← Back

CVE-2025-20118

nvd nist
Published: Feb 26, 2025Modified: Jul 31, 2025

JSON object

Loading...
4.4
Vector
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
Exploitability: 0.8 / Impact: 3.6
Source: psirt@cisco.com (Secondary)

Description

A vulnerability in the implementation of the internal system processes of Cisco APIC could allow an authenticated, local attacker to access sensitive information on an affected device. To exploit this vulnerability, the attacker must have valid administrative credentials. This vulnerability is due to insufficient masking of sensitive information that is displayed through system CLI commands. An attacker could exploit this vulnerability by using reconnaissance techniques at the device CLI. A successful exploit could allow the attacker to access sensitive information on an affected device that could be used for additional attacks.

Affected (128)

Cisco
1 product
Application Policy Infrastructure Controller
Configuration A
128 vulnerable
Vulnerable SoftwareAffected Versions
Cisco
Application Policy Infrastructure Controller
Version 3.2(10e)
Application Policy Infrastructure Controller
Version 3.2(10f)
Application Policy Infrastructure Controller
Version 3.2(10g)
Application Policy Infrastructure Controller
Version 3.2(1l)
Application Policy Infrastructure Controller
Version 3.2(1m)
Application Policy Infrastructure Controller
Version 3.2(2l)
Application Policy Infrastructure Controller
Version 3.2(2o)
Application Policy Infrastructure Controller
Version 3.2(3i)
Application Policy Infrastructure Controller
Version 3.2(3j)
Application Policy Infrastructure Controller
Version 3.2(3n)
Application Policy Infrastructure Controller
Version 3.2(3o)
Application Policy Infrastructure Controller
Version 3.2(3r)
Application Policy Infrastructure Controller
Version 3.2(3s)
Application Policy Infrastructure Controller
Version 3.2(41d)
Application Policy Infrastructure Controller
Version 3.2(4d)
Application Policy Infrastructure Controller
Version 3.2(4e)
Application Policy Infrastructure Controller
Version 3.2(5d)
Application Policy Infrastructure Controller
Version 3.2(5e)
Application Policy Infrastructure Controller
Version 3.2(5f)
Application Policy Infrastructure Controller
Version 3.2(6i)
Application Policy Infrastructure Controller
Version 3.2(7f)
Application Policy Infrastructure Controller
Version 3.2(7k)
Application Policy Infrastructure Controller
Version 3.2(8d)
Application Policy Infrastructure Controller
Version 3.2(9b)
Application Policy Infrastructure Controller
Version 3.2(9f)
Application Policy Infrastructure Controller
Version 3.2(9h)
Application Policy Infrastructure Controller
Version 4.0(1h)
Application Policy Infrastructure Controller
Version 4.0(2c)
Application Policy Infrastructure Controller
Version 4.0(3c)
Application Policy Infrastructure Controller
Version 4.0(3d)
Application Policy Infrastructure Controller
Version 4.1(1a)
Application Policy Infrastructure Controller
Version 4.1(1i)
Application Policy Infrastructure Controller
Version 4.1(1j)
Application Policy Infrastructure Controller
Version 4.1(1k)
Application Policy Infrastructure Controller
Version 4.1(1l)
Application Policy Infrastructure Controller
Version 4.1(2g)
Application Policy Infrastructure Controller
Version 4.1(2m)
Application Policy Infrastructure Controller
Version 4.1(2o)
Application Policy Infrastructure Controller
Version 4.1(2s)
Application Policy Infrastructure Controller
Version 4.1(2u)
Application Policy Infrastructure Controller
Version 4.1(2w)
Application Policy Infrastructure Controller
Version 4.1(2x)
Application Policy Infrastructure Controller
Version 4.2(1g)
Application Policy Infrastructure Controller
Version 4.2(1i)
Application Policy Infrastructure Controller
Version 4.2(1j)
Application Policy Infrastructure Controller
Version 4.2(1l)
Application Policy Infrastructure Controller
Version 4.2(2e)
Application Policy Infrastructure Controller
Version 4.2(2f)
Application Policy Infrastructure Controller
Version 4.2(2g)
Application Policy Infrastructure Controller
Version 4.2(3j)
Application Policy Infrastructure Controller
Version 4.2(3l)
Application Policy Infrastructure Controller
Version 4.2(3n)
Application Policy Infrastructure Controller
Version 4.2(3q)
Application Policy Infrastructure Controller
Version 4.2(4i)
Application Policy Infrastructure Controller
Version 4.2(4k)
Application Policy Infrastructure Controller
Version 4.2(4o)
Application Policy Infrastructure Controller
Version 4.2(4p)
Application Policy Infrastructure Controller
Version 4.2(5k)
Application Policy Infrastructure Controller
