Cisco Catalyst Center vulnerabilities

CVE-2025-20349 [MEDIUM] CWE-78 CVE-2025-20349: A vulnerability in the REST API of Cisco Catalyst Center could allow an authenticated, remote attack A vulnerability in the REST API of Cisco Catalyst Center could allow an authenticated, remote attacker to execute arbitrary commands in a restricted container as the root user. This vulnerability is due to insufficient validation of user-supplied input in REST API request parameters. An attacker could exploit this vulnerability by sending a crafted

CVE-2025-20353 [MEDIUM] CWE-79 CVE-2025-20353: A vulnerability in the web-based management interface of Cisco Catalyst Center could allow an unauth A vulnerability in the web-based management interface of Cisco Catalyst Center could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface of an affected device. This vulnerability is due to insufficient validation of user input. An attacker could exploit this vulnerability by persua

CVE-2025-20346 [MEDIUM] CWE-269 CVE-2025-20346: A vulnerability in Cisco Catalyst Center could allow an authenticated, remote attacker to execute op A vulnerability in Cisco Catalyst Center could allow an authenticated, remote attacker to execute operations that should require Administrator privileges. The attacker would need valid read-only user credentials. This vulnerability is due to improper role-based access control (RBAC). An attacker could exploit this vulnerability by logging in to an

CVE-2025-20210 [HIGH] CWE-306 CVE-2025-20210: A vulnerability in the management API of Cisco Catalyst Center, formerly Cisco DNA Center, could all A vulnerability in the management API of Cisco Catalyst Center, formerly Cisco DNA Center, could allow an unauthenticated, remote attacker to read and modify the outgoing proxy configuration settings. This vulnerability is due to the lack of authentication in an API endpoint. An attacker could exploit this vulnerability by sending a request to the af

CVE-2025-20223 [MEDIUM] CWE-284 CVE-2025-20223: A vulnerability in Cisco Catalyst Center, formerly Cisco DNA Center, could allow an authenticated, r A vulnerability in Cisco Catalyst Center, formerly Cisco DNA Center, could allow an authenticated, remote attacker to read and modify data in a repository that belongs to an internal service of an affected device. This vulnerability is due to insufficient enforcement of access control on HTTP requests. An attacker could exploit this vulnerability by

CVE-2024-20350 [HIGH] CWE-321 CVE-2024-20350: A vulnerability in the SSH server of Cisco Catalyst Center, formerly Cisco DNA Center, could allow a A vulnerability in the SSH server of Cisco Catalyst Center, formerly Cisco DNA Center, could allow an unauthenticated, remote attacker to impersonate a Cisco Catalyst Center appliance. This vulnerability is due to the presence of a static SSH host key. An attacker could exploit this vulnerability by performing a machine-in-the-middle attack on SSH co

CVE-2024-20333 [MEDIUM] CWE-285 CVE-2024-20333: A vulnerability in the web-based management interface of Cisco Catalyst Center, formerly Cisco DNA C A vulnerability in the web-based management interface of Cisco Catalyst Center, formerly Cisco DNA Center, could allow an authenticated, remote attacker to change specific data within the interface on an affected device. This vulnerability is due to insufficient authorization enforcement. An attacker could exploit this vulnerability by sending a cra

CVE-2023-20182 [MEDIUM] CWE-285 CVE-2023-20182: Multiple vulnerabilities in the API of Cisco DNA Center Software could allow an authenticated, remot Multiple vulnerabilities in the API of Cisco DNA Center Software could allow an authenticated, remote attacker to read information from a restricted container, enumerate user information, or execute arbitrary commands in a restricted container as the root user. For more information about these vulnerabilities, see the Details section of this advisor

CVE-2023-20183 [MEDIUM] CWE-285 CVE-2023-20183: Multiple vulnerabilities in the API of Cisco DNA Center Software could allow an authenticated, remot Multiple vulnerabilities in the API of Cisco DNA Center Software could allow an authenticated, remote attacker to read information from a restricted container, enumerate user information, or execute arbitrary commands in a restricted container as the root user. For more information about these vulnerabilities, see the Details section of this advisor

CVE-2023-20184 [MEDIUM] CWE-285 CVE-2023-20184: Multiple vulnerabilities in the API of Cisco DNA Center Software could allow an authenticated, remot Multiple vulnerabilities in the API of Cisco DNA Center Software could allow an authenticated, remote attacker to read information from a restricted container, enumerate user information, or execute arbitrary commands in a restricted container as the root user. For more information about these vulnerabilities, see the Details section of this advisor

