CVE-2025-20210 – “Cisco Catalyst Center Unauthenticated API Proxy Configuration Disclosure and Modification”

May 7, 2025

CVE ID : CVE-2025-20210

Published : May 7, 2025, 6:15 p.m. | 1 hour, 20 minutes ago

Description : A vulnerability in the management API of Cisco Catalyst Center, formerly Cisco DNA Center, could allow an unauthenticated, remote attacker to read and modify the outgoing proxy configuration settings.

This vulnerability is due to the lack of authentication in an API endpoint. An attacker could exploit this vulnerability by sending a request to the affected API of a Catalyst Center device. A successful exploit could allow the attacker to view or modify the outgoing proxy configuration, which could disrupt internet traffic from Cisco Catalyst Center or may allow the attacker to intercept outbound internet traffic.

Severity: 7.3 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-20213 – Cisco Catalyst SD-WAN Manager Local File System Overwrite Vulnerability

Next Article CVE-2025-20202 – Cisco IOS XE Wireless Controller Software CDP Neighbor Report Denial of Service Vulnerability

Sunshine And March Vibes (2025 Wallpapers Edition)

The Case For Minimal WordPress Setups: A Contrarian View On Theme Frameworks

How To Fix Largest Contentful Paint Issues With Subpart Analysis

How To Prevent WordPress SQL Injection Attacks

Xbox has become a Game Pass machine and nothing more — Is it enough to justify Microsoft’s console over a costly gaming PC?

I tested this superb gaming laptop, and it proves that NVIDIA’s RTX 5090 is still a massive waste of money

Windows 11’s Settings app is getting an AI agent that can configure options on your PC for you

Microsoft unveils “new generation of Windows experiences” — here’s what’s on the way to Windows 11 and Copilot+ PCs

Node.js 24 Is Here: What You Need to Know

Node.js 24 Is Here: What You Need to Know

Solution Highlight – Oracle Fusion Global SCM and Manufacturing – Part 2

URI Path Components Using Laravel’s pathSegments() Method

Tap into Potential: Add Premium Touch to Your Raspberry Pi Projects With SunFounder’s 10-inch Display

Tap into Potential: Add Premium Touch to Your Raspberry Pi Projects With SunFounder’s 10-inch Display

How to Sandbox Linux Apps with Firejail and Bubblewrap

Enable or Disable Word Wrap in VS Code

CVE-2025-20210 – “Cisco Catalyst Center Unauthenticated API Proxy Configuration Disclosure and Modification”

SysAid Patches 4 Critical Flaws Enabling Pre-Auth RCE in On-Premise Version

Lockbit Ransomware Hacked – Leaked Database Exposes Internal Chats

This lightning-fast Linux distro will hook you the moment you try it

CVE-2025-3278 – “UrbanGo Membership Plugin Privilege Escalation Vulnerability”

JDBC connection to databricks server is failing in JMeter

Migrating Cypress to Playwright Made Easy

Expanding Enterprise Security and Data Residency Capabilities

OIN marks 20 years of defending Linux and open source from patent trolls

Understanding transaction visibility in PostgreSQL clusters with read replicas

Unify structured data in Amazon Aurora and unstructured data in Amazon S3 for insights using Amazon Q

CVE-2025-20210 – “Cisco Catalyst Center Unauthenticated API Proxy Configuration Disclosure and Modification”

Related Posts