Version 4.2(5l)
Application Policy Infrastructure Controller
Version 4.2(5n)
Application Policy Infrastructure Controller
Version 4.2(6d)
Application Policy Infrastructure Controller
Version 4.2(6g)
Application Policy Infrastructure Controller
Version 4.2(6h)
Application Policy Infrastructure Controller
Version 4.2(6l)
Application Policy Infrastructure Controller
Version 4.2(6o)
Application Policy Infrastructure Controller
Version 4.2(7f)
Application Policy Infrastructure Controller
Version 4.2(7l)
Application Policy Infrastructure Controller
Version 4.2(7q)
Application Policy Infrastructure Controller
Version 4.2(7r)
Application Policy Infrastructure Controller
Version 4.2(7s)
Application Policy Infrastructure Controller
Version 4.2(7t)
Application Policy Infrastructure Controller
Version 4.2(7u)
Application Policy Infrastructure Controller
Version 4.2(7v)
Application Policy Infrastructure Controller
Version 4.2(7w)
Application Policy Infrastructure Controller
Version 5.0(1k)
Application Policy Infrastructure Controller
Version 5.0(1l)
Application Policy Infrastructure Controller
Version 5.0(2e)
Application Policy Infrastructure Controller
Version 5.0(2h)
Application Policy Infrastructure Controller
Version 5.1(1h)
Application Policy Infrastructure Controller
Version 5.1(2e)
Application Policy Infrastructure Controller
Version 5.1(3e)
Application Policy Infrastructure Controller
Version 5.1(4c)
Application Policy Infrastructure Controller
Version 5.2(1g)
Application Policy Infrastructure Controller
Version 5.2(2e)
Application Policy Infrastructure Controller
Version 5.2(2f)
Application Policy Infrastructure Controller
Version 5.2(2g)
Application Policy Infrastructure Controller
Version 5.2(2h)
Application Policy Infrastructure Controller
Version 5.2(3e)
Application Policy Infrastructure Controller
Version 5.2(3f)
Application Policy Infrastructure Controller
Version 5.2(3g)
Application Policy Infrastructure Controller
Version 5.2(4d)
Application Policy Infrastructure Controller
Version 5.2(4e)
Application Policy Infrastructure Controller
Version 5.2(4f)
Application Policy Infrastructure Controller
Version 5.2(4h)
Application Policy Infrastructure Controller
Version 5.2(5c)
Application Policy Infrastructure Controller
Version 5.2(5d)
Application Policy Infrastructure Controller
Version 5.2(5e)
Application Policy Infrastructure Controller
Version 5.2(6e)
Application Policy Infrastructure Controller
Version 5.2(6g)
Application Policy Infrastructure Controller
Version 5.2(6h)
Application Policy Infrastructure Controller
Version 5.2(7f)
Application Policy Infrastructure Controller
Version 5.2(7g)
Application Policy Infrastructure Controller
Version 5.2(8d)
Application Policy Infrastructure Controller
Version 5.2(8e)
Application Policy Infrastructure Controller
Version 5.2(8f)
Application Policy Infrastructure Controller
Version 5.2(8g)
Application Policy Infrastructure Controller
Version 5.2(8h)
Application Policy Infrastructure Controller
Version 5.2(8i)
Application Policy Infrastructure Controller
Version 5.3(1d)
Application Policy Infrastructure Controller
Version 5.3(2a)
Application Policy Infrastructure Controller
Version 5.3(2b)
Application Policy Infrastructure Controller
Version 5.3(2c)
Application Policy Infrastructure Controller
Version 5.3(2d)
Application Policy Infrastructure Controller
Version 5.3(2e)
Application Policy Infrastructure Controller
Version 6.0(1g)
Application Policy Infrastructure Controller
Version 6.0(1j)
Application Policy Infrastructure Controller
Version 6.0(2h)
Application Policy Infrastructure Controller
Version 6.0(2j)
Application Policy Infrastructure Controller
Version 6.0(3d)
Application Policy Infrastructure Controller
Version 6.0(3e)
Application Policy Infrastructure Controller
Version 6.0(3g)
Application Policy Infrastructure Controller
Version 6.0(4c)
Application Policy Infrastructure Controller
Version 6.0(5h)
Application Policy Infrastructure Controller
Version 6.0(5j)
Application Policy Infrastructure Controller
Version 6.0(6c)
Application Policy Infrastructure Controller
Version 6.0(7e)
Application Policy Infrastructure Controller
Version 6.0(8d)
Application Policy Infrastructure Controller
Version 6.1(1f)

Related CWEs

CWE-212
Improper Removal of Sensitive Information Before Storage or Transfer
The product stores, transfers, or shares a resource that contains sensitive information, but it does not properly remove that information before the product makes the resource available to unauthorized actors.

References (1)

Source: psirt@cisco.com
Vendor Advisory

Timeline

No history available yet.