PT-2025-46855 · Cisco · Cisco Catalyst Center Virtual Appliance
Published
2025-11-13
·
Updated
2025-11-13
·
CVE-2025-20355
CVSS v2.0
5.0
Medium
| Vector | AV:N/AC:L/Au:N/C:N/I:P/A:N |
Name of the Vulnerable Software and Affected Versions
Cisco Catalyst Center Virtual Appliance (affected versions not specified)
Description
A flaw exists in the web-based management interface that may allow a remote attacker to redirect a user to a malicious web page without authentication. This is caused by improper validation of HTTP request parameters. An attacker could exploit this by intercepting and modifying an HTTP request. Successful exploitation could lead to redirection to a malicious web page.
Recommendations
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Open Redirect
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Cisco Catalyst Center Virtual Appliance