Cisco

Catalyst Center

27 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
4.3

CVE-2025-20346

Medienbericht
  • EPSS 0.04%
  • Veröffentlicht 13.11.2025 16:27:30
  • Zuletzt bearbeitet 19.11.2025 17:16:36

A vulnerability in Cisco Catalyst Center could allow an authenticated, remote attacker to execute operations that should require Administrator privileges. The attacker would need valid read-only user credentials. This vulnerability is due to impro...

4.7

CVE-2025-20355

Medienbericht
  • EPSS 0.02%
  • Veröffentlicht 13.11.2025 16:18:14
  • Zuletzt bearbeitet 14.11.2025 16:42:03

A vulnerability in the web-based management interface of Cisco Catalyst Center Virtual Appliance could allow an unauthenticated, remote attacker to redirect a user to a malicious web page. This vulnerability is due to improper input validation of ...

6.1

CVE-2025-20353

Medienbericht
  • EPSS 0.02%
  • Veröffentlicht 13.11.2025 16:18:12
  • Zuletzt bearbeitet 19.11.2025 16:56:28

A vulnerability in the web-based management interface of Cisco Catalyst Center could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface of an affected device. This vulnerability...

8.8

CVE-2025-20349

Medienbericht
  • EPSS 0.29%
  • Veröffentlicht 13.11.2025 16:18:03
  • Zuletzt bearbeitet 19.11.2025 17:07:43

A vulnerability in the REST API of Cisco Catalyst Center could allow an authenticated, remote attacker to execute arbitrary commands in a restricted container as the root user. This vulnerability is due to insufficient validation of user-supplied ...

8.8

CVE-2025-20341

Medienbericht
  • EPSS 0.21%
  • Veröffentlicht 13.11.2025 16:18:03
  • Zuletzt bearbeitet 14.11.2025 16:42:03

A vulnerability in Cisco Catalyst Center Virtual Appliance could allow an authenticated, remote attacker to elevate privileges to Administrator on an affected system. This vulnerability is due to insufficient validation of user-supplied input. An ...

4.7

CVE-2025-20223

  • EPSS 0.1%
  • Veröffentlicht 07.05.2025 17:37:26
  • Zuletzt bearbeitet 23.07.2025 14:53:16

A vulnerability in Cisco Catalyst Center, formerly Cisco DNA Center, could allow an authenticated, remote attacker to read and modify data in a repository that belongs to an internal service of an affected device. This vulnerability is due to insu...

7.3

CVE-2025-20210

  • EPSS 0.1%
  • Veröffentlicht 07.05.2025 17:16:52
  • Zuletzt bearbeitet 13.08.2025 19:05:32

A vulnerability in the management API of Cisco Catalyst Center, formerly Cisco DNA Center, could allow an unauthenticated, remote attacker to read and modify the outgoing proxy configuration settings. This vulnerability is due to the lack of authe...

8.1

CVE-2024-20350

  • EPSS 2.16%
  • Veröffentlicht 25.09.2024 17:15:15
  • Zuletzt bearbeitet 30.07.2025 16:08:54

A vulnerability in the SSH server of Cisco Catalyst Center, formerly Cisco DNA Center, could allow an unauthenticated, remote attacker to impersonate a Cisco Catalyst Center appliance. This vulnerability is due to the presence of a static SSH host...

4.3

CVE-2024-20333

  • EPSS 0.17%
  • Veröffentlicht 27.03.2024 17:15:53
  • Zuletzt bearbeitet 23.07.2025 14:53:12

A vulnerability in the web-based management interface of Cisco Catalyst Center, formerly Cisco DNA Center, could allow an authenticated, remote attacker to change specific data within the interface on an affected device. This vulnerability is due ...

4.3

CVE-2023-20184

  • EPSS 0.12%
  • Veröffentlicht 18.05.2023 03:15:11
  • Zuletzt bearbeitet 23.07.2025 15:26:38

Multiple vulnerabilities in the API of Cisco DNA Center Software could allow an authenticated, remote attacker to read information from a restricted container, enumerate user information, or execute arbitrary commands in a restricted container as the...