CVE-2025-20210 – “Cisco Catalyst Center Unauthenticated API Proxy Configuration Disclosure and Modification”

May 7, 2025

CVE ID : CVE-2025-20210

Published : May 7, 2025, 6:15 p.m. | 1 hour, 20 minutes ago

Description : A vulnerability in the management API of Cisco Catalyst Center, formerly Cisco DNA Center, could allow an unauthenticated, remote attacker to read and modify the outgoing proxy configuration settings.

This vulnerability is due to the lack of authentication in an API endpoint. An attacker could exploit this vulnerability by sending a request to the affected API of a Catalyst Center device. A successful exploit could allow the attacker to view or modify the outgoing proxy configuration, which could disrupt internet traffic from Cisco Catalyst Center or may allow the attacker to intercept outbound internet traffic.

Severity: 7.3 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-20213 – Cisco Catalyst SD-WAN Manager Local File System Overwrite Vulnerability

Next Article CVE-2025-20202 – Cisco IOS XE Wireless Controller Software CDP Neighbor Report Denial of Service Vulnerability

Agent Mode for Gemini added to Android Studio

Google’s Agent2Agent protocol finds new home at the Linux Foundation

Decoding The SVG path Element: Curve And Arc Commands

This week in AI dev tools: Gemini 2.5 Pro and Flash GA, GitHub Copilot Spaces, and more (June 20, 2025)

Microsoft is reportedly planning yet more major cuts at Xbox — as early as next week

Microsoft makes Windows 10 security updates FREE for an extra year — but there’s a catch, and you might not like it

“Deus Ex” just turned 25 years old and it’s still the best PC game of all time — you only need $2 to play it on practically anything

Where to buy a Meta Quest 3S Xbox Edition — and why it’s a better bargain than the “normal” Meta Quest 3S

Vite 7.0 Is Out

Vite 7.0 Is Out

Exploring JavaScript ES2025 Edition

Mastering Mixed DML Operations in Apex

Microsoft is reportedly planning yet more major cuts at Xbox — as early as next week

Microsoft is reportedly planning yet more major cuts at Xbox — as early as next week

Microsoft makes Windows 10 security updates FREE for an extra year — but there’s a catch, and you might not like it

“Deus Ex” just turned 25 years old and it’s still the best PC game of all time — you only need $2 to play it on practically anything

CVE-2025-20210 – “Cisco Catalyst Center Unauthenticated API Proxy Configuration Disclosure and Modification”

Rogue WordPress Plugin Unmasked: Stealthy Malware Skims Credit Cards & Steals Credentials

Urgent Advantech Alert: Critical Flaws (CVSS 9.6) Expose Industrial Automation to Remote Takeover, PoC Releases

CVE-2025-23264 – NVIDIA Megatron-LM Python Component Code Injection Vulnerability

First exploitation of Internet Explorer ‘Unicorn bug’ in-the-wild

CVE-2025-48787 – Cisco Router Unvalidated User Input

CVE-2025-5127 – FLIR AX8 Cross-Site Scripting Vulnerability

OpenRefine – desktop program for data cleanup and transformation

Microsoft Helps CBI Dismantle Indian Call Centers Behind Japanese Tech Support Scam

CVE-2025-6114 – D-Link DIR-619L Stack-Based Buffer Overflow Vulnerability

tinyMediaManager is a media management tool

CVE-2025-20210 – “Cisco Catalyst Center Unauthenticated API Proxy Configuration Disclosure and Modification”

Related Posts