Ce mail provient de l'extérieur, restons vigilants

=====================================================================

                            CERT-Renater

                Note d'Information No. 2025/VULN124

_____________________________________________________________________

DATE                : 26/02/2025

HARDWARE PLATFORM(S): /

OPERATING SYSTEM(S): Systems running Cisco Nexus 3000 and 9000 Series
                         Switches Health Monitoring Diagnostics,
                   Cisco Application Policy Infrastructure Controller,
                   Cisco Nexus 3000 and 9000 Series Switches software.

=====================================================================
https://sec.cloudapps.cisco.com/security/center/publicationListing.x
_____________________________________________________________________

Below is the list of Cisco Security Advisories published by Cisco
PSIRT on 2025-February-26.

The following PSIRT security advisories (1 High, 2 Medium) were
published at 16:00 UTC today.

Table of Contents:

1) Cisco Nexus 3000 and 9000 Series Switches Health Monitoring
Diagnostics Denial of Service Vulnerability - SIR: High

2) Cisco Application Policy Infrastructure Controller Vulnerabilities
- SIR: Medium

3) Cisco Nexus 3000 and 9000 Series Switches Command Injection
Vulnerability - SIR: Medium

+--------------------------------------------------------------------

1) Cisco Nexus 3000 and 9000 Series Switches Health Monitoring
Diagnostics Denial of Service Vulnerability

CVE-2025-20111

SIR: High

CVSS Score v(3.1): 7.4

URL: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-n3kn9k-healthdos-eOqSWK4g ["https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-n3kn9k-healthdos-eOqSWK4g"]

+--------------------------------------------------------------------

2) Cisco Application Policy Infrastructure Controller
Vulnerabilities

CVE-2025-20116, CVE-2025-20117, CVE-2025-20118, CVE-2025-20119

SIR: Medium

CVSS Score v(3.1): 6.0

URL: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apic-multi-vulns-9ummtg5 ["https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apic-multi-vulns-9ummtg5"]

+--------------------------------------------------------------------

3) Cisco Nexus 3000 and 9000 Series Switches Command Injection
Vulnerability

CVE-2025-20161

SIR: Medium

CVSS Score v(3.1): 5.1

URL: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-ici-dpOjbWxk ["https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-ici-dpOjbWxk"]


=========================================================
+ CERT-RENATER        |    tel : 01-53-94-20-44         +
+ 23/25 Rue Daviel    |    fax : 01-53-94-20-41         +
+ 75013 Paris         |   email:cert@support.renater.fr +
=========================================================