CVE-2025-20342 (GCVE-0-2025-20342)
Vulnerability from cvelistv5
Published
2025-08-27 16:23
Modified
2025-08-27 17:38
CWE
  • CWE-80 - Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)
Summary
A vulnerability in the Virtual Keyboard Video Monitor (vKVM) connection handling of Cisco Integrated Management Controller (IMC) could allow an authenticated, remote attacker with low privileges to conduct a stored cross-site scripting (XSS) attack against a user of the interface. This vulnerability is due to insufficient validation of user-supplied input by the web-based management interface of an affected system. An attacker could exploit this vulnerability by injecting malicious code into a specific data field in the interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. To exploit this vulnerability, the attacker must have valid user credentials with privileges that allow for vKVM access on the affected device. Note: The affected vKVM client is also included in Cisco UCS Manager.
Impacted products
Vendor Product Version
Cisco Cisco Unified Computing System (Managed) Version: 4.0(1a)
Version: 3.2(3n)
Version: 4.1(1a)
Version: 4.1(1b)
Version: 4.0(4h)
Version: 4.1(1c)
Version: 3.2(3k)
Version: 3.2(2c)
Version: 4.0(4e)
Version: 4.0(4g)
Version: 3.2(3i)
Version: 4.0(2e)
Version: 3.2(3g)
Version: 4.0(4a)
Version: 4.0(2d)
Version: 3.2(2d)
Version: 4.0(1b)
Version: 4.0(4f)
Version: 3.2(3h)
Version: 3.2(2f)
Version: 4.0(4c)
Version: 3.2(3a)
Version: 4.0(1c)
Version: 3.2(3d)
Version: 3.2(2b)
Version: 4.0(4b)
Version: 3.2(2e)
Version: 4.0(2b)
Version: 4.0(4d)
Version: 3.2(1d)
Version: 3.2(3e)
Version: 3.2(3l)
Version: 3.2(3b)
Version: 4.0(2a)
Version: 3.2(3j)
Version: 4.0(1d)
Version: 3.2(3o)
Version: 4.0(4i)
Version: 4.1(1d)
Version: 4.1(2a)
Version: 4.1(1e)
Version: 3.2(3p)
Version: 4.1(2b)
Version: 4.0(4k)
Version: 4.1(3a)
Version: 4.1(3b)
Version: 4.1(2c)
Version: 4.0(4l)
Version: 4.1(4a)
Version: 4.1(3c)
Version: 4.1(3d)
Version: 4.2(1c)
Version: 4.2(1d)
Version: 4.0(4m)
Version: 4.1(3e)
Version: 4.2(1f)
Version: 4.1(3f)
Version: 4.2(1i)
Version: 4.1(3h)
Version: 4.2(1k)
Version: 4.2(1l)
Version: 4.0(4n)
Version: 4.2(1m)
Version: 4.1(3i)
Version: 4.2(2a)
Version: 4.2(1n)
Version: 4.1(3j)
Version: 4.2(2c)
Version: 4.2(2d)
Version: 4.2(3b)
Version: 4.1(3k)
Version: 4.0(4o)
Version: 4.2(2e)
Version: 4.2(3d)
Version: 4.2(3e)
Version: 4.2(3g)
Version: 4.1(3l)
Version: 4.3(2b)
Version: 4.2(3h)
Version: 4.2(3i)
Version: 4.3(2c)
Version: 4.1(3m)
Version: 4.3(2e)
Version: 4.3(3a)
Version: 4.2(3j)
Version: 4.3(3c)
Version: 4.3(4a)
Version: 4.2(3k)
Version: 4.3(4b)
Version: 4.3(4c)
Version: 4.2(3l)
Version: 4.3(4d)
Version: 4.3(2f)
Version: 4.2(3m)
Version: 4.3(5a)
Version: 4.3(4e)
Version: 4.1(3n)
Version: 4.3(4f)
Version: 4.2(3n)
Version: 4.3(5c)
Version: 4.2(3o)
Version: 4.3(5d)
Version: 4.3(5e)
Create a notification for this product.
   Cisco Cisco Unified Computing System (Standalone) Version: 2.0(1a)
Version: 4.0(2g)
Version: 2.0(13f)
Version: 3.0(4n)
Version: 2.0(3e)1
Version: 3.0(3e)
Version: 2.0(8h)
Version: 2.0(10g)
Version: 3.1(2i)
Version: 3.0(3c)
Version: 3.0(4m)
Version: 3.1(1d)
Version: 3.0(3a)
Version: 3.0(1d)
Version: 2.0(9o)
Version: 2.0(13n)
Version: 4.0(4i)
Version: 4.1(1c)
Version: 2.0(13q)
Version: 2.0(3j)1
Version: 4.0(2c)
Version: 2.0(9n)
Version: 4.0(1e)
Version: 2.0(13o)
Version: 2.0(6f)
Version: 2.0(10c)
Version: 2.0(8d)
Version: 2.0(9m)
Version: 4.0(2h)
Version: 3.0(4j)
Version: 2.0(10i)
Version: 3.0(3f)
Version: 2.0(10l)
Version: 2.0(12e)
Version: 2.0(12i)
Version: 2.0(10h)
Version: 2.0(13e)
Version: 3.0(4k)
Version: 2.0(10b)
Version: 2.0(6d)
Version: 2.0(12b)
Version: 4.0(4h)
Version: 2.0(12h)
Version: 2.0(10f)
Version: 3.0(4l)
Version: 4.0(1h)
Version: 4.0(2l)
Version: 2.0(3i)
Version: 2.0(3f)3
Version: 3.0(4a)
Version: 2.0(13p)
Version: 2.0(9l)
Version: 2.0(12g)
Version: 2.0(12c)
Version: 2.0(12f)
Version: 2.0(13k)
Version: 3.0(3b)
Version: 2.0(1b)
Version: 3.1(3g)
Version: 2.0(4c)
Version: 4.0(1.240)
Version: 2.0(12d)
Version: 4.0(2f)
Version: 4.0(1g)
Version: 3.0(4d)
Version: 3.0(2b)
Version: 2.0(3d)2
Version: 2.0(3d)1
Version: 2.0(9f)
Version: 2.0(13h)
Version: 3.0(4e)
Version: 2.0(8g)
Version: 4.0(2i)
Version: 2.0(10e)
Version: 2.0(13i)
Version: 2.0(9c)
Version: 2.0(4c)1
Version: 3.0(1c)
Version: 2.0(8e)
Version: 2.0(9e)
Version: 2.0(9p)
Version: 3.1(3i)
Version: 3.0(4i)
Version: 2.0(10k)
Version: 3.0(4o)
Version: 4.0(4d)
Version: 4.1(1d)
Version: 3.1(3c)
Version: 4.0(4k)
Version: 3.1(2d)
Version: 3.1(3a)
Version: 3.1(3j)
Version: 4.0(2d)
Version: 4.1(1f)
Version: 3.0(4p)
Version: 4.0(1c)
Version: 4.0(4f)
Version: 4.0(4c)
Version: 3.1(3d)
Version: 3.1(2g)
Version: 3.1(2c)
Version: 4.0(1d)
Version: 3.1(2e)
Version: 4.0(1a)
Version: 4.0(1b)
Version: 3.1(3b)
Version: 4.0(4b)
Version: 3.1(2b)
Version: 4.0(4e)
Version: 3.1(3h)
Version: 3.0(4q)
Version: 4.0(4l)
Version: 4.1(1g)
Version: 4.1(2a)
Version: 3.0(4r)
Version: 4.0(2n)
Version: 4.1(1h)
Version: 3.1(3k)
Version: 4.1(2b)
Version: 4.0(2o)
Version: 4.0(4m)
Version: 4.1(2d)
Version: 4.1(3b)
Version: 4.0(2p)
Version: 4.1(2e)
Version: 4.1(2f)
Version: 3.0(4s)
Version: 4.0(4n)
Version: 4.0(2q)
Version: 4.1(3c)
Version: 4.0(2r)
Version: 4.1(3d)
Version: 4.1(2g)
Version: 4.1(2h)
Version: 4.1(3f)
Version: 4.1(2j)
Version: 4.1(2k)
Version: 4.1(3h)
Version: 4.2(2a)
Version: 4.1(3i)
Version: 4.2(2f)
Version: 4.2(2g)
Version: 4.2(3b)
Version: 4.1(3l)
Version: 4.2(3d)
Version: 4.3(1.230097)
Version: 4.2(1e)
Version: 4.2(1b)
Version: 4.2(1j)
Version: 4.2(1i)
Version: 4.2(1f)
Version: 4.2(1a)
Version: 4.2(1c)
Version: 4.2(1g)
Version: 4.3(1.230124)
Version: 4.1(2l)
Version: 4.2(3e)
Version: 4.3(1.230138)
Version: 4.2(3g)
Version: 4.3(2.230207)
Version: 4.2(3h)
Version: 4.2(3i)
Version: 4.3(2.230270)
Version: 4.1(3m)
Version: 4.1(2m)
Version: 4.3(2.240002)
Version: 4.3(3.240022)
Version: 4.2(3j)
Version: 4.1(3n)
Version: 4.3(2.240009)
Version: 4.3(3.240043)
Version: 4.3(4.240142)
Version: 4.3(2.240037)
Version: 4.3(2.240053)
Version: 4.3(4.240152)
Version: 4.2(3l)
Version: 4.3(2.240077)
Version: 4.3(4.242028)
Version: 4.3(4.241063)
Version: 4.3(4.242038)
Version: 4.2(3m)
Version: 4.3(2.240090)
Version: 4.3(5.240021)
Version: 4.3(2.240107)
Version: 4.3(4.242066)
Version: 4.2(3n)
Version: 4.3(2.250016)
Version: 4.3(2.250021)
Version: 4.3(2.250022)
Version: 4.3(2.250037)
Version: 4.3(2.250045)
Version: 4.3(4.252001)
Create a notification for this product.
   Cisco Cisco Unified Computing System E-Series Software (UCSE) Version: 3.2.7
Version: 3.2.6
Version: 3.2.4
Version: 3.2.10
Version: 3.2.2
Version: 3.2.3
Version: 2.4.0
Version: 3.2.1
Version: 3.2.11.1
Version: 3.2.8
Version: 3.1.1
Version: 3.0.2
Version: 2.1.0
Version: 2.2.2
Version: 3.1.2
Version: 3.0.1
Version: 2.3.2
Version: 2.3.5
Version: 2.2.1
Version: 3.1.4
Version: 2.4.1
Version: 2.3.1
Version: 3.1.3
Version: 2.3.3
Version: 2.4.2
Version: 3.1.5
Version: 3.1.0
Version: 2.0.0
Version: 3.2.11.3
Version: 3.2.11.5
Version: 3.2.12.2
Version: 3.2.13.6
Version: 3.2.14
Version: 4.11.1
Version: 3.2.15
Version: 4.12.1
Version: 3.2.15.3
Version: 4.12.2
Version: 3.2.16.1
Version: 2.02
Version: 4.00
Create a notification for this product.
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-20342",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-08-27T17:19:43.762688Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-08-27T17:38:30.823Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unknown",
