CVE-2025-20210 – “Cisco Catalyst Center Unauthenticated API Proxy Configuration Disclosure and Modification”

May 7, 2025

CVE ID : CVE-2025-20210

Published : May 7, 2025, 6:15 p.m. | 1 hour, 20 minutes ago

Description : A vulnerability in the management API of Cisco Catalyst Center, formerly Cisco DNA Center, could allow an unauthenticated, remote attacker to read and modify the outgoing proxy configuration settings.

This vulnerability is due to the lack of authentication in an API endpoint. An attacker could exploit this vulnerability by sending a request to the affected API of a Catalyst Center device. A successful exploit could allow the attacker to view or modify the outgoing proxy configuration, which could disrupt internet traffic from Cisco Catalyst Center or may allow the attacker to intercept outbound internet traffic.

Severity: 7.3 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-20213 – Cisco Catalyst SD-WAN Manager Local File System Overwrite Vulnerability

Next Article CVE-2025-20202 – Cisco IOS XE Wireless Controller Software CDP Neighbor Report Denial of Service Vulnerability

Sunshine And March Vibes (2025 Wallpapers Edition)

The Case For Minimal WordPress Setups: A Contrarian View On Theme Frameworks

How To Fix Largest Contentful Paint Issues With Subpart Analysis

How To Prevent WordPress SQL Injection Attacks

Intel’s latest Arc graphics driver is ready for DOOM: The Dark Ages, launching for Premium Edition owners on PC today

NVIDIA’s drivers are causing big problems for DOOM: The Dark Ages, but some fixes are available

Capcom breaks all-time profit records with 10% income growth after Monster Hunter Wilds sold over 10 million copies in a month

Microsoft plans to lay off 3% of its workforce, reportedly targeting management cuts as it changes to fit a “dynamic marketplace”

A cross-platform Markdown note-taking application

A cross-platform Markdown note-taking application

AI Assistant Demo & Tips for Enterprise Projects

Celebrating Global Accessibility Awareness Day (GAAD)

Intel’s latest Arc graphics driver is ready for DOOM: The Dark Ages, launching for Premium Edition owners on PC today

Intel’s latest Arc graphics driver is ready for DOOM: The Dark Ages, launching for Premium Edition owners on PC today

NVIDIA’s drivers are causing big problems for DOOM: The Dark Ages, but some fixes are available

Capcom breaks all-time profit records with 10% income growth after Monster Hunter Wilds sold over 10 million copies in a month

CVE-2025-20210 – “Cisco Catalyst Center Unauthenticated API Proxy Configuration Disclosure and Modification”

Nmap 7.96 Launches with Lightning-Fast DNS and 612 Scripts

CVE-2025-4732 – TOTOLINK A3002R/A3002RU HTTP POST Request Handler Buffer Overflow

Suspicious Minds: Insider Threats in The SaaS World

I love my Samsung Bespoke refrigerator, and it’s $980 during Memorial Day weekend

Dialogues Blog

Il podcast di Marco’s Box – Puntata 205

DOOM: The Dark Ages has been turned into a literal work of art by one fan — as well as having its own tapestry

Microsoft blocks critical Secure Boot loophole after over 7 months — fortifying Windows 11 against sophisticated firmware attacks camouflaged as verified UEFI apps

The 5 Dumbest Things in Cybersecurity This Year

What is a static IP address and what is it used for?

CVE-2025-20210 – “Cisco Catalyst Center Unauthenticated API Proxy Configuration Disclosure and Modification”

Related Posts