Action not permitted
Modal body text goes here.
Modal Title
Modal Body
WID-SEC-W-2025-2602
Vulnerability from csaf_certbund - Published: 2025-11-13 23:00 - Updated: 2025-11-13 23:00Summary
Cisco Catalyst Center Virtual Appliance: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Catalyst ist der Markenname für eine Vielzahl von Netzwerk-Switches die von Cisco Systems verkauft werden.
Angriff
Ein entfernter, authentisierter oder anonymer Angreifer kann mehrere Schwachstellen in Cisco Catalyst Center Virtual Appliance ausnutzen, um Administratorrechte zu erlangen und Spoofing-Angriffe durchzuführen.
Betroffene Betriebssysteme
- CISCO Appliance
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Catalyst ist der Markenname f\u00fcr eine Vielzahl von Netzwerk-Switches die von Cisco Systems verkauft werden.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, authentisierter oder anonymer Angreifer kann mehrere Schwachstellen in Cisco Catalyst Center Virtual Appliance ausnutzen, um Administratorrechte zu erlangen und Spoofing-Angriffe durchzuf\u00fchren.",
"title": "Angriff"
},
{
"category": "general",
"text": "- CISCO Appliance",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2025-2602 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2025/wid-sec-w-2025-2602.json"
},
{
"category": "self",
"summary": "WID-SEC-2025-2602 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-2602"
},
{
"category": "external",
"summary": "Cisco Security Advisory cisco-sa-catc-priv-esc-VS8EeCuX vom 2025-11-13",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-catc-priv-esc-VS8EeCuX"
},
{
"category": "external",
"summary": "Cisco Security Advisory cisco-sa-catc-open-redirect-3W5Bk3Je vom 2025-11-13",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-catc-open-redirect-3W5Bk3Je"
}
],
"source_lang": "en-US",
"title": "Cisco Catalyst Center Virtual Appliance: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2025-11-13T23:00:00.000+00:00",
"generator": {
"date": "2025-11-14T09:42:20.626+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.4.0"
}
},
"id": "WID-SEC-W-2025-2602",
"initial_release_date": "2025-11-13T23:00:00.000+00:00",
"revision_history": [
{
"date": "2025-11-13T23:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "Center Virtual Appliance \u003c2.3.7.10-VA",
"product": {
"name": "Cisco Catalyst Center Virtual Appliance \u003c2.3.7.10-VA",
"product_id": "T048615"
}
},
{
"category": "product_version",
"name": "Center Virtual Appliance 2.3.7.10-VA",
"product": {
"name": "Cisco Catalyst Center Virtual Appliance 2.3.7.10-VA",
"product_id": "T048615-fixed",
"product_identification_helper": {
"cpe": "cpe:/h:cisco:catalyst:center_virtual_appliance__2.3.7.10-va"
}
}
}
],
"category": "product_name",
"name": "Catalyst"
}
],
"category": "vendor",
"name": "Cisco"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-20341",
"product_status": {
"known_affected": [
"T048615"
]
},
"release_date": "2025-11-13T23:00:00.000+00:00",
"title": "CVE-2025-20341"
},
{
"cve": "CVE-2025-20355",
"product_status": {
"known_affected": [
"T048615"
]
},
"release_date": "2025-11-13T23:00:00.000+00:00",
"title": "CVE-2025-20355"
}
]
}
CVE-2025-20355 (GCVE-0-2025-20355)
Vulnerability from cvelistv5 – Published: 2025-11-13 16:18 – Updated: 2025-11-13 16:51
VLAI?
EPSS
Title
Cisco Catalyst Center Software HTTP Open Redirect Vulnerability
Summary
A vulnerability in the web-based management interface of Cisco Catalyst Center Virtual Appliance could allow an unauthenticated, remote attacker to redirect a user to a malicious web page.
This vulnerability is due to improper input validation of HTTP request parameters. An attacker could exploit this vulnerability by intercepting and modifying an HTTP request from a user. A successful exploit could allow the attacker to redirect the user to a malicious web page.
Severity ?
