CVE-2025-20216: Cisco Catalyst SD-WAN Manager Reflected HTML Injection Vulnerability

4.7 CVSS

Description

A vulnerability in the web interface of Cisco Catalyst SD-WAN Manager, formerly Cisco SD-WAN vManage, could allow an unauthenticated, remote attacker to inject HTML into the browser of an authenticated user.

This vulnerability is due to improper sanitization of input to the web interface. An attacker could exploit this vulnerability by convincing an authenticated user to click a malicious link. A successful exploit could allow the attacker to inject HTML into the browser of an authenticated Cisco Catalyst SD-WAN Manager user.

Classification

CVE ID: CVE-2025-20216

CVSS Base Severity: MEDIUM

CVSS Base Score: 4.7

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N

Problem Types

Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')

Affected Products

Vendor: Cisco

Product: Cisco Catalyst SD-WAN Manager

Exploit Prediction Scoring System (EPSS)

EPSS Score: 0.05% (probability of being exploited)

EPSS Percentile: 13.61% (scored less or equal to compared to others)

EPSS Date: 2025-05-13 (when was this score calculated)

Stakeholder-Specific Vulnerability Categorization (SSVC)

SSVC Exploitation: none

SSVC Technical Impact: partial

SSVC Automatable: false

References

https://nvd.nist.gov/vuln/detail/CVE-2025-20216
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-vmanage-html-inj-GxVtK6zj

Timeline

2025-05-07 16:00:41 UTC
Cisco Security Advisory

Cisco Catalyst SD-WAN Manager Reflected HTML Injection Vulnerability
2025-05-07 18:40:14 UTC
CVE

Cisco Catalyst SD-WAN Manager Reflected HTML Injection Vulnerability