CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2025-20349

A vulnerability in the REST API of Cisco Catalyst Center could allow an authenticated, remote attacker to execute arbitrary commands in a restricted container as the root user. This vulnerability is due to insufficient validation of user-supplied input in REST API request parameters. An attacker could exploit this vulnerability by sending a crafted API request to an affected device. A successful exploit could allow the attacker to inject arbitrary commands that would then be executed in a restricted container with root privileges. To exploit this vulnerability, the attacker must have valid credentials for a user account with at least the role of Observer.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.003

EPSS Ranking 46.6%

CVSS Severity

CVSS v3 Score 6.3

References

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-dnac-ci-ZWLQVSwT

Products affected by CVE-2025-20349

Cisco » Catalyst Center » Version: N/A

cpe:2.3:a:cisco:catalyst_center:-
Cisco » Catalyst Center » Version: 1.1.2

cpe:2.3:a:cisco:catalyst_center:1.1.2
Cisco » Catalyst Center » Version: 1.1.3

cpe:2.3:a:cisco:catalyst_center:1.1.3
Cisco » Catalyst Center » Version: 1.1.4

cpe:2.3:a:cisco:catalyst_center:1.1.4
Cisco » Catalyst Center » Version: 1.1.5

cpe:2.3:a:cisco:catalyst_center:1.1.5
Cisco » Catalyst Center » Version: 1.1.6

cpe:2.3:a:cisco:catalyst_center:1.1.6
Cisco » Catalyst Center » Version: 1.1.7

cpe:2.3:a:cisco:catalyst_center:1.1.7
Cisco » Catalyst Center » Version: 1.1.8

cpe:2.3:a:cisco:catalyst_center:1.1.8
Cisco » Catalyst Center » Version: 1.2

cpe:2.3:a:cisco:catalyst_center:1.2
Cisco » Catalyst Center » Version: 1.2.1

cpe:2.3:a:cisco:catalyst_center:1.2.1
Cisco » Catalyst Center » Version: 1.2.10

cpe:2.3:a:cisco:catalyst_center:1.2.10
Cisco » Catalyst Center » Version: 1.2.10.4

cpe:2.3:a:cisco:catalyst_center:1.2.10.4
Cisco » Catalyst Center » Version: 1.2.10.5

cpe:2.3:a:cisco:catalyst_center:1.2.10.5
Cisco » Catalyst Center » Version: 1.2.12

cpe:2.3:a:cisco:catalyst_center:1.2.12
Cisco » Catalyst Center » Version: 1.2.12.1

cpe:2.3:a:cisco:catalyst_center:1.2.12.1
Cisco » Catalyst Center » Version: 1.2.12.2

cpe:2.3:a:cisco:catalyst_center:1.2.12.2
Cisco » Catalyst Center » Version: 1.2.2

cpe:2.3:a:cisco:catalyst_center:1.2.2
Cisco » Catalyst Center » Version: 1.2.3

cpe:2.3:a:cisco:catalyst_center:1.2.3
Cisco » Catalyst Center » Version: 1.2.4

cpe:2.3:a:cisco:catalyst_center:1.2.4
Cisco » Catalyst Center » Version: 1.2.5

cpe:2.3:a:cisco:catalyst_center:1.2.5
Cisco » Catalyst Center » Version: 1.2.6

cpe:2.3:a:cisco:catalyst_center:1.2.6
Cisco » Catalyst Center » Version: 1.2.8

cpe:2.3:a:cisco:catalyst_center:1.2.8
Cisco » Catalyst Center » Version: 1.3

cpe:2.3:a:cisco:catalyst_center:1.3
Cisco » Catalyst Center » Version: 1.3.0.2

cpe:2.3:a:cisco:catalyst_center:1.3.0.2
Cisco » Catalyst Center » Version: 1.3.0.3

cpe:2.3:a:cisco:catalyst_center:1.3.0.3
Cisco » Catalyst Center » Version: 1.3.0.4

cpe:2.3:a:cisco:catalyst_center:1.3.0.4
Cisco » Catalyst Center » Version: 1.3.0.5

cpe:2.3:a:cisco:catalyst_center:1.3.0.5
Cisco » Catalyst Center » Version: 1.3.0.6

cpe:2.3:a:cisco:catalyst_center:1.3.0.6
Cisco » Catalyst Center » Version: 1.3.0.7

cpe:2.3:a:cisco:catalyst_center:1.3.0.7
Cisco » Catalyst Center » Version: 1.3.1.0

cpe:2.3:a:cisco:catalyst_center:1.3.1.0
Cisco » Catalyst Center » Version: 1.3.1.1

cpe:2.3:a:cisco:catalyst_center:1.3.1.1
Cisco » Catalyst Center » Version: 1.3.1.2

cpe:2.3:a:cisco:catalyst_center:1.3.1.2
Cisco » Catalyst Center » Version: 1.3.1.3

cpe:2.3:a:cisco:catalyst_center:1.3.1.3
Cisco » Catalyst Center » Version: 1.3.1.4

cpe:2.3:a:cisco:catalyst_center:1.3.1.4
Cisco » Catalyst Center » Version: 1.3.1.5

cpe:2.3:a:cisco:catalyst_center:1.3.1.5
Cisco » Catalyst Center » Version: 1.3.1.6

cpe:2.3:a:cisco:catalyst_center:1.3.1.6
Cisco » Catalyst Center » Version: 1.3.1.7

cpe:2.3:a:cisco:catalyst_center:1.3.1.7
Cisco » Catalyst Center » Version: 1.3.3.0

cpe:2.3:a:cisco:catalyst_center:1.3.3.0
Cisco » Catalyst Center » Version: 1.3.3.1

