4.7
CVE-2025-20355
- EPSS 0.02%
- Veröffentlicht 13.11.2025 16:18:14
- Zuletzt bearbeitet 14.11.2025 16:42:03
- Quelle psirt@cisco.com
- CVE-Watchlists
- Unerledigt
A vulnerability in the web-based management interface of Cisco Catalyst Center Virtual Appliance could allow an unauthenticated, remote attacker to redirect a user to a malicious web page. This vulnerability is due to improper input validation of HTTP request parameters. An attacker could exploit this vulnerability by intercepting and modifying an HTTP request from a user. A successful exploit could allow the attacker to redirect the user to a malicious web page.
Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD
Diese Information steht angemeldeten Benutzern zur Verfügung. 
Login
LoginDaten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).
HerstellerCisco
≫
Produkt
Cisco Digital Network Architecture Center (DNA Center)
Default Statusunknown
Version
1.4.0.0
Status
affected
Version
2.1.1.0
Status
affected
Version
2.1.1.3
Status
affected
Version
2.1.2.0
Status
affected
Version
2.1.2.3
Status
affected
Version
2.1.2.4
Status
affected
Version
2.1.2.5
Status
affected
Version
2.2.1.0
Status
affected
Version
2.1.2.6
Status
affected
Version
2.2.2.0
Status
affected
Version
2.2.2.1
Status
affected
Version
2.2.2.3
Status
affected
Version
2.1.2.7
Status
affected
Version
2.2.1.3
Status
affected
Version
2.2.3.0
Status
affected
Version
2.2.2.4
Status
affected
Version
2.2.2.5
Status
affected
Version
2.2.3.3
Status
affected
Version
2.2.2.7
Status
affected
Version
2.2.2.6
Status
affected
Version
2.2.2.8
Status
affected
Version
2.2.3.4
Status
affected
Version
2.1.2.8
Status
affected
Version
2.3.2.1
Status
affected
Version
2.3.2.1-AIRGAP
Status
affected
Version
2.3.2.1-AIRGAP-CA
Status
affected
Version
2.2.3.5
Status
affected
Version
2.3.3.0
Status
affected
Version
2.3.3.3
Status
affected
Version
2.3.3.1-AIRGAP
Status
affected
Version
2.3.3.1
Status
affected
Version
2.3.2.3
Status
affected
Version
2.3.3.3-AIRGAP
Status
affected
Version
2.2.3.6
Status
affected
Version
2.2.2.9
Status
affected
Version
2.3.3.0-AIRGAP
Status
affected
Version
2.3.3.3-AIRGAP-CA
Status
affected
Version
2.3.3.4
Status
affected
Version
2.3.3.4-AIRGAP
Status
affected
Version
2.3.3.4-AIRGAP-MDNAC
Status
affected
Version
2.3.3.4-HF1
Status
affected
Version
2.3.4.0
Status
affected
Version
2.3.3.5
Status
affected
Version
2.3.3.5-AIRGAP
Status
affected
Version
2.3.4.0-AIRGAP
Status
affected
Version
2.3.4.3
Status
affected
Version
2.3.4.3-AIRGAP
Status
affected
Version
2.3.3.6
Status
affected
Version
2.3.5.0
Status
affected
Version
2.3.3.6-AIRGAP
Status
affected
Version
2.3.5.0-AIRGAP
Status
affected
Version
2.3.3.6-AIRGAP-MDNAC
Status
affected
Version
2.3.5.0-AIRGAP-MDNAC
Status
affected
Version
2.3.3.7
Status
affected
Version
2.3.3.7-AIRGAP
Status
affected
Version
2.3.3.7-AIRGAP-MDNAC
Status
affected
Version
2.3.6.0
Status
affected
Version
2.3.3.6-70045-HF1
Status
affected
Version
2.3.3.7-72328-AIRGAP
Status
affected
Version
2.3.3.7-72323
Status
affected
Version
2.3.3.7-72328-MDNAC
Status
affected
Version
2.3.5.3
Status
affected
Version
2.3.5.3-AIRGAP-MDNAC
Status
affected
Version
2.3.5.3-AIRGAP
Status
affected
Version
2.3.6.0-AIRGAP
Status
affected
Version
2.3.7.0
Status
affected
Version
2.3.7.0-AIRGAP
Status
affected
Version
2.3.7.0-AIRGAP-MDNAC
Status
affected
Version
2.3.7.0-VA
Status
affected
Version
2.3.5.4
Status
affected
Version
2.3.5.4-AIRGAP
Status
affected
Version
2.3.5.4-AIRGAP-MDNAC
Status
affected
Version
2.3.7.3
Status
affected
Version
2.3.7.3-AIRGAP
Status
affected
Version
2.3.7.3-AIRGAP-MDNAC
Status
affected
Version
2.3.5.5-AIRGAP
Status
affected
Version
2.3.5.5
Status
affected
Version
2.3.5.5-AIRGAP-MDNAC
Status
affected
Version
2.3.7.4
Status
affected
Version
2.3.7.4-AIRGAP
Status
affected
Version
2.3.7.4-AIRGAP-MDNAC
Status
affected
Version
2.3.7.5-AIRGAP
Status
affected
Version
2.3.7.5-VA
Status
affected
Version
2.3.5.6-AIRGAP
Status
affected
Version
2.3.5.6
Status
affected
Version
2.3.5.6-AIRGAP-MDNAC
Status
affected
Version
1.0.0.0
Status
affected
Version
2.3.7.6-AIRGAP
Status
affected
Version
2.3.7.6
Status
affected
Version
2.3.7.6-VA
Status
affected
Version
2.3.5.5-70026-HF70
Status
affected
Version
2.3.5.5-70026-HF51
Status
affected
Version
2.3.5.6-70143-HF20
Status
affected
Version
2.3.7.6-AIRGAP-MDNAC
Status
affected
Version
2.3.5.5-70026-HF52
Status
affected
Version
2.3.5.5-70026-HF53
Status
affected
Version
2.3.5.5-70026-HF71
Status
affected
Version
2.3.7.7
Status
affected
Version
2.3.7.7-VA
Status
affected
Version
2.3.7.7-AIRGAP
Status
affected
Version
2.3.7.7-AIRGAP-MDNAC
Status
affected
Version
2.3.5.5-70026-HF72
Status
affected
Version
2.3.7.9-VA
Status
affected
Version
2.3.7.9
Status
affected
Version
2.3.7.9-AIRGAP
Status
affected
Version
2.3.7.9-AIRGAP-MDNAC
Status
affected
Version
2.3.7.9-70301-GSMU10
Status
affected
Version
2.3.7.9-75403-SMU10
Status
affected
Version
2.3.7.9-75403-GSMU10
Status
affected
Version
2.3.7.9.75403.10-VA
Status
affected
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.02% | 0.029 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| psirt@cisco.com | 4.7 | 2.8 | 1.4 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N
|
CWE-601 URL Redirection to Untrusted Site ('Open Redirect')
The web application accepts a user-controlled input that specifies a link to an external site, and uses that link in a redirect.