          "product": "Cisco Unified Computing System (Managed)",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "4.0(1a)"
            },
            {
              "status": "affected",
              "version": "3.2(3n)"
            },
            {
              "status": "affected",
              "version": "4.1(1a)"
            },
            {
              "status": "affected",
              "version": "4.1(1b)"
            },
            {
              "status": "affected",
              "version": "4.0(4h)"
            },
            {
              "status": "affected",
              "version": "4.1(1c)"
            },
            {
              "status": "affected",
              "version": "3.2(3k)"
            },
            {
              "status": "affected",
              "version": "3.2(2c)"
            },
            {
              "status": "affected",
              "version": "4.0(4e)"
            },
            {
              "status": "affected",
              "version": "4.0(4g)"
            },
            {
              "status": "affected",
              "version": "3.2(3i)"
            },
            {
              "status": "affected",
              "version": "4.0(2e)"
            },
            {
              "status": "affected",
              "version": "3.2(3g)"
            },
            {
              "status": "affected",
              "version": "4.0(4a)"
            },
            {
              "status": "affected",
              "version": "4.0(2d)"
            },
            {
              "status": "affected",
              "version": "3.2(2d)"
            },
            {
              "status": "affected",
              "version": "4.0(1b)"
            },
            {
              "status": "affected",
              "version": "4.0(4f)"
            },
            {
              "status": "affected",
              "version": "3.2(3h)"
            },
            {
              "status": "affected",
              "version": "3.2(2f)"
            },
            {
              "status": "affected",
              "version": "4.0(4c)"
            },
            {
              "status": "affected",
              "version": "3.2(3a)"
            },
            {
              "status": "affected",
              "version": "4.0(1c)"
            },
            {
              "status": "affected",
              "version": "3.2(3d)"
            },
            {
              "status": "affected",
              "version": "3.2(2b)"
            },
            {
              "status": "affected",
              "version": "4.0(4b)"
            },
            {
              "status": "affected",
              "version": "3.2(2e)"
            },
            {
              "status": "affected",
              "version": "4.0(2b)"
            },
            {
              "status": "affected",
              "version": "4.0(4d)"
            },
            {
              "status": "affected",
              "version": "3.2(1d)"
            },
            {
              "status": "affected",
              "version": "3.2(3e)"
            },
            {
              "status": "affected",
              "version": "3.2(3l)"
            },
            {
              "status": "affected",
              "version": "3.2(3b)"
            },
            {
              "status": "affected",
              "version": "4.0(2a)"
            },
            {
              "status": "affected",
              "version": "3.2(3j)"
            },
            {
              "status": "affected",
              "version": "4.0(1d)"
            },
            {
              "status": "affected",
              "version": "3.2(3o)"
            },
            {
              "status": "affected",
              "version": "4.0(4i)"
            },
            {
              "status": "affected",
              "version": "4.1(1d)"
            },
            {
              "status": "affected",
              "version": "4.1(2a)"
            },
            {
              "status": "affected",
              "version": "4.1(1e)"
            },
            {
              "status": "affected",
              "version": "3.2(3p)"
            },
            {
              "status": "affected",
              "version": "4.1(2b)"
            },
            {
              "status": "affected",
              "version": "4.0(4k)"
            },
            {
              "status": "affected",
              "version": "4.1(3a)"
            },
            {
              "status": "affected",
              "version": "4.1(3b)"
            },
            {
              "status": "affected",
              "version": "4.1(2c)"
            },
            {
              "status": "affected",
              "version": "4.0(4l)"
            },
            {
              "status": "affected",
              "version": "4.1(4a)"
            },
            {
              "status": "affected",
              "version": "4.1(3c)"
            },
            {
              "status": "affected",
              "version": "4.1(3d)"
            },
            {
              "status": "affected",
              "version": "4.2(1c)"
            },
            {
              "status": "affected",
              "version": "4.2(1d)"
            },
            {
              "status": "affected",
              "version": "4.0(4m)"
            },
            {
              "status": "affected",
              "version": "4.1(3e)"
            },
            {
              "status": "affected",
              "version": "4.2(1f)"
            },
            {
              "status": "affected",
              "version": "4.1(3f)"
            },
            {
              "status": "affected",
              "version": "4.2(1i)"
            },
            {
              "status": "affected",
              "version": "4.1(3h)"
            },
            {
              "status": "affected",
              "version": "4.2(1k)"
            },
            {
              "status": "affected",
              "version": "4.2(1l)"
            },
            {
              "status": "affected",
              "version": "4.0(4n)"
            },
            {
              "status": "affected",
              "version": "4.2(1m)"
            },
            {
              "status": "affected",
              "version": "4.1(3i)"
            },
            {
              "status": "affected",
              "version": "4.2(2a)"
            },
            {
              "status": "affected",
              "version": "4.2(1n)"
            },
            {
              "status": "affected",
              "version": "4.1(3j)"
            },
            {
              "status": "affected",
              "version": "4.2(2c)"
            },
            {
              "status": "affected",
              "version": "4.2(2d)"
            },
            {
              "status": "affected",
              "version": "4.2(3b)"
            },
            {
              "status": "affected",
              "version": "4.1(3k)"
            },
            {
              "status": "affected",
              "version": "4.0(4o)"
            },
            {
              "status": "affected",
