Catalyst
CVEs (11)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2002-1222 | 0.04 | — | 0.09 | Oct 28, 2002 | Buffer overflow in the embedded HTTP server for Cisco Catalyst switches running CatOS 5.4 through 7.3 allows remote attackers to cause a denial of service (reset) via a long HTTP request. | |||
| CVE-2001-0080 | 0.04 | — | 0.09 | Feb 12, 2001 | Cisco Catalyst 6000, 5000, or 4000 switches allow remote attackers to cause a denial of service by connecting to the SSH service with a non-SSH client, which generates a protocol mismatch error. | |||
| CVE-2025-20346 | 0.00 | — | 0.00 | Nov 13, 2025 | A vulnerability in Cisco Catalyst Center could allow an authenticated, remote attacker to execute operations that should require Administrator privileges. The attacker would need valid read-only user credentials. This vulnerability is due to improper role-based access control… | |||
| CVE-2025-20353 | 0.00 | — | 0.00 | Nov 13, 2025 | A vulnerability in the web-based management interface of Cisco Catalyst Center could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface of an affected device. This vulnerability is due to insufficient… | |||
| CVE-2025-20223 | 0.00 | — | 0.00 | May 7, 2025 | A vulnerability in Cisco Catalyst Center, formerly Cisco DNA Center, could allow an authenticated, remote attacker to read and modify data in a repository that belongs to an internal service of an affected device. This vulnerability is due to insufficient enforcement of… | |||
| CVE-2025-20210 | 0.00 | — | 0.00 | May 7, 2025 | A vulnerability in the management API of Cisco Catalyst Center, formerly Cisco DNA Center, could allow an unauthenticated, remote attacker to read and modify the outgoing proxy configuration settings. This vulnerability is due to the lack of authentication in an API endpoint.… | |||
| CVE-2009-1166 | 0.00 | — | 0.02 | Jul 29, 2009 | The administrative web interface on the Cisco Wireless LAN Controller (WLC) platform 4.x before 4.2.205.0 and 5.x before 5.2.191.0, as used in Cisco 1500 Series, 2000 Series, 2100 Series, 4100 Series, 4200 Series, and 4400 Series Wireless Services Modules (WiSM), WLC Modules for… | |||
| CVE-2005-4258 | 0.00 | — | 0.02 | Dec 15, 2005 | Unspecified Cisco Catalyst Switches allow remote attackers to cause a denial of service (device crash) via an IP packet with the same source and destination IPs and ports, and with the SYN flag set (aka LanD). NOTE: the provenance of this issue is unknown; the details are… | |||
| CVE-2005-1942 | 0.00 | — | 0.02 | Jun 10, 2005 | Cisco switches that support 802.1x security allow remote attackers to bypass port security and gain access to the VLAN via spoofed Cisco Discovery Protocol (CDP) messages. | |||
| CVE-2003-0216 | 0.00 | — | 0.02 | May 12, 2003 | Unknown vulnerability in Cisco Catalyst 7.5(1) allows local users to bypass authentication and gain access to the enable mode without a password. | |||
| CVE-2000-0267 | 0.00 | — | 0.00 | Apr 20, 2000 | Cisco Catalyst 5.4.x allows a user to gain access to the "enable" mode without a password. |
- CVE-2002-1222Oct 28, 2002risk 0.04cvss —epss 0.09
Buffer overflow in the embedded HTTP server for Cisco Catalyst switches running CatOS 5.4 through 7.3 allows remote attackers to cause a denial of service (reset) via a long HTTP request.
- CVE-2001-0080Feb 12, 2001risk 0.04cvss —epss 0.09
Cisco Catalyst 6000, 5000, or 4000 switches allow remote attackers to cause a denial of service by connecting to the SSH service with a non-SSH client, which generates a protocol mismatch error.
- CVE-2025-20346Nov 13, 2025risk 0.00cvss —epss 0.00
A vulnerability in Cisco Catalyst Center could allow an authenticated, remote attacker to execute operations that should require Administrator privileges. The attacker would need valid read-only user credentials. This vulnerability is due to improper role-based access control…
- CVE-2025-20353Nov 13, 2025risk 0.00cvss —epss 0.00
A vulnerability in the web-based management interface of Cisco Catalyst Center could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface of an affected device. This vulnerability is due to insufficient…
- CVE-2025-20223May 7, 2025risk 0.00cvss —epss 0.00
A vulnerability in Cisco Catalyst Center, formerly Cisco DNA Center, could allow an authenticated, remote attacker to read and modify data in a repository that belongs to an internal service of an affected device. This vulnerability is due to insufficient enforcement of…
- CVE-2025-20210May 7, 2025risk 0.00cvss —epss 0.00
A vulnerability in the management API of Cisco Catalyst Center, formerly Cisco DNA Center, could allow an unauthenticated, remote attacker to read and modify the outgoing proxy configuration settings. This vulnerability is due to the lack of authentication in an API endpoint.…
- CVE-2009-1166Jul 29, 2009risk 0.00cvss —epss 0.02
The administrative web interface on the Cisco Wireless LAN Controller (WLC) platform 4.x before 4.2.205.0 and 5.x before 5.2.191.0, as used in Cisco 1500 Series, 2000 Series, 2100 Series, 4100 Series, 4200 Series, and 4400 Series Wireless Services Modules (WiSM), WLC Modules for…
- CVE-2005-4258Dec 15, 2005risk 0.00cvss —epss 0.02
Unspecified Cisco Catalyst Switches allow remote attackers to cause a denial of service (device crash) via an IP packet with the same source and destination IPs and ports, and with the SYN flag set (aka LanD). NOTE: the provenance of this issue is unknown; the details are…
- CVE-2005-1942Jun 10, 2005risk 0.00cvss —epss 0.02
Cisco switches that support 802.1x security allow remote attackers to bypass port security and gain access to the VLAN via spoofed Cisco Discovery Protocol (CDP) messages.
- CVE-2003-0216May 12, 2003risk 0.00cvss —epss 0.02
Unknown vulnerability in Cisco Catalyst 7.5(1) allows local users to bypass authentication and gain access to the enable mode without a password.
- CVE-2000-0267Apr 20, 2000risk 0.00cvss —epss 0.00
Cisco Catalyst 5.4.x allows a user to gain access to the "enable" mode without a password.