4.7 (Medium)
CWE
- CWE-601 - URL Redirection to Untrusted Site ('Open Redirect')
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Digital Network Architecture Center (DNA Center) |
Affected:
1.4.0.0
Affected: 2.1.1.0 Affected: 2.1.1.3 Affected: 2.1.2.0 Affected: 2.1.2.3 Affected: 2.1.2.4 Affected: 2.1.2.5 Affected: 2.2.1.0 Affected: 2.1.2.6 Affected: 2.2.2.0 Affected: 2.2.2.1 Affected: 2.2.2.3 Affected: 2.1.2.7 Affected: 2.2.1.3 Affected: 2.2.3.0 Affected: 2.2.2.4 Affected: 2.2.2.5 Affected: 2.2.3.3 Affected: 2.2.2.7 Affected: 2.2.2.6 Affected: 2.2.2.8 Affected: 2.2.3.4 Affected: 2.1.2.8 Affected: 2.3.2.1 Affected: 2.3.2.1-AIRGAP Affected: 2.3.2.1-AIRGAP-CA Affected: 2.2.3.5 Affected: 2.3.3.0 Affected: 2.3.3.3 Affected: 2.3.3.1-AIRGAP Affected: 2.3.3.1 Affected: 2.3.2.3 Affected: 2.3.3.3-AIRGAP Affected: 2.2.3.6 Affected: 2.2.2.9 Affected: 2.3.3.0-AIRGAP Affected: 2.3.3.3-AIRGAP-CA Affected: 2.3.3.4 Affected: 2.3.3.4-AIRGAP Affected: 2.3.3.4-AIRGAP-MDNAC Affected: 2.3.3.4-HF1 Affected: 2.3.4.0 Affected: 2.3.3.5 Affected: 2.3.3.5-AIRGAP Affected: 2.3.4.0-AIRGAP Affected: 2.3.4.3 Affected: 2.3.4.3-AIRGAP Affected: 2.3.3.6 Affected: 2.3.5.0 Affected: 2.3.3.6-AIRGAP Affected: 2.3.5.0-AIRGAP Affected: 2.3.3.6-AIRGAP-MDNAC Affected: 2.3.5.0-AIRGAP-MDNAC Affected: 2.3.3.7 Affected: 2.3.3.7-AIRGAP Affected: 2.3.3.7-AIRGAP-MDNAC Affected: 2.3.6.0 Affected: 2.3.3.6-70045-HF1 Affected: 2.3.3.7-72328-AIRGAP Affected: 2.3.3.7-72323 Affected: 2.3.3.7-72328-MDNAC Affected: 2.3.5.3 Affected: 2.3.5.3-AIRGAP-MDNAC Affected: 2.3.5.3-AIRGAP Affected: 2.3.6.0-AIRGAP Affected: 2.3.7.0 Affected: 2.3.7.0-AIRGAP Affected: 2.3.7.0-AIRGAP-MDNAC Affected: 2.3.7.0-VA Affected: 2.3.5.4 Affected: 2.3.5.4-AIRGAP Affected: 2.3.5.4-AIRGAP-MDNAC Affected: 2.3.7.3 Affected: 2.3.7.3-AIRGAP Affected: 2.3.7.3-AIRGAP-MDNAC Affected: 2.3.5.5-AIRGAP Affected: 2.3.5.5 Affected: 2.3.5.5-AIRGAP-MDNAC Affected: 2.3.7.4 Affected: 2.3.7.4-AIRGAP Affected: 2.3.7.4-AIRGAP-MDNAC Affected: 2.3.7.5-AIRGAP Affected: 2.3.7.5-VA Affected: 2.3.5.6-AIRGAP Affected: 2.3.5.6 Affected: 2.3.5.6-AIRGAP-MDNAC Affected: 1.0.0.0 Affected: 2.3.7.6-AIRGAP Affected: 2.3.7.6 Affected: 2.3.7.6-VA Affected: 2.3.5.5-70026-HF70 Affected: 2.3.5.5-70026-HF51 Affected: 2.3.5.6-70143-HF20 Affected: 2.3.7.6-AIRGAP-MDNAC Affected: 2.3.5.5-70026-HF52 Affected: 2.3.5.5-70026-HF53 Affected: 2.3.5.5-70026-HF71 Affected: 2.3.7.7 Affected: 2.3.7.7-VA Affected: 2.3.7.7-AIRGAP Affected: 2.3.7.7-AIRGAP-MDNAC Affected: 2.3.5.5-70026-HF72 Affected: 2.3.7.9-VA Affected: 2.3.7.9 Affected: 2.3.7.9-AIRGAP Affected: 2.3.7.9-AIRGAP-MDNAC Affected: 2.3.7.9-70301-GSMU10 Affected: 2.3.7.9-75403-SMU10 Affected: 2.3.7.9-75403-GSMU10 Affected: 2.3.7.9.75403.10-VA |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-20355",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-11-13T16:47:11.902334Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-11-13T16:51:21.740Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Cisco Digital Network Architecture Center (DNA Center)",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "1.4.0.0"
},
{
"status": "affected",
"version": "2.1.1.0"
},
{
"status": "affected",
"version": "2.1.1.3"
},
{
"status": "affected",
"version": "2.1.2.0"
},
{
"status": "affected",
"version": "2.1.2.3"
},
{