              "version": "4.2(2e)"
            },
            {
              "status": "affected",
              "version": "4.2(3d)"
            },
            {
              "status": "affected",
              "version": "4.2(3e)"
            },
            {
              "status": "affected",
              "version": "4.2(3g)"
            },
            {
              "status": "affected",
              "version": "4.1(3l)"
            },
            {
              "status": "affected",
              "version": "4.3(2b)"
            },
            {
              "status": "affected",
              "version": "4.2(3h)"
            },
            {
              "status": "affected",
              "version": "4.2(3i)"
            },
            {
              "status": "affected",
              "version": "4.3(2c)"
            },
            {
              "status": "affected",
              "version": "4.1(3m)"
            },
            {
              "status": "affected",
              "version": "4.3(2e)"
            },
            {
              "status": "affected",
              "version": "4.3(3a)"
            },
            {
              "status": "affected",
              "version": "4.2(3j)"
            },
            {
              "status": "affected",
              "version": "4.3(3c)"
            },
            {
              "status": "affected",
              "version": "4.3(4a)"
            },
            {
              "status": "affected",
              "version": "4.2(3k)"
            },
            {
              "status": "affected",
              "version": "4.3(4b)"
            },
            {
              "status": "affected",
              "version": "4.3(4c)"
            },
            {
              "status": "affected",
              "version": "4.2(3l)"
            },
            {
              "status": "affected",
              "version": "4.3(4d)"
            },
            {
              "status": "affected",
              "version": "4.3(2f)"
            },
            {
              "status": "affected",
              "version": "4.2(3m)"
            },
            {
              "status": "affected",
              "version": "4.3(5a)"
            },
            {
              "status": "affected",
              "version": "4.3(4e)"
            },
            {
              "status": "affected",
              "version": "4.1(3n)"
            },
            {
              "status": "affected",
              "version": "4.3(4f)"
            },
            {
              "status": "affected",
              "version": "4.2(3n)"
            },
            {
              "status": "affected",
              "version": "4.3(5c)"
            },
            {
              "status": "affected",
              "version": "4.2(3o)"
            },
            {
              "status": "affected",
              "version": "4.3(5d)"
            },
            {
              "status": "affected",
              "version": "4.3(5e)"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "Cisco Unified Computing System (Standalone)",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "2.0(1a)"
            },
            {
              "status": "affected",
              "version": "4.0(2g)"
            },
            {
              "status": "affected",
              "version": "2.0(13f)"
            },
            {
              "status": "affected",
              "version": "3.0(4n)"
            },
            {
              "status": "affected",
              "version": "2.0(3e)1"
            },
            {
              "status": "affected",
              "version": "3.0(3e)"
            },
            {
              "status": "affected",
              "version": "2.0(8h)"
            },
            {
              "status": "affected",
              "version": "2.0(10g)"
            },
            {
              "status": "affected",
              "version": "3.1(2i)"
            },
            {
              "status": "affected",
              "version": "3.0(3c)"
            },
            {
              "status": "affected",
              "version": "3.0(4m)"
            },
            {
              "status": "affected",
              "version": "3.1(1d)"
            },
            {
              "status": "affected",
              "version": "3.0(3a)"
            },
            {
              "status": "affected",
              "version": "3.0(1d)"
            },
            {
              "status": "affected",
              "version": "2.0(9o)"
            },
            {
              "status": "affected",
              "version": "2.0(13n)"
            },
            {
              "status": "affected",
              "version": "4.0(4i)"
            },
            {
              "status": "affected",
              "version": "4.1(1c)"
            },
            {
              "status": "affected",
              "version": "2.0(13q)"
            },
            {
              "status": "affected",
              "version": "2.0(3j)1"
            },
            {
              "status": "affected",
              "version": "4.0(2c)"
            },
            {
              "status": "affected",
              "version": "2.0(9n)"
            },
            {
              "status": "affected",
              "version": "4.0(1e)"
            },
            {
              "status": "affected",
              "version": "2.0(13o)"
            },
            {
              "status": "affected",
              "version": "2.0(6f)"
            },
            {
              "status": "affected",
              "version": "2.0(10c)"
            },
            {
              "status": "affected",
              "version": "2.0(8d)"
            },
            {
              "status": "affected",
              "version": "2.0(9m)"
            },
            {
              "status": "affected",
              "version": "4.0(2h)"
            },
            {
              "status": "affected",
              "version": "3.0(4j)"
            },
            {
              "status": "affected",
              "version": "2.0(10i)"
            },
            {
              "status": "affected",
              "version": "3.0(3f)"
            },
            {
              "status": "affected",
              "version": "2.0(10l)"
            },
            {
              "status": "affected",
              "version": "2.0(12e)"
            },
            {
              "status": "affected",
              "version": "2.0(12i)"
            },
            {
              "status": "affected",
              "version": "2.0(10h)"
            },
            {
              "status": "affected",
              "version": "2.0(13e)"
            },
            {
              "status": "affected",
              "version": "3.0(4k)"
            },
            {
              "status": "affected",
              "version": "2.0(10b)"
            },
            {
              "status": "affected",
              "version": "2.0(6d)"
            },
            {
              "status": "affected",
              "version": "2.0(12b)"
            },
            {
              "status": "affected",
              "version": "4.0(4h)"
            },
            {
