VYPR

Digital Network Architecture Center (DNA Center)

by Cisco Systems, Inc.

CVEs (35)

  • CVE-2025-20349MedNov 13, 2025
    risk 0.41cvss 6.3epss 0.00

    A vulnerability in the REST API of Cisco Catalyst Center could allow an authenticated, remote attacker to execute arbitrary commands in a restricted container as the root user. This vulnerability is due to insufficient validation of user-supplied input in REST API request…

  • CVE-2025-20353MedNov 13, 2025
    risk 0.40cvss 6.1epss 0.00

    A vulnerability in the web-based management interface of Cisco Catalyst Center could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface of an affected device. This vulnerability is due to insufficient…

  • CVE-2020-3466MedAug 26, 2020
    risk 0.40cvss 6.1epss 0.01

    Multiple vulnerabilities in the web-based management interface of Cisco DNA Center software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface of an affected device. The vulnerabilities exist because the…

  • CVE-2023-20184MedMay 18, 2023
    risk 0.35cvss 5.4epss 0.00

    Multiple vulnerabilities in the API of Cisco DNA Center Software could allow an authenticated, remote attacker to read information from a restricted container, enumerate user information, or execute arbitrary commands in a restricted container as the root user. For more…

  • CVE-2023-20183MedMay 18, 2023
    risk 0.35cvss 5.4epss 0.00

    Multiple vulnerabilities in the API of Cisco DNA Center Software could allow an authenticated, remote attacker to read information from a restricted container, enumerate user information, or execute arbitrary commands in a restricted container as the root user. For more…

  • CVE-2023-20182MedMay 18, 2023
    risk 0.35cvss 5.4epss 0.01

    Multiple vulnerabilities in the API of Cisco DNA Center Software could allow an authenticated, remote attacker to read information from a restricted container, enumerate user information, or execute arbitrary commands in a restricted container as the root user. For more…

  • CVE-2019-1707MedMar 11, 2019
    risk 0.35cvss 5.4epss 0.01

    A vulnerability in the web-based management interface of Cisco DNA Center could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. The vulnerability is due to…

  • CVE-2019-15253MedFeb 5, 2020
    risk 0.34cvss 4.8epss 0.03

    A vulnerability in the web-based management interface of Cisco Digital Network Architecture (DNA) Center could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the web-based management interface of an affected…

  • CVE-2025-20223MedMay 7, 2025
    risk 0.31cvss 4.7epss 0.00

    A vulnerability in Cisco Catalyst Center, formerly Cisco DNA Center, could allow an authenticated, remote attacker to read and modify data in a repository that belongs to an internal service of an affected device. This vulnerability is due to insufficient enforcement of…

  • CVE-2021-1130MedJan 13, 2021
    risk 0.31cvss 4.8epss 0.01

    A vulnerability in the web-based management interface of Cisco DNA Center software could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface of an affected device. The vulnerability exists because the web-based…

  • CVE-2022-20630MedFeb 10, 2022
    risk 0.29cvss 4.4epss 0.00

    A vulnerability in the audit log of Cisco DNA Center could allow an authenticated, local attacker to view sensitive information in clear text. This vulnerability is due to the unsecured logging of sensitive information on an affected system. An attacker with administrative…

  • CVE-2025-20346MedNov 13, 2025
    risk 0.28cvss 4.3epss 0.00

    A vulnerability in Cisco Catalyst Center could allow an authenticated, remote attacker to execute operations that should require Administrator privileges. The attacker would need valid read-only user credentials. This vulnerability is due to improper role-based access control…

  • CVE-2024-20333MedMar 27, 2024
    risk 0.28cvss 4.3epss 0.00

    A vulnerability in the web-based management interface of Cisco Catalyst Center, formerly Cisco DNA Center, could allow an authenticated, remote attacker to change specific data within the interface on an affected device. This vulnerability is due to insufficient authorization…

  • CVE-2023-20059MedMar 23, 2023
    risk 0.28cvss 4.3epss 0.00

    A vulnerability in the implementation of the Cisco Network Plug-and-Play (PnP) agent of Cisco DNA Center could allow an authenticated, remote attacker to view sensitive information in clear text. The attacker must have valid low-privileged user credentials. This vulnerability is…

  • CVE-2021-34782MedOct 6, 2021
    risk 0.28cvss 4.3epss 0.01

    A vulnerability in the API endpoints for Cisco DNA Center could allow an authenticated, remote attacker to gain access to sensitive information that should be restricted. The attacker must have valid device credentials. This vulnerability is due to improper access controls on…

Page 2 of 2