CVE-2025-20223

A vulnerability in Cisco Catalyst Center, formerly Cisco DNA Center, could allow an authenticated, remote attacker to read and modify data in a repository that belongs to an internal service of an affected device. This vulnerability is due to insufficient enforcement of access control on HTTP requests. An attacker could exploit this vulnerability by submitting a crafted HTTP request to an affected device. A successful exploit could allow the attacker to read and modify data that is handled by an internal service on the affected device.

CVSS v3 4.7 MEDIUM

4.7^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 1.2 / Impact : 3.4

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required HIGH

User Interaction NONE

Confidentiality Impact LOW

Integrity Impact LOW

Availability Impact LOW

Scope UNCHANGED

References

Link	Resource
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-catc-insec-acc-mtt8EhEb	Vendor Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:cisco:catalyst_center:*:*:*:*:*:*:*:*

History

23 Jul 2025, 14:53

Type	Values Removed	Values Added
CPE		cpe:2.3:a:cisco:catalyst_center::::::::
First Time		Cisco catalyst Center Cisco
References	~~() https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-catc-insec-acc-mtt8EhEb -~~	() https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-catc-insec-acc-mtt8EhEb - Vendor Advisory

08 May 2025, 14:39

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-05-07 18:15

Updated : 2025-07-23 14:53

NVD link : CVE-2025-20223

Mitre link : CVE-2025-20223

CVE.ORG link : CVE-2025-20223

JSON object : View

Products Affected

cisco

catalyst_center

CWE

CWE-284

Improper Access Control

{"id": "CVE-2025-20223", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "psirt@cisco.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 4.7, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "HIGH", "confidentialityImpact": "LOW"}, "impactScore": 3.4, "exploitabilityScore": 1.2}]}, "published": "2025-05-07T18:15:42.070", "references": [{"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-catc-insec-acc-mtt8EhEb", "tags": ["Vendor Advisory"], "source": "psirt@cisco.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "psirt@cisco.com", "description": [{"lang": "en", "value": "CWE-284"}]}], "descriptions": [{"lang": "en", "value": "A vulnerability in Cisco Catalyst Center, formerly Cisco DNA Center, could allow an authenticated, remote attacker to read and modify data in a repository that belongs to an internal service of an affected device.\r\n\r This vulnerability is due to insufficient enforcement of access control on HTTP requests. An attacker could exploit this vulnerability by submitting a crafted HTTP request to an affected device. A successful exploit could allow the attacker to read and modify data that is handled by an internal service on the affected device."}, {"lang": "es", "value": "Una vulnerabilidad en Cisco Catalyst Center, anteriormente Cisco DNA Center, podr\u00eda permitir que un atacante remoto autenticado lea y modifique datos en un repositorio perteneciente a un servicio interno de un dispositivo afectado. Esta vulnerabilidad se debe a un control de acceso insuficiente en las solicitudes HTTP. Un atacante podr\u00eda explotar esta vulnerabilidad enviando una solicitud HTTP manipulada a un dispositivo afectado. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante leer y modificar datos gestionados por un servicio interno del dispositivo afectado."}], "lastModified": "2025-07-23T14:53:16.167", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:cisco:catalyst_center:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "789E7FF9-0284-468B-A480-F2144934302C", "versionEndExcluding": "2.3.7.7"}], "operator": "OR"}]}], "sourceIdentifier": "psirt@cisco.com"}