              "status": "affected",
              "version": "2.0(12h)"
            },
            {
              "status": "affected",
              "version": "2.0(10f)"
            },
            {
              "status": "affected",
              "version": "3.0(4l)"
            },
            {
              "status": "affected",
              "version": "4.0(1h)"
            },
            {
              "status": "affected",
              "version": "4.0(2l)"
            },
            {
              "status": "affected",
              "version": "2.0(3i)"
            },
            {
              "status": "affected",
              "version": "2.0(3f)3"
            },
            {
              "status": "affected",
              "version": "3.0(4a)"
            },
            {
              "status": "affected",
              "version": "2.0(13p)"
            },
            {
              "status": "affected",
              "version": "2.0(9l)"
            },
            {
              "status": "affected",
              "version": "2.0(12g)"
            },
            {
              "status": "affected",
              "version": "2.0(12c)"
            },
            {
              "status": "affected",
              "version": "2.0(12f)"
            },
            {
              "status": "affected",
              "version": "2.0(13k)"
            },
            {
              "status": "affected",
              "version": "3.0(3b)"
            },
            {
              "status": "affected",
              "version": "2.0(1b)"
            },
            {
              "status": "affected",
              "version": "3.1(3g)"
            },
            {
              "status": "affected",
              "version": "2.0(4c)"
            },
            {
              "status": "affected",
              "version": "4.0(1.240)"
            },
            {
              "status": "affected",
              "version": "2.0(12d)"
            },
            {
              "status": "affected",
              "version": "4.0(2f)"
            },
            {
              "status": "affected",
              "version": "4.0(1g)"
            },
            {
              "status": "affected",
              "version": "3.0(4d)"
            },
            {
              "status": "affected",
              "version": "3.0(2b)"
            },
            {
              "status": "affected",
              "version": "2.0(3d)2"
            },
            {
              "status": "affected",
              "version": "2.0(3d)1"
            },
            {
              "status": "affected",
              "version": "2.0(9f)"
            },
            {
              "status": "affected",
              "version": "2.0(13h)"
            },
            {
              "status": "affected",
              "version": "3.0(4e)"
            },
            {
              "status": "affected",
              "version": "2.0(8g)"
            },
            {
              "status": "affected",
              "version": "4.0(2i)"
            },
            {
              "status": "affected",
              "version": "2.0(10e)"
            },
            {
              "status": "affected",
              "version": "2.0(13i)"
            },
            {
              "status": "affected",
              "version": "2.0(9c)"
            },
            {
              "status": "affected",
              "version": "2.0(4c)1"
            },
            {
              "status": "affected",
              "version": "3.0(1c)"
            },
            {
              "status": "affected",
              "version": "2.0(8e)"
            },
            {
              "status": "affected",
              "version": "2.0(9e)"
            },
            {
              "status": "affected",
              "version": "2.0(9p)"
            },
            {
              "status": "affected",
              "version": "3.1(3i)"
            },
            {
              "status": "affected",
              "version": "3.0(4i)"
            },
            {
              "status": "affected",
              "version": "2.0(10k)"
            },
            {
              "status": "affected",
              "version": "3.0(4o)"
            },
            {
              "status": "affected",
              "version": "4.0(4d)"
            },
            {
              "status": "affected",
              "version": "4.1(1d)"
            },
            {
              "status": "affected",
              "version": "3.1(3c)"
            },
            {
              "status": "affected",
              "version": "4.0(4k)"
            },
            {
              "status": "affected",
              "version": "3.1(2d)"
            },
            {
              "status": "affected",
              "version": "3.1(3a)"
            },
            {
              "status": "affected",
              "version": "3.1(3j)"
            },
            {
              "status": "affected",
              "version": "4.0(2d)"
            },
            {
              "status": "affected",
              "version": "4.1(1f)"
            },
            {
              "status": "affected",
              "version": "3.0(4p)"
            },
            {
              "status": "affected",
              "version": "4.0(1c)"
            },
            {
              "status": "affected",
              "version": "4.0(4f)"
            },
            {
              "status": "affected",
              "version": "4.0(4c)"
            },
            {
              "status": "affected",
              "version": "3.1(3d)"
            },
            {
              "status": "affected",
              "version": "3.1(2g)"
            },
            {
              "status": "affected",
              "version": "3.1(2c)"
            },
            {
              "status": "affected",
              "version": "4.0(1d)"
            },
            {
              "status": "affected",
              "version": "3.1(2e)"
            },
            {
              "status": "affected",
              "version": "4.0(1a)"
            },
            {
              "status": "affected",
              "version": "4.0(1b)"
            },
            {
              "status": "affected",
              "version": "3.1(3b)"
            },
            {
              "status": "affected",
              "version": "4.0(4b)"
            },
            {
              "status": "affected",
              "version": "3.1(2b)"
            },
            {
              "status": "affected",
              "version": "4.0(4e)"
            },
            {
              "status": "affected",
              "version": "3.1(3h)"
            },
            {
              "status": "affected",
              "version": "3.0(4q)"
            },
            {
              "status": "affected",
              "version": "4.0(4l)"
            },
            {
              "status": "affected",
              "version": "4.1(1g)"
            },
            {
              "status": "affected",
              "version": "4.1(2a)"
            },
            {
              "status": "affected",
              "version": "3.0(4r)"
            },
            {
              "status": "affected",
