CVE-2025-20347

🗓️ 27 Aug 2025 16:22:59Reported by ciscoType

CVE-2025-20347: Nexus REST API auth missing; attacker can view data and upload or modify images.

Reporter	Title	Published	Views	Family All 11
Cisco	Cisco Nexus Dashboard and Nexus Dashboard Fabric Controller Unauthorized REST API Vulnerabilities	27 Aug 202516:00	–	cisco
Tenable Nessus	Cisco Nexus Dashboard < 4.1(1g) Multiple Vulnerabilities (cisco-sa-nshs-urapi-gJuBVFpu)	5 Sep 202500:00	–	nessus
CNNVD	Cisco Nexus Dashboard和Cisco Nexus Dashboard Fabric Controller 安全漏洞	27 Aug 202500:00	–	cnnvd
Cvelist	CVE-2025-20347 Cisco Nexus Dashboard Fabric Controller Unauthorized REST API Vulnerability	27 Aug 202516:22	–	cvelist
EUVD	EUVD-2025-25939	3 Oct 202520:07	–	euvd
NCSC	Vulnerabilities fixed in Cisco NX-OS Software	11 Sep 202508:18	–	ncsc
NVD	CVE-2025-20347	27 Aug 202517:15	–	nvd
OSV	CVE-2025-20347	27 Aug 202517:15	–	osv
Positive Technologies	PT-2025-34897 · Cisco · Cisco Nexus Dashboard +1	27 Aug 202500:00	–	ptsecurity
RedhatCVE	CVE-2025-20347	30 Aug 202518:19	–	redhatcve

NVD

Node

cisco nexus_dashboardRange<4.1(1g)

[
  {
    "vendor": "Cisco",
    "product": "Cisco Data Center Network Manager",
    "versions": [
      {
        "version": "11.2(1)",
        "status": "affected"
      },
      {
        "version": "7.0(2)",
        "status": "affected"
      },
      {
        "version": "10.3(2)IPFM",
        "status": "affected"
      },
      {
        "version": "10.1(1)",
        "status": "affected"
      },
      {
        "version": "7.2(3)",
        "status": "affected"
      },
      {
        "version": "7.2(2)",
        "status": "affected"
      },
      {
        "version": "7.2(1)",
        "status": "affected"
      },
      {
        "version": "11.0(1)",
        "status": "affected"
      },
      {
        "version": "10.4(1)",
        "status": "affected"
      },
      {
        "version": "10.2(1)",
        "status": "affected"
      },
      {
        "version": "7.2(2a)",
        "status": "affected"
      },
      {
        "version": "10.1(2)",
        "status": "affected"
      },
      {
        "version": "7.1(1)",
        "status": "affected"
      },
      {
        "version": "12.1(1)",
        "status": "affected"
      },
      {
        "version": "11.1(1)",
        "status": "affected"
      },
      {
        "version": "10.3(1)",
        "status": "affected"
      },
      {
        "version": "10.3(1)R(1)",
        "status": "affected"
      },
      {
        "version": "7.0(1)",
        "status": "affected"
      },
      {
        "version": "10.0(1)",
        "status": "affected"
      },
      {
        "version": "7.1(2)",
        "status": "affected"
      },
      {
        "version": "11.4(1)",
        "status": "affected"
      },
      {
        "version": "10.4(2)",
        "status": "affected"
      },
      {
        "version": "11.3(1)",
        "status": "affected"
      },
      {
        "version": "11.5(1)",
        "status": "affected"
      },
      {
        "version": "11.5(2)",
        "status": "affected"
      },
      {
        "version": "11.5(3)",
        "status": "affected"
      },
      {
        "version": "12.0.1a",
        "status": "affected"
      },
      {
        "version": "11.5(3a)",
        "status": "affected"
      },
      {
        "version": "12.0.2d",
        "status": "affected"
      },
      {
        "version": "12.0.2f",
        "status": "affected"
      },
      {
        "version": "11.5(4)",
        "status": "affected"
      },
      {
        "version": "12.1.1",
        "status": "affected"
      },
      {
        "version": "12.1.1e",
        "status": "affected"
      },
      {
        "version": "12.1.1p",
        "status": "affected"
      },
      {
        "version": "12.1.2e",
        "status": "affected"
      },
      {
        "version": "12.1.2p",
        "status": "affected"
      },
      {
        "version": "12.1.3b",
        "status": "affected"
      },
      {
        "version": "12.2.1",
        "status": "affected"
      },
      {
        "version": "12.2.2",
        "status": "affected"
      },
      {
        "version": "12.2.3",
        "status": "affected"
      }
    ],
    "defaultStatus": "unknown"
  }
]

Source	Link
sec	www.sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nshs-urapi-gJuBVFpu

17 Jun 2026 08:41Current

6.3Medium risk

Vulners AI Score6.3

CVSS 3.15.4

EPSS0.00232

SSVC

CWE-693