"status": "affected",
"version": "2.1.2.4"
},
{
"status": "affected",
"version": "2.1.2.5"
},
{
"status": "affected",
"version": "2.2.1.0"
},
{
"status": "affected",
"version": "2.1.2.6"
},
{
"status": "affected",
"version": "2.2.2.0"
},
{
"status": "affected",
"version": "2.2.2.1"
},
{
"status": "affected",
"version": "2.2.2.3"
},
{
"status": "affected",
"version": "2.1.2.7"
},
{
"status": "affected",
"version": "2.2.1.3"
},
{
"status": "affected",
"version": "2.2.3.0"
},
{
"status": "affected",
"version": "2.2.2.4"
},
{
"status": "affected",
"version": "2.2.2.5"
},
{
"status": "affected",
"version": "2.2.3.3"
},
{
"status": "affected",
"version": "2.2.2.7"
},
{
"status": "affected",
"version": "2.2.2.6"
},
{
"status": "affected",
"version": "2.2.2.8"
},
{
"status": "affected",
"version": "2.2.3.4"
},
{
"status": "affected",
"version": "2.1.2.8"
},
{
"status": "affected",
"version": "2.3.2.1"
},
{
"status": "affected",
"version": "2.3.2.1-AIRGAP"
},
{
"status": "affected",
"version": "2.3.2.1-AIRGAP-CA"
},
{
"status": "affected",
"version": "2.2.3.5"
},
{
"status": "affected",
"version": "2.3.3.0"
},
{
"status": "affected",
"version": "2.3.3.3"
},
{
"status": "affected",
"version": "2.3.3.1-AIRGAP"
},
{
"status": "affected",
"version": "2.3.3.1"
},
{
"status": "affected",
"version": "2.3.2.3"
},
{
"status": "affected",
"version": "2.3.3.3-AIRGAP"
},
{
"status": "affected",
"version": "2.2.3.6"
},
{
"status": "affected",
"version": "2.2.2.9"
},
{
"status": "affected",
"version": "2.3.3.0-AIRGAP"
},
{
"status": "affected",
"version": "2.3.3.3-AIRGAP-CA"
},
{
"status": "affected",
"version": "2.3.3.4"
},
{
"status": "affected",
"version": "2.3.3.4-AIRGAP"
},
{
"status": "affected",
"version": "2.3.3.4-AIRGAP-MDNAC"
},
{
"status": "affected",
"version": "2.3.3.4-HF1"
},
{
"status": "affected",
"version": "2.3.4.0"
},
{
"status": "affected",
"version": "2.3.3.5"
},
{
"status": "affected",
"version": "2.3.3.5-AIRGAP"
},
{
"status": "affected",
"version": "2.3.4.0-AIRGAP"
},
{
"status": "affected",
"version": "2.3.4.3"
},
{
"status": "affected",
"version": "2.3.4.3-AIRGAP"
},
{
"status": "affected",
"version": "2.3.3.6"
},
{
"status": "affected",
"version": "2.3.5.0"
},
{
"status": "affected",
"version": "2.3.3.6-AIRGAP"
},
{
"status": "affected",
"version": "2.3.5.0-AIRGAP"
},
{
"status": "affected",
"version": "2.3.3.6-AIRGAP-MDNAC"
},
{
"status": "affected",
"version": "2.3.5.0-AIRGAP-MDNAC"
},
{
"status": "affected",
"version": "2.3.3.7"
},
{
"status": "affected",
"version": "2.3.3.7-AIRGAP"
},
{
"status": "affected",
"version": "2.3.3.7-AIRGAP-MDNAC"
},
{
"status": "affected",
"version": "2.3.6.0"
},
{
"status": "affected",
"version": "2.3.3.6-70045-HF1"
},
{
"status": "affected",
"version": "2.3.3.7-72328-AIRGAP"
},
{
"status": "affected",
"version": "2.3.3.7-72323"
},
{
"status": "affected",
"version": "2.3.3.7-72328-MDNAC"
},
{
"status": "affected",
"version": "2.3.5.3"
},
{
"status": "affected",
"version": "2.3.5.3-AIRGAP-MDNAC"
},
{
"status": "affected",
"version": "2.3.5.3-AIRGAP"
},
{
"status": "affected",
"version": "2.3.6.0-AIRGAP"
},
{
"status": "affected",
"version": "2.3.7.0"
},
{
"status": "affected",
"version": "2.3.7.0-AIRGAP"
},
{
"status": "affected",
"version": "2.3.7.0-AIRGAP-MDNAC"
},
{
"status": "affected",
