CVE-2025-20118

Name of the Vulnerable Software and Affected Versions Cisco APIC (affected versions not specified)

Description A vulnerability in the implementation of internal system processes could allow an authenticated, local attacker to access sensitive information on an affected device. The attacker must have valid administrative credentials to exploit this issue. This vulnerability is due to insufficient masking of sensitive information displayed through system CLI commands. An attacker could exploit this by using reconnaissance techniques at the device CLI, potentially accessing sensitive information that could be used for additional attacks.

Recommendations Update to a version of Cisco APIC that includes the software updates released by Cisco to address this vulnerability.