CVE-2025-20256: Cisco Secure Network Analytics Manager Server-Side Template Injection Vulnerability

6.5 CVSS

Description

A vulnerability in the web-based management interface of Cisco Secure Network Analytics Manager and Cisco Secure Network Analytics Virtual Manager could allow an authenticated, remote attacker with valid administrative credentials to execute arbitrary commands as root on the underlying operating system.

This vulnerability is due to insufficient input validation in specific fields of the web-based management interface. An attacker with valid administrative credentials could exploit this vulnerability by sending crafted input to an affected device. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with root privileges.

Classification

CVE ID: CVE-2025-20256

CVSS Base Severity: MEDIUM

CVSS Base Score: 6.5

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N

Problem Types

Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')

Affected Products

Vendor: Cisco

Product: Cisco Secure Network Analytics

Exploit Prediction Scoring System (EPSS)

EPSS Score: 0.06% (probability of being exploited)

EPSS Percentile: 19.05% (scored less or equal to compared to others)

EPSS Date: 2025-06-03 (when was this score calculated)

References

https://nvd.nist.gov/vuln/detail/CVE-2025-20256
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sna-ssti-dPuLqSmZ

Timeline

2025-05-21 16:00:22 UTC
Cisco Security Advisory

Cisco Secure Network Analytics Manager Privilege Escalation Vulnerability
2025-05-21 17:40:13 UTC
CVE

Cisco Secure Network Analytics Manager Server-Side Template Injection Vulnerability