              "version": "4.0(2n)"
            },
            {
              "status": "affected",
              "version": "4.1(1h)"
            },
            {
              "status": "affected",
              "version": "3.1(3k)"
            },
            {
              "status": "affected",
              "version": "4.1(2b)"
            },
            {
              "status": "affected",
              "version": "4.0(2o)"
            },
            {
              "status": "affected",
              "version": "4.0(4m)"
            },
            {
              "status": "affected",
              "version": "4.1(2d)"
            },
            {
              "status": "affected",
              "version": "4.1(3b)"
            },
            {
              "status": "affected",
              "version": "4.0(2p)"
            },
            {
              "status": "affected",
              "version": "4.1(2e)"
            },
            {
              "status": "affected",
              "version": "4.1(2f)"
            },
            {
              "status": "affected",
              "version": "3.0(4s)"
            },
            {
              "status": "affected",
              "version": "4.0(4n)"
            },
            {
              "status": "affected",
              "version": "4.0(2q)"
            },
            {
              "status": "affected",
              "version": "4.1(3c)"
            },
            {
              "status": "affected",
              "version": "4.0(2r)"
            },
            {
              "status": "affected",
              "version": "4.1(3d)"
            },
            {
              "status": "affected",
              "version": "4.1(2g)"
            },
            {
              "status": "affected",
              "version": "4.1(2h)"
            },
            {
              "status": "affected",
              "version": "4.1(3f)"
            },
            {
              "status": "affected",
              "version": "4.1(2j)"
            },
            {
              "status": "affected",
              "version": "4.1(2k)"
            },
            {
              "status": "affected",
              "version": "4.1(3h)"
            },
            {
              "status": "affected",
              "version": "4.2(2a)"
            },
            {
              "status": "affected",
              "version": "4.1(3i)"
            },
            {
              "status": "affected",
              "version": "4.2(2f)"
            },
            {
              "status": "affected",
              "version": "4.2(2g)"
            },
            {
              "status": "affected",
              "version": "4.2(3b)"
            },
            {
              "status": "affected",
              "version": "4.1(3l)"
            },
            {
              "status": "affected",
              "version": "4.2(3d)"
            },
            {
              "status": "affected",
              "version": "4.3(1.230097)"
            },
            {
              "status": "affected",
              "version": "4.2(1e)"
            },
            {
              "status": "affected",
              "version": "4.2(1b)"
            },
            {
              "status": "affected",
              "version": "4.2(1j)"
            },
            {
              "status": "affected",
              "version": "4.2(1i)"
            },
            {
              "status": "affected",
              "version": "4.2(1f)"
            },
            {
              "status": "affected",
              "version": "4.2(1a)"
            },
            {
              "status": "affected",
              "version": "4.2(1c)"
            },
            {
              "status": "affected",
              "version": "4.2(1g)"
            },
            {
              "status": "affected",
              "version": "4.3(1.230124)"
            },
            {
              "status": "affected",
              "version": "4.1(2l)"
            },
            {
              "status": "affected",
              "version": "4.2(3e)"
            },
            {
              "status": "affected",
              "version": "4.3(1.230138)"
            },
            {
              "status": "affected",
              "version": "4.2(3g)"
            },
            {
              "status": "affected",
              "version": "4.3(2.230207)"
            },
            {
              "status": "affected",
              "version": "4.2(3h)"
            },
            {
              "status": "affected",
              "version": "4.2(3i)"
            },
            {
              "status": "affected",
              "version": "4.3(2.230270)"
            },
            {
              "status": "affected",
              "version": "4.1(3m)"
            },
            {
              "status": "affected",
              "version": "4.1(2m)"
            },
            {
              "status": "affected",
              "version": "4.3(2.240002)"
            },
            {
              "status": "affected",
              "version": "4.3(3.240022)"
            },
            {
              "status": "affected",
              "version": "4.2(3j)"
            },
            {
              "status": "affected",
              "version": "4.1(3n)"
            },
            {
              "status": "affected",
              "version": "4.3(2.240009)"
            },
            {
              "status": "affected",
              "version": "4.3(3.240043)"
            },
            {
              "status": "affected",
              "version": "4.3(4.240142)"
            },
            {
              "status": "affected",
              "version": "4.3(2.240037)"
            },
            {
              "status": "affected",
              "version": "4.3(2.240053)"
            },
            {
              "status": "affected",
              "version": "4.3(4.240152)"
            },
            {
              "status": "affected",
              "version": "4.2(3l)"
            },
            {
              "status": "affected",
              "version": "4.3(2.240077)"
            },
            {
              "status": "affected",
              "version": "4.3(4.242028)"
            },
            {
              "status": "affected",
              "version": "4.3(4.241063)"
            },
            {
              "status": "affected",
              "version": "4.3(4.242038)"
            },
            {
              "status": "affected",
              "version": "4.2(3m)"
            },
            {
              "status": "affected",
              "version": "4.3(2.240090)"
            },
            {
              "status": "affected",
              "version": "4.3(5.240021)"
            },
            {
              "status": "affected",
              "version": "4.3(2.240107)"
            },
            {
              "status": "affected",
              "version": "4.3(4.242066)"
            },
            {
              "status": "affected",
              "version": "4.2(3n)"
            },
            {
              "status": "affected",
              "version": "4.3(2.250016)"
            },
            {
              "status": "affected",
              "version": "4.3(2.250021)"