"version": "2.3.7.0-VA"
},
{
"status": "affected",
"version": "2.3.5.4"
},
{
"status": "affected",
"version": "2.3.5.4-AIRGAP"
},
{
"status": "affected",
"version": "2.3.5.4-AIRGAP-MDNAC"
},
{
"status": "affected",
"version": "2.3.7.3"
},
{
"status": "affected",
"version": "2.3.7.3-AIRGAP"
},
{
"status": "affected",
"version": "2.3.7.3-AIRGAP-MDNAC"
},
{
"status": "affected",
"version": "2.3.5.5-AIRGAP"
},
{
"status": "affected",
"version": "2.3.5.5"
},
{
"status": "affected",
"version": "2.3.5.5-AIRGAP-MDNAC"
},
{
"status": "affected",
"version": "2.3.7.4"
},
{
"status": "affected",
"version": "2.3.7.4-AIRGAP"
},
{
"status": "affected",
"version": "2.3.7.4-AIRGAP-MDNAC"
},
{
"status": "affected",
"version": "2.3.7.5-AIRGAP"
},
{
"status": "affected",
"version": "2.3.7.5-VA"
},
{
"status": "affected",
"version": "2.3.5.6-AIRGAP"
},
{
"status": "affected",
"version": "2.3.5.6"
},
{
"status": "affected",
"version": "2.3.5.6-AIRGAP-MDNAC"
},
{
"status": "affected",
"version": "1.0.0.0"
},
{
"status": "affected",
"version": "2.3.7.6-AIRGAP"
},
{
"status": "affected",
"version": "2.3.7.6"
},
{
"status": "affected",
"version": "2.3.7.6-VA"
},
{
"status": "affected",
"version": "2.3.5.5-70026-HF70"
},
{
"status": "affected",
"version": "2.3.5.5-70026-HF51"
},
{
"status": "affected",
"version": "2.3.5.6-70143-HF20"
},
{
"status": "affected",
"version": "2.3.7.6-AIRGAP-MDNAC"
},
{
"status": "affected",
"version": "2.3.5.5-70026-HF52"
},
{
"status": "affected",
"version": "2.3.5.5-70026-HF53"
},
{
"status": "affected",
"version": "2.3.5.5-70026-HF71"
},
{
"status": "affected",
"version": "2.3.7.7"
},
{
"status": "affected",
"version": "2.3.7.7-VA"
},
{
"status": "affected",
"version": "2.3.7.7-AIRGAP"
},
{
"status": "affected",
"version": "2.3.7.7-AIRGAP-MDNAC"
},
{
"status": "affected",
"version": "2.3.5.5-70026-HF72"
},
{
"status": "affected",
"version": "2.3.7.9-VA"
},
{
"status": "affected",
"version": "2.3.7.9"
},
{
"status": "affected",
"version": "2.3.7.9-AIRGAP"
},
{
"status": "affected",
"version": "2.3.7.9-AIRGAP-MDNAC"
},
{
"status": "affected",
"version": "2.3.7.9-70301-GSMU10"
},
{
"status": "affected",
"version": "2.3.7.9-75403-SMU10"
},
{
"status": "affected",
"version": "2.3.7.9-75403-GSMU10"
},
{
"status": "affected",
"version": "2.3.7.9.75403.10-VA"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based management interface of Cisco Catalyst Center Virtual Appliance could allow an unauthenticated, remote attacker to redirect a user to a malicious web page.\r\n\r\nThis vulnerability is due to improper input validation of HTTP request parameters. An attacker could exploit this vulnerability by intercepting and modifying an HTTP request from a user. A successful exploit could allow the attacker to redirect the user to a malicious web page."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-601",
"description": "URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-13T16:27:42.125Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-catc-open-redirect-3W5Bk3Je",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-catc-open-redirect-3W5Bk3Je"
}
],
"source": {
"advisory": "cisco-sa-catc-open-redirect-3W5Bk3Je",
"defects": [
"CSCwk40834"
],
"discovery": "INTERNAL"
},
