CVE-2025-20295

Name of the Vulnerable Software and Affected Versions: Cisco UCS Manager Software (affected versions not specified)

Description: A vulnerability in the Cisco UCS Manager Software Command Line Interface (CLI) may allow an authenticated, local attacker with administrative privileges to read, create, or overwrite files on the underlying operating system's file system, including system files. This issue is due to insufficient validation of user-supplied command arguments. An attacker could exploit this by authenticating to a device and submitting crafted input to the affected command.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.