            },
            {
              "status": "affected",
              "version": "4.3(2.250022)"
            },
            {
              "status": "affected",
              "version": "4.3(2.250037)"
            },
            {
              "status": "affected",
              "version": "4.3(2.250045)"
            },
            {
              "status": "affected",
              "version": "4.3(4.252001)"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "Cisco Unified Computing System E-Series Software (UCSE)",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "3.2.7"
            },
            {
              "status": "affected",
              "version": "3.2.6"
            },
            {
              "status": "affected",
              "version": "3.2.4"
            },
            {
              "status": "affected",
              "version": "3.2.10"
            },
            {
              "status": "affected",
              "version": "3.2.2"
            },
            {
              "status": "affected",
              "version": "3.2.3"
            },
            {
              "status": "affected",
              "version": "2.4.0"
            },
            {
              "status": "affected",
              "version": "3.2.1"
            },
            {
              "status": "affected",
              "version": "3.2.11.1"
            },
            {
              "status": "affected",
              "version": "3.2.8"
            },
            {
              "status": "affected",
              "version": "3.1.1"
            },
            {
              "status": "affected",
              "version": "3.0.2"
            },
            {
              "status": "affected",
              "version": "2.1.0"
            },
            {
              "status": "affected",
              "version": "2.2.2"
            },
            {
              "status": "affected",
              "version": "3.1.2"
            },
            {
              "status": "affected",
              "version": "3.0.1"
            },
            {
              "status": "affected",
              "version": "2.3.2"
            },
            {
              "status": "affected",
              "version": "2.3.5"
            },
            {
              "status": "affected",
              "version": "2.2.1"
            },
            {
              "status": "affected",
              "version": "3.1.4"
            },
            {
              "status": "affected",
              "version": "2.4.1"
            },
            {
              "status": "affected",
              "version": "2.3.1"
            },
            {
              "status": "affected",
              "version": "3.1.3"
            },
            {
              "status": "affected",
              "version": "2.3.3"
            },
            {
              "status": "affected",
              "version": "2.4.2"
            },
            {
              "status": "affected",
              "version": "3.1.5"
            },
            {
              "status": "affected",
              "version": "3.1.0"
            },
            {
              "status": "affected",
              "version": "2.0.0"
            },
            {
              "status": "affected",
              "version": "3.2.11.3"
            },
            {
              "status": "affected",
              "version": "3.2.11.5"
            },
            {
              "status": "affected",
              "version": "3.2.12.2"
            },
            {
              "status": "affected",
              "version": "3.2.13.6"
            },
            {
              "status": "affected",
              "version": "3.2.14"
            },
            {
              "status": "affected",
              "version": "4.11.1"
            },
            {
              "status": "affected",
              "version": "3.2.15"
            },
            {
              "status": "affected",
              "version": "4.12.1"
            },
            {
              "status": "affected",
              "version": "3.2.15.3"
            },
            {
              "status": "affected",
              "version": "4.12.2"
            },
            {
              "status": "affected",
              "version": "3.2.16.1"
            },
            {
              "status": "affected",
              "version": "2.02"
            },
            {
              "status": "affected",
              "version": "4.00"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the Virtual Keyboard Video Monitor (vKVM) connection handling of Cisco Integrated Management Controller (IMC) could allow an authenticated, remote attacker with low privileges to conduct a stored cross-site scripting (XSS) attack against a user of the interface.\r\n\r\nThis vulnerability is due to insufficient validation of user-supplied input by the web-based management interface of an affected system. An attacker could exploit this vulnerability by injecting malicious code into a specific data field in the interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. To exploit this vulnerability, the attacker must have valid user credentials with privileges that allow for vKVM access on the affected device.\r\nNote: The affected vKVM client is also included in Cisco UCS Manager."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.4,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.1"
          },
          "format": "cvssV3_1"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-80",
              "description": "Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)",
              "lang": "en",
              "type": "cwe"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-08-27T16:23:18.618Z",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "cisco-sa-ucs-kvmsxss-6h7AnUyk",
          "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ucs-kvmsxss-6h7AnUyk"
        }
      ],
      "source": {
        "advisory": "cisco-sa-ucs-kvmsxss-6h7AnUyk",
        "defects": [
          "CSCwm57433"
        ],
        "discovery": "INTERNAL"
      },
      "title": "Cisco Integrated Management Controller Virtual Keyboard Video Monitor (vKVM) Stored Cross-Site Scripting Vulnerability"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2025-20342",
    "datePublished": "2025-08-27T16:23:18.618Z",
    "dateReserved": "2024-10-10T19:15:13.255Z",
