CVE-2025-20341

Name of the Vulnerable Software and Affected Versions Cisco Catalyst Center Virtual Appliance (affected versions not specified)

Description A flaw exists in Cisco Catalyst Center Virtual Appliance that could allow a remote attacker with valid credentials for a user account with at least the role of Observer to elevate privileges to Administrator on an affected system. This is due to insufficient validation of user-supplied input. An attacker could exploit this by submitting a crafted HTTP request to the system. A successful exploit could allow the attacker to perform unauthorized modifications, including creating new user accounts or elevating their own privileges.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.