Ce mail provient de l'extérieur, restons vigilants

=====================================================================

                            CERT-Renater

                Note d'Information No. 2025/VULN236

_____________________________________________________________________

DATE                : 17/04/2025

HARDWARE PLATFORM(S): /

OPERATING SYSTEM(S): Systems running Cisco Webex App Client-Side,
                       Cisco Secure Network Analytics,
                       Cisco Nexus Dashboard.

=====================================================================
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webex-app-client-rce-ufyMMYLC
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sna-prvesc-4BQmK33Z
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nd-unenum-2xFFh472
_____________________________________________________________________

Below is the list of Cisco Security Advisories published by Cisco
PSIRT on 2025-April-16.

The following PSIRT security advisories (1 High, 2 Medium) were
published at 16:00 UTC today.

Table of Contents:

1) Cisco Webex App Client-Side Remote Code Execution Vulnerability
- SIR: High

2) Cisco Secure Network Analytics Privilege Escalation Vulnerability
- SIR: Medium

3) Cisco Nexus Dashboard LDAP Username Enumeration Vulnerability
- SIR: Medium

+--------------------------------------------------------------------

1) Cisco Webex App Client-Side Remote Code Execution Vulnerability

CVE-2025-20236

SIR: High

CVSS Score v(3.1): 8.8

URL: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webex-app-client-rce-ufyMMYLC ["https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webex-app-client-rce-ufyMMYLC"]

+--------------------------------------------------------------------

2) Cisco Secure Network Analytics Privilege Escalation Vulnerability

CVE-2025-20178

SIR: Medium

CVSS Score v(3.1): 6.0

URL: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sna-prvesc-4BQmK33Z ["https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sna-prvesc-4BQmK33Z"]

+--------------------------------------------------------------------

3) Cisco Nexus Dashboard LDAP Username Enumeration Vulnerability

CVE-2025-20150

SIR: Medium

CVSS Score v(3.1): 5.3

URL: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nd-unenum-2xFFh472 ["https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nd-unenum-2xFFh472"]


=========================================================
+ CERT-RENATER        |    tel : 01-53-94-20-44         +
+ 23/25 Rue Daviel    |    fax : 01-53-94-20-41         +
+ 75013 Paris         |   email:cert@support.renater.fr +
=========================================================