CVE-2025-20210

{"id": "CVE-2025-20210", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "psirt@cisco.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.3, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}, "impactScore": 3.4, "exploitabilityScore": 3.9}]}, "published": "2025-05-07T18:15:41.240", "references": [{"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-dnac-api-nBPZcJCM", "tags": ["Vendor Advisory"], "source": "psirt@cisco.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "psirt@cisco.com", "description": [{"lang": "en", "value": "CWE-306"}]}], "descriptions": [{"lang": "en", "value": "A vulnerability in the management API of Cisco Catalyst Center, formerly Cisco DNA Center, could allow an unauthenticated, remote attacker to read and modify the outgoing proxy configuration settings.\r\n\r\nThis vulnerability is due to the lack of authentication in an API endpoint. An attacker could exploit this vulnerability by sending a request to the affected API of a Catalyst Center device. A successful exploit could allow the attacker to view or modify the outgoing proxy configuration, which could disrupt internet traffic from Cisco Catalyst Center or may allow the attacker to intercept outbound internet traffic."}, {"lang": "es", "value": "Una vulnerabilidad en la API de administraci\u00f3n de Cisco Catalyst Center, anteriormente Cisco DNA Center, podr\u00eda permitir que un atacante remoto no autenticado lea y modifique la configuraci\u00f3n del proxy saliente. Esta vulnerabilidad se debe a la falta de autenticaci\u00f3n en un endpoint de la API. Un atacante podr\u00eda explotar esta vulnerabilidad enviando una solicitud a la API afectada de un dispositivo Catalyst Center. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante ver o modificar la configuraci\u00f3n del proxy saliente, lo que podr\u00eda interrumpir el tr\u00e1fico de internet de Cisco Catalyst Center o interceptar el tr\u00e1fico saliente."}], "lastModified": "2025-08-13T19:05:32.047", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:cisco:catalyst_center:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "82E4F91B-C188-473E-8B68-8FB39016D2A8", "versionEndExcluding": "2.3.7.9"}], "operator": "OR"}]}], "sourceIdentifier": "psirt@cisco.com"}