \nDescription : A vulnerability in an API of Cisco ISE could allow an authenticated, remote attacker with valid read-only credentials to obtain sensitive information, change node configurations, and restart the node.  \n  \nThis vulnerability is due to a lack of authorization in a specific API and improper validation of user-supplied data. An attacker could exploit this vulnerability by sending a crafted HTTP request to a specific API on the device. A successful exploit could allow the attacker to attacker to obtain information, modify system configuration, and reload the device.  \nNote:\u00a0To successfully exploit this vulnerability, the attacker must have valid read-only administrative credentials. In a single-node deployment, new devices will not be able to authenticate during the reload time. \nSeverity: 9.1 | CRITICAL \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"05 Feb 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-02-05T19:09:20.000000Z"}