VYPR

Cisco Catalyst Center

by Cisco Systems, Inc.

CVEs (7)

  • CVE-2024-20350HigSep 25, 2024
    risk 0.49cvss 7.5epss 0.00

    A vulnerability in the SSH server of Cisco Catalyst Center, formerly Cisco DNA Center, could allow an unauthenticated, remote attacker to impersonate a Cisco Catalyst Center appliance. This vulnerability is due to the presence of a static SSH host key. An attacker could…

  • CVE-2025-20210HigMay 7, 2025
    risk 0.47cvss 7.3epss 0.00

    A vulnerability in the management API of Cisco Catalyst Center, formerly Cisco DNA Center, could allow an unauthenticated, remote attacker to read and modify the outgoing proxy configuration settings. This vulnerability is due to the lack of authentication in an API endpoint.…

  • CVE-2025-20349MedNov 13, 2025
    risk 0.41cvss 6.3epss 0.00

    A vulnerability in the REST API of Cisco Catalyst Center could allow an authenticated, remote attacker to execute arbitrary commands in a restricted container as the root user. This vulnerability is due to insufficient validation of user-supplied input in REST API request…

  • CVE-2025-20353MedNov 13, 2025
    risk 0.40cvss 6.1epss 0.00

    A vulnerability in the web-based management interface of Cisco Catalyst Center could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface of an affected device. This vulnerability is due to insufficient…

  • CVE-2025-20223MedMay 7, 2025
    risk 0.31cvss 4.7epss 0.00

    A vulnerability in Cisco Catalyst Center, formerly Cisco DNA Center, could allow an authenticated, remote attacker to read and modify data in a repository that belongs to an internal service of an affected device. This vulnerability is due to insufficient enforcement of…

  • CVE-2025-20346MedNov 13, 2025
    risk 0.28cvss 4.3epss 0.00

    A vulnerability in Cisco Catalyst Center could allow an authenticated, remote attacker to execute operations that should require Administrator privileges. The attacker would need valid read-only user credentials. This vulnerability is due to improper role-based access control…

  • CVE-2024-20333MedMar 27, 2024
    risk 0.28cvss 4.3epss 0.00

    A vulnerability in the web-based management interface of Cisco Catalyst Center, formerly Cisco DNA Center, could allow an authenticated, remote attacker to change specific data within the interface on an affected device. This vulnerability is due to insufficient authorization…