"title": "Cisco Catalyst Center Software HTTP Open Redirect Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2025-20355",
"datePublished": "2025-11-13T16:18:14.450Z",
"dateReserved": "2024-10-10T19:15:13.257Z",
"dateUpdated": "2025-11-13T16:51:21.740Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-20341 (GCVE-0-2025-20341)
Vulnerability from cvelistv5 – Published: 2025-11-13 16:18 – Updated: 2026-02-26 16:57
VLAI?
EPSS
Title
Cisco Catalyst Center Privilege Escalation Vulnerability
Summary
A vulnerability in Cisco Catalyst Center Virtual Appliance could allow an authenticated, remote attacker to elevate privileges to Administrator on an affected system.
This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by submitting a crafted HTTP request to an affected system. A successful exploit could allow the attacker to perform unauthorized modifications to the system, including creating new user accounts or elevating their own privileges on an affected system. To exploit this vulnerability, the attacker must have valid credentials for a user account with at least the role of Observer.
Severity ?
8.8 (High)
CWE
- CWE-284 - Improper Access Control
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Digital Network Architecture Center (DNA Center) |
Affected:
2.3.7.5-VA
Affected: 2.3.7.6-VA Affected: 2.3.7.7-VA Affected: 2.3.7.9-VA Affected: 2.3.7.9.75403.10-VA |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-20341",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-11-14T04:55:36.037671Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-26T16:57:03.673Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Cisco Digital Network Architecture Center (DNA Center)",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "2.3.7.5-VA"
},
{
"status": "affected",
"version": "2.3.7.6-VA"
},
{
"status": "affected",
"version": "2.3.7.7-VA"
},
{
"status": "affected",
"version": "2.3.7.9-VA"
},
{
"status": "affected",
"version": "2.3.7.9.75403.10-VA"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in Cisco Catalyst Center Virtual Appliance could allow an authenticated, remote attacker to elevate privileges to Administrator on an affected system.\r\n\r\nThis vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by submitting a crafted HTTP request to an affected system. A successful exploit could allow the attacker to perform unauthorized modifications to the system, including creating new user accounts or elevating their own privileges on an affected system. To exploit this vulnerability, the attacker must have valid credentials for a user account with at least the role of Observer."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "Improper Access Control",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-13T16:27:30.810Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-catc-priv-esc-VS8EeCuX",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-catc-priv-esc-VS8EeCuX"
}
],
"source": {
"advisory": "cisco-sa-catc-priv-esc-VS8EeCuX",
"defects": [
"CSCwo97875"
],
"discovery": "EXTERNAL"
},
"title": "Cisco Catalyst Center Privilege Escalation Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2025-20341",
"datePublished": "2025-11-13T16:18:03.687Z",
"dateReserved": "2024-10-10T19:15:13.255Z",
"dateUpdated": "2026-02-26T16:57:03.673Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…