    "dateUpdated": "2025-08-27T17:38:30.823Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2025-20342\",\"sourceIdentifier\":\"psirt@cisco.com\",\"published\":\"2025-08-27T17:15:36.380\",\"lastModified\":\"2025-08-29T16:24:09.860\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A vulnerability in the Virtual Keyboard Video Monitor (vKVM) connection handling of Cisco Integrated Management Controller (IMC) could allow an authenticated, remote attacker with low privileges to conduct a stored cross-site scripting (XSS) attack against a user of the interface.\\r\\n\\r\\nThis vulnerability is due to insufficient validation of user-supplied input by the web-based management interface of an affected system. An attacker could exploit this vulnerability by injecting malicious code into a specific data field in the interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. To exploit this vulnerability, the attacker must have valid user credentials with privileges that allow for vKVM access on the affected device.\\r\\nNote: The affected vKVM client is also included in Cisco UCS Manager.\"},{\"lang\":\"es\",\"value\":\"Una vulnerabilidad en la gesti\u00f3n de la conexi\u00f3n de Virtual Keyboard Video Monitor (vKVM) de Cisco Integrated Management Controller (IMC) podr\u00eda permitir que un atacante remoto autenticado con privilegios bajos realice un ataque de cross-site scripting (XSS) almacenado contra un usuario de la interfaz. Esta vulnerabilidad se debe a una validaci\u00f3n insuficiente de la entrada proporcionada por el usuario por la interfaz de administraci\u00f3n web de un sistema afectado. Un atacante podr\u00eda explotar esta vulnerabilidad inyectando c\u00f3digo malicioso en un campo de datos espec\u00edfico de la interfaz. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante ejecutar c\u00f3digo de script arbitrario en el contexto de la interfaz afectada o acceder a informaci\u00f3n confidencial del navegador. Para explotar esta vulnerabilidad, el atacante debe tener credenciales de usuario v\u00e1lidas con privilegios que permitan el acceso a vKVM en el dispositivo afectado. Nota: El cliente vKVM afectado tambi\u00e9n est\u00e1 incluido en Cisco UCS Manager.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"psirt@cisco.com\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N\",\"baseScore\":5.4,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"REQUIRED\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":2.3,\"impactScore\":2.7}]},\"weaknesses\":[{\"source\":\"psirt@cisco.com\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-80\"}]}],\"references\":[{\"url\":\"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ucs-kvmsxss-6h7AnUyk\",\"source\":\"psirt@cisco.com\"}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2025-20342\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-08-27T17:19:43.762688Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-08-27T17:19:46.771Z\"}}], \"cna\": {\"title\": \"Cisco Integrated Management Controller Virtual Keyboard Video Monitor (vKVM) Stored Cross-Site Scripting Vulnerability\", \"source\": {\"defects\": [\"CSCwm57433\"], \"advisory\": \"cisco-sa-ucs-kvmsxss-6h7AnUyk\", \"discovery\": \"INTERNAL\"}, \"metrics\": [{\"format\": \"cvssV3_1\", \"cvssV3_1\": {\"scope\": \"CHANGED\", \"version\": \"3.1\", \"baseScore\": 5.4, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N\", \"integrityImpact\": \"LOW\", \"userInteraction\": \"REQUIRED\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"NONE\", \"privilegesRequired\": \"LOW\", \"confidentialityImpact\": \"LOW\"}}], \"affected\": [{\"vendor\": \"Cisco\", \"product\": \"Cisco Unified Computing System (Managed)\", \"versions\": [{\"status\": \"affected\", \"version\": \"4.0(1a)\"}, {\"status\": \"affected\", \"version\": \"3.2(3n)\"}, {\"status\": \"affected\", \"version\": \"4.1(1a)\"}, {\"status\": \"affected\", \"version\": \"4.1(1b)\"}, {\"status\": \"affected\", \"version\": \"4.0(4h)\"}, {\"status\": \"affected\", \"version\": \"4.1(1c)\"}, {\"status\": \"affected\", \"version\": \"3.2(3k)\"}, {\"status\": \"affected\", \"version\": \"3.2(2c)\"}, {\"status\": \"affected\", \"version\": \"4.0(4e)\"}, {\"status\": \"affected\", \"version\": \"4.0(4g)\"}, {\"status\": \"affected\", \"version\": \"3.2(3i)\"}, {\"status\": \"affected\", \"version\": \"4.0(2e)\"}, {\"status\": \"affected\", \"version\": \"3.2(3g)\"}, {\"status\": \"affected\", \"version\": \"4.0(4a)\"}, {\"status\": \"affected\", \"version\": \"4.0(2d)\"}, {\"status\": \"affected\", \"version\": \"3.2(2d)\"}, {\"status\": \"affected\", \"version\": \"4.0(1b)\"}, {\"status\": \"affected\", \"version\": \"4.0(4f)\"}, {\"status\": \"affected\", \"version\": \"3.2(3h)\"}, {\"status\": \"affected\", \"version\": \"3.2(2f)\"}, {\"status\": \"affected\", \"version\": \"4.0(4c)\"}, {\"status\": \"affected\", \"version\": \"3.2(3a)\"}, {\"status\": \"affected\", \"version\": \"4.0(1c)\"}, {\"status\": \"affected\", \"version\": \"3.2(3d)\"}, {\"status\": \"affected\", \"version\": \"3.2(2b)\"}, {\"status\": \"affected\", \"version\": \"4.0(4b)\"}, {\"status\": \"affected\", \"version\": \"3.2(2e)\"}, {\"status\": \"affected\", \"version\": \"4.0(2b)\"}, {\"status\": \"affected\", \"version\": \"4.0(4d)\"}, {\"status\": \"affected\", \"version\": \"3.2(1d)\"}, {\"status\": \"affected\", \"version\": \"3.2(3e)\"}, {\"status\": \"affected\", \"version\": \"3.2(3l)\"}, {\"status\": \"affected\", \"version\": \"3.2(3b)\"}, {\"status\": \"affected\", \"version\": \"4.0(2a)\"}, {\"status\": \"affected\", \"version\": \"3.2(3j)\"}, {\"status\": \"affected\", \"version\": \"4.0(1d)\"}, {\"status\": \"affected\", \"version\": \"3.2(3o)\"}, {\"status\": \"affected\", \"version\": \"4.0(4i)\"}, {\"status\": \"affected\", \"version\": \"4.1(1d)\"}, {\"status\": \"affected\", \"version\": \"4.1(2a)\"}, {\"status\": \"affected\", \"version\": \"4.1(1e)\"}, {\"status\": \"affected\", \"version\": \"3.2(3p)\"}, {\"status\": \"affected\", \"version\": \"4.1(2b)\"}, {\"status\": \"affected\", \"version\": \"4.0(4k)\"}, {\"status\": \"affected\", \"version\": \"4.1(3a)\"}, {\"status\": \"affected\", \"version\": \"4.1(3b)\"}, {\"status\": \"affected\", \"version\": \"4.1(2c)\"}, {\"status\": \"affected\", \"version\": \"4.0(4l)\"}, {\"status\": \"affected\", \"version\": \"4.1(4a)\"}, {\"status\": \"affected\", \"version\": \"4.1(3c)\"}, {\"status\": \"affected\", \"version\": \"4.1(3d)\"}, {\"status\": \"affected\", \"version\": \"4.2(1c)\"}, {\"status\": \"affected\", \"version\": \"4.2(1d)\"}, {\"status\": \"affected\", \"version\": \"4.0(4m)\"}, {\"status\": \"affected\", \"version\": \"4.1(3e)\"}, {\"status\": \"affected\", \"version\": \"4.2(1f)\"}, {\"status\": \"affected\", \"version\": \"4.1(3f)\"}, {\"status\": \"affected\", \"version\": \"4.2(1i)\"}, {\"status\": \"affected\", \"version\": \"4.1(3h)\"}, {\"status\": \"affected\", \"version\": \"4.2(1k)\"}, {\"status\": \"affected\", \"version\": \"4.2(1l)\"}, {\"status\": \"affected\", \"version\": \"4.0(4n)\"}, {\"status\": \"affected\", \"version\": \"4.2(1m)\"}, {\"status\": \"affected\", \"version\": \"4.1(3i)\"}, {\"status\": \"affected\", \"version\": \"4.2(2a)\"}, {\"status\": \"affected\", \"version\": \"4.2(1n)\"}, {\"status\": \"affected\", \"version\": \"4.1(3j)\"}, {\"status\": \"affected\", \"version\": \"4.2(2c)\"}, {\"status\": \"affected\", \"version\": \"4.2(2d)\"}, {\"status\": \"affected\", \"version\": \"4.2(3b)\"}, {\"status\": \"affected\", \"version\": \"4.1(3k)\"}, {\"status\": \"affected\", \"version\": \"4.0(4o)\"}, {\"status\": \"affected\", \"version\": \"4.2(2e)\"}, {\"status\": \"affected\", \"version\": \"4.2(3d)\"}, {\"status\": \"affected\", \"version\": \"4.2(3e)\"}, {\"status\": \"affected\", \"version\": \"4.2(3g)\"}, {\"status\": \"affected\", \"version\": \"4.1(3l)\"}, {\"status\": \"affected\", \"version\": \"4.3(2b)\"}, {\"status\": \"affected\", \"version\": \"4.2(3h)\"}, {\"status\": \"affected\", \"version\": \"4.2(3i)\"}, {\"status\": \"affected\", \"version\": \"4.3(2c)\"}, {\"status\": \"affected\", \"version\": \"4.1(3m)\"}, {\"status\": \"affected\", \"version\": \"4.3(2e)\"}, {\"status\": \"affected\", \"version\": \"4.3(3a)\"}, {\"status\": \"affected\", \"version\": \"4.2(3j)\"}, {\"status\": \"affected\", \"version\": \"4.3(3c)\"}, {\"status\": \"affected\", \"version\": \"4.3(4a)\"}, {\"status\": \"affected\", \"version\": \"4.2(3k)\"}, {\"status\": \"affected\", \"version\": \"4.3(4b)\"}, {\"status\": \"affected\", \"version\": \"4.3(4c)\"}, {\"status\": \"affected\", \"version\": \"4.2(3l)\"}, {\"status\": \"affected\", \"version\": \"4.3(4d)\"}, {\"status\": \"affected\", \"version\": \"4.3(2f)\"}, {\"status\": \"affected\", \"version\": \"4.2(3m)\"}, {\"status\": \"affected\", \"version\": \"4.3(5a)\"}, {\"status\": \"affected\", \"version\": \"4.3(4e)\"}, {\"status\": \"affected\", \"version\": \"4.1(3n)\"}, {\"status\": \"affected\", \"version\": \"4.3(4f)\"}, {\"status\": \"affected\", \"version\": \"4.2(3n)\"}, {\"status\": \"affected\", \"version\": \"4.3(5c)\"}, {\"status\": \"affected\", \"version\": \"4.2(3o)\"}, {\"status\": \"affected\", \"version\": \"4.3(5d)\"}, {\"status\": \"affected\", \"version\": \"4.3(5e)\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Cisco\", \"product\": \"Cisco