cpe:2.3:a:cisco:catalyst_center:1.3.3.1
Cisco » Catalyst Center » Version: 1.3.3.3

cpe:2.3:a:cisco:catalyst_center:1.3.3.3
Cisco » Catalyst Center » Version: 1.3.3.4

cpe:2.3:a:cisco:catalyst_center:1.3.3.4
Cisco » Catalyst Center » Version: 1.3.3.5

cpe:2.3:a:cisco:catalyst_center:1.3.3.5
Cisco » Catalyst Center » Version: 1.3.3.6

cpe:2.3:a:cisco:catalyst_center:1.3.3.6
Cisco » Catalyst Center » Version: 1.3.3.7

cpe:2.3:a:cisco:catalyst_center:1.3.3.7
Cisco » Catalyst Center » Version: 1.3.3.8

cpe:2.3:a:cisco:catalyst_center:1.3.3.8
Cisco » Catalyst Center » Version: 1.3.3.9

cpe:2.3:a:cisco:catalyst_center:1.3.3.9
Cisco » Catalyst Center » Version: 2.1.1.0

cpe:2.3:a:cisco:catalyst_center:2.1.1.0
Cisco » Catalyst Center » Version: 2.1.2.0

cpe:2.3:a:cisco:catalyst_center:2.1.2.0
Cisco » Catalyst Center » Version: 2.1.2.3

cpe:2.3:a:cisco:catalyst_center:2.1.2.3
Cisco » Catalyst Center » Version: 2.1.2.4

cpe:2.3:a:cisco:catalyst_center:2.1.2.4
Cisco » Catalyst Center » Version: 2.1.2.5

cpe:2.3:a:cisco:catalyst_center:2.1.2.5
Cisco » Catalyst Center » Version: 2.1.2.6

cpe:2.3:a:cisco:catalyst_center:2.1.2.6
Cisco » Catalyst Center » Version: 2.1.2.7

cpe:2.3:a:cisco:catalyst_center:2.1.2.7
Cisco » Catalyst Center » Version: 2.1.2.8

cpe:2.3:a:cisco:catalyst_center:2.1.2.8
Cisco » Catalyst Center » Version: 2.2.1.0

cpe:2.3:a:cisco:catalyst_center:2.2.1.0
Cisco » Catalyst Center » Version: 2.2.2.0

cpe:2.3:a:cisco:catalyst_center:2.2.2.0
Cisco » Catalyst Center » Version: 2.2.2.1

cpe:2.3:a:cisco:catalyst_center:2.2.2.1
Cisco » Catalyst Center » Version: 2.2.2.3

cpe:2.3:a:cisco:catalyst_center:2.2.2.3
Cisco » Catalyst Center » Version: 2.2.2.4

cpe:2.3:a:cisco:catalyst_center:2.2.2.4
Cisco » Catalyst Center » Version: 2.2.2.5

cpe:2.3:a:cisco:catalyst_center:2.2.2.5
Cisco » Catalyst Center » Version: 2.2.2.8

cpe:2.3:a:cisco:catalyst_center:2.2.2.8
Cisco » Catalyst Center » Version: 2.2.3.0

cpe:2.3:a:cisco:catalyst_center:2.2.3.0
Cisco » Catalyst Center » Version: 2.2.3.3

cpe:2.3:a:cisco:catalyst_center:2.2.3.3
Cisco » Catalyst Center » Version: 2.2.3.4

cpe:2.3:a:cisco:catalyst_center:2.2.3.4
Cisco » Catalyst Center » Version: 2.2.3.5

cpe:2.3:a:cisco:catalyst_center:2.2.3.5
Cisco » Catalyst Center » Version: 2.3.3.6

cpe:2.3:a:cisco:catalyst_center:2.3.3.6
Cisco » Catalyst Center » Version: 2.3.3.7

cpe:2.3:a:cisco:catalyst_center:2.3.3.7
Cisco » Catalyst Center » Version: 2.3.4

cpe:2.3:a:cisco:catalyst_center:2.3.4
Cisco » Catalyst Center » Version: 2.3.4.0

cpe:2.3:a:cisco:catalyst_center:2.3.4.0
Cisco » Catalyst Center » Version: 2.3.5.0

cpe:2.3:a:cisco:catalyst_center:2.3.5.0
Cisco » Catalyst Center » Version: 2.3.5.3

cpe:2.3:a:cisco:catalyst_center:2.3.5.3
Cisco » Catalyst Center » Version: 2.3.5.4

cpe:2.3:a:cisco:catalyst_center:2.3.5.4
Cisco » Catalyst Center » Version: 2.3.5.5

cpe:2.3:a:cisco:catalyst_center:2.3.5.5
Cisco » Catalyst Center » Version: 2.3.5.6

cpe:2.3:a:cisco:catalyst_center:2.3.5.6
Cisco » Catalyst Center » Version: 2.3.7.0

cpe:2.3:a:cisco:catalyst_center:2.3.7.0
Cisco » Catalyst Center » Version: 2.3.7.3

cpe:2.3:a:cisco:catalyst_center:2.3.7.3
Cisco » Catalyst Center » Version: 2.3.7.4

cpe:2.3:a:cisco:catalyst_center:2.3.7.4
Cisco » Catalyst Center » Version: 2.3.7.5

cpe:2.3:a:cisco:catalyst_center:2.3.7.5
Cisco » Catalyst Center » Version: 2.3.7.6

cpe:2.3:a:cisco:catalyst_center:2.3.7.6
Cisco » Catalyst Center » Version: 2.3.7.7

cpe:2.3:a:cisco:catalyst_center:2.3.7.7
Cisco » Catalyst Center » Version: 2.3.7.9

cpe:2.3:a:cisco:catalyst_center:2.3.7.9

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2025-20349

Products

Pricing

Contact Us