CVE-2023-20055 [HIGH] CWE-200 CVE-2023-20055: A vulnerability in the management API of Cisco DNA Center could allow an authenticated, remote attac A vulnerability in the management API of Cisco DNA Center could allow an authenticated, remote attacker to elevate privileges in the context of the web-based management interface on an affected device. This vulnerability is due to the unintended exposure of sensitive information. An attacker could exploit this vulnerability by inspecting the responses

CVE-2023-20059 [MEDIUM] CWE-555 CVE-2023-20059: A vulnerability in the implementation of the Cisco Network Plug-and-Play (PnP) agent of Cisco DNA Ce A vulnerability in the implementation of the Cisco Network Plug-and-Play (PnP) agent of Cisco DNA Center could allow an authenticated, remote attacker to view sensitive information in clear text. The attacker must have valid low-privileged user credentials. This vulnerability is due to improper role-based access control (RBAC) with the integration o

CVE-2022-20630 [MEDIUM] CWE-200 CVE-2022-20630: A vulnerability in the audit log of Cisco DNA Center could allow an authenticated, local attacker to A vulnerability in the audit log of Cisco DNA Center could allow an authenticated, local attacker to view sensitive information in clear text. This vulnerability is due to the unsecured logging of sensitive information on an affected system. An attacker with administrative privileges could exploit this vulnerability by accessing the audit logs throu

CVE-2021-34782 [MEDIUM] CWE-202 CVE-2021-34782: A vulnerability in the API endpoints for Cisco DNA Center could allow an authenticated, remote attac A vulnerability in the API endpoints for Cisco DNA Center could allow an authenticated, remote attacker to gain access to sensitive information that should be restricted. The attacker must have valid device credentials. This vulnerability is due to improper access controls on API endpoints. An attacker could exploit the vulnerability by sending a sp

CVE-2021-1134 [HIGH] CWE-295 CVE-2021-1134: A vulnerability in the Cisco Identity Services Engine (ISE) integration feature of the Cisco DNA Cen A vulnerability in the Cisco Identity Services Engine (ISE) integration feature of the Cisco DNA Center Software could allow an unauthenticated, remote attacker to gain unauthorized access to sensitive data. The vulnerability is due to an incomplete validation of the X.509 certificate used when establishing a connection between DNA Center and an ISE ser

CVE-2021-1264 [CRITICAL] CWE-78 CVE-2021-1264: A vulnerability in the Command Runner tool of Cisco DNA Center could allow an authenticated, remote A vulnerability in the Command Runner tool of Cisco DNA Center could allow an authenticated, remote attacker to perform a command injection attack. The vulnerability is due to insufficient input validation by the Command Runner tool. An attacker could exploit this vulnerability by providing crafted input during command execution or via a crafted comma

CVE-2021-1257 [HIGH] CWE-352 CVE-2021-1257: A vulnerability in the web-based management interface of Cisco DNA Center Software could allow an un A vulnerability in the web-based management interface of Cisco DNA Center Software could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack to manipulate an authenticated user into executing malicious actions without their awareness or consent. The vulnerability is due to insufficient CSRF protections for the

CVE-2021-1303 [HIGH] CWE-266 CVE-2021-1303: A vulnerability in the user management roles of Cisco DNA Center could allow an authenticated, remot A vulnerability in the user management roles of Cisco DNA Center could allow an authenticated, remote attacker to execute unauthorized commands on an affected device. The vulnerability is due to improper enforcement of actions for assigned user roles. An attacker could exploit this vulnerability by authenticating as a user with an Observer role and exec

CVE-2021-1265 [MEDIUM] CWE-312 CVE-2021-1265: A vulnerability in the configuration archive functionality of Cisco DNA Center could allow any privi A vulnerability in the configuration archive functionality of Cisco DNA Center could allow any privilege-level authenticated, remote attacker to obtain the full unmasked running configuration of managed devices. The vulnerability is due to the configuration archives files being stored in clear text, which can be retrieved by various API calls. An atta

CVE-2021-1130 [MEDIUM] CWE-79 CVE-2021-1130: A vulnerability in the web-based management interface of Cisco DNA Center software could allow an au A vulnerability in the web-based management interface of Cisco DNA Center software could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface of an affected device. The vulnerability exists because the web-based management interface does not properly validate user-supplied input. An atta