CVE-2025-20301

Name of the Vulnerable Software and Affected Versions: Cisco Secure FMC Software (affected versions not specified)

Description: A vulnerability exists in the web-based management interface of Cisco Secure FMC Software that could allow an authenticated, low-privileged, remote attacker to access troubleshoot files for a different domain. This issue is due to missing authorization checks, allowing an attacker to directly access troubleshoot files belonging to other domains managed within the same Cisco Secure FMC instance. Successful exploitation could lead to the retrieval of sensitive information contained within these files.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.