Unified Computing System (Standalone)\", \"versions\": [{\"status\": \"affected\", \"version\": \"2.0(1a)\"}, {\"status\": \"affected\", \"version\": \"4.0(2g)\"}, {\"status\": \"affected\", \"version\": \"2.0(13f)\"}, {\"status\": \"affected\", \"version\": \"3.0(4n)\"}, {\"status\": \"affected\", \"version\": \"2.0(3e)1\"}, {\"status\": \"affected\", \"version\": \"3.0(3e)\"}, {\"status\": \"affected\", \"version\": \"2.0(8h)\"}, {\"status\": \"affected\", \"version\": \"2.0(10g)\"}, {\"status\": \"affected\", \"version\": \"3.1(2i)\"}, {\"status\": \"affected\", \"version\": \"3.0(3c)\"}, {\"status\": \"affected\", \"version\": \"3.0(4m)\"}, {\"status\": \"affected\", \"version\": \"3.1(1d)\"}, {\"status\": \"affected\", \"version\": \"3.0(3a)\"}, {\"status\": \"affected\", \"version\": \"3.0(1d)\"}, {\"status\": \"affected\", \"version\": \"2.0(9o)\"}, {\"status\": \"affected\", \"version\": \"2.0(13n)\"}, {\"status\": \"affected\", \"version\": \"4.0(4i)\"}, {\"status\": \"affected\", \"version\": \"4.1(1c)\"}, {\"status\": \"affected\", \"version\": \"2.0(13q)\"}, {\"status\": \"affected\", \"version\": \"2.0(3j)1\"}, {\"status\": \"affected\", \"version\": \"4.0(2c)\"}, {\"status\": \"affected\", \"version\": \"2.0(9n)\"}, {\"status\": \"affected\", \"version\": \"4.0(1e)\"}, {\"status\": \"affected\", \"version\": \"2.0(13o)\"}, {\"status\": \"affected\", \"version\": \"2.0(6f)\"}, {\"status\": \"affected\", \"version\": \"2.0(10c)\"}, {\"status\": \"affected\", \"version\": \"2.0(8d)\"}, {\"status\": \"affected\", \"version\": \"2.0(9m)\"}, {\"status\": \"affected\", \"version\": \"4.0(2h)\"}, {\"status\": \"affected\", \"version\": \"3.0(4j)\"}, {\"status\": \"affected\", \"version\": \"2.0(10i)\"}, {\"status\": \"affected\", \"version\": \"3.0(3f)\"}, {\"status\": \"affected\", \"version\": \"2.0(10l)\"}, {\"status\": \"affected\", \"version\": \"2.0(12e)\"}, {\"status\": \"affected\", \"version\": \"2.0(12i)\"}, {\"status\": \"affected\", \"version\": \"2.0(10h)\"}, {\"status\": \"affected\", \"version\": \"2.0(13e)\"}, {\"status\": \"affected\", \"version\": \"3.0(4k)\"}, {\"status\": \"affected\", \"version\": \"2.0(10b)\"}, {\"status\": \"affected\", \"version\": \"2.0(6d)\"}, {\"status\": \"affected\", \"version\": \"2.0(12b)\"}, {\"status\": \"affected\", \"version\": \"4.0(4h)\"}, {\"status\": \"affected\", \"version\": \"2.0(12h)\"}, {\"status\": \"affected\", \"version\": \"2.0(10f)\"}, {\"status\": \"affected\", \"version\": \"3.0(4l)\"}, {\"status\": \"affected\", \"version\": \"4.0(1h)\"}, {\"status\": \"affected\", \"version\": \"4.0(2l)\"}, {\"status\": \"affected\", \"version\": \"2.0(3i)\"}, {\"status\": \"affected\", \"version\": \"2.0(3f)3\"}, {\"status\": \"affected\", \"version\": \"3.0(4a)\"}, {\"status\": \"affected\", \"version\": \"2.0(13p)\"}, {\"status\": \"affected\", \"version\": \"2.0(9l)\"}, {\"status\": \"affected\", \"version\": \"2.0(12g)\"}, {\"status\": \"affected\", \"version\": \"2.0(12c)\"}, {\"status\": \"affected\", \"version\": \"2.0(12f)\"}, {\"status\": \"affected\", \"version\": \"2.0(13k)\"}, {\"status\": \"affected\", \"version\": \"3.0(3b)\"}, {\"status\": \"affected\", \"version\": \"2.0(1b)\"}, {\"status\": \"affected\", \"version\": \"3.1(3g)\"}, {\"status\": \"affected\", \"version\": \"2.0(4c)\"}, {\"status\": \"affected\", \"version\": \"4.0(1.240)\"}, {\"status\": \"affected\", \"version\": \"2.0(12d)\"}, {\"status\": \"affected\", \"version\": \"4.0(2f)\"}, {\"status\": \"affected\", \"version\": \"4.0(1g)\"}, {\"status\": \"affected\", \"version\": \"3.0(4d)\"}, {\"status\": \"affected\", \"version\": \"3.0(2b)\"}, {\"status\": \"affected\", \"version\": \"2.0(3d)2\"}, {\"status\": \"affected\", \"version\": \"2.0(3d)1\"}, {\"status\": \"affected\", \"version\": \"2.0(9f)\"}, {\"status\": \"affected\", \"version\": \"2.0(13h)\"}, {\"status\": \"affected\", \"version\": \"3.0(4e)\"}, {\"status\": \"affected\", \"version\": \"2.0(8g)\"}, {\"status\": \"affected\", \"version\": \"4.0(2i)\"}, {\"status\": \"affected\", \"version\": \"2.0(10e)\"}, {\"status\": \"affected\", \"version\": \"2.0(13i)\"}, {\"status\": \"affected\", \"version\": \"2.0(9c)\"}, {\"status\": \"affected\", \"version\": \"2.0(4c)1\"}, {\"status\": \"affected\", \"version\": \"3.0(1c)\"}, {\"status\": \"affected\", \"version\": \"2.0(8e)\"}, {\"status\": \"affected\", \"version\": \"2.0(9e)\"}, {\"status\": \"affected\", \"version\": \"2.0(9p)\"}, {\"status\": \"affected\", \"version\": \"3.1(3i)\"}, {\"status\": \"affected\", \"version\": \"3.0(4i)\"}, {\"status\": \"affected\", \"version\": \"2.0(10k)\"}, {\"status\": \"affected\", \"version\": \"3.0(4o)\"}, {\"status\": \"affected\", \"version\": \"4.0(4d)\"}, {\"status\": \"affected\", \"version\": \"4.1(1d)\"}, {\"status\": \"affected\", \"version\": \"3.1(3c)\"}, {\"status\": \"affected\", \"version\": \"4.0(4k)\"}, {\"status\": \"affected\", \"version\": \"3.1(2d)\"}, {\"status\": \"affected\", \"version\": \"3.1(3a)\"}, {\"status\": \"affected\", \"version\": \"3.1(3j)\"}, {\"status\": \"affected\", \"version\": \"4.0(2d)\"}, {\"status\": \"affected\", \"version\": \"4.1(1f)\"}, {\"status\": \"affected\", \"version\": \"3.0(4p)\"}, {\"status\": \"affected\", \"version\": \"4.0(1c)\"}, {\"status\": \"affected\", \"version\": \"4.0(4f)\"}, {\"status\": \"affected\", \"version\": \"4.0(4c)\"}, {\"status\": \"affected\", \"version\": \"3.1(3d)\"}, {\"status\": \"affected\", \"version\": \"3.1(2g)\"}, {\"status\": \"affected\", \"version\": \"3.1(2c)\"}, {\"status\": \"affected\", \"version\": \"4.0(1d)\"}, {\"status\": \"affected\", \"version\": \"3.1(2e)\"}, {\"status\": \"affected\", \"version\": \"4.0(1a)\"}, {\"status\": \"affected\", \"version\": \"4.0(1b)\"}, {\"status\": \"affected\", \"version\": \"3.1(3b)\"}, {\"status\": \"affected\", \"version\": \"4.0(4b)\"}, {\"status\": \"affected\", \"version\": \"3.1(2b)\"}, {\"status\": \"affected\", \"version\": \"4.0(4e)\"}, {\"status\": \"affected\", \"version\": \"3.1(3h)\"}, {\"status\": \"affected\", \"version\": \"3.0(4q)\"}, {\"status\": \"affected\", \"version\": \"4.0(4l)\"}, {\"status\": \"affected\", \"version\": \"4.1(1g)\"}, {\"status\": \"affected\", \"version\": \"4.1(2a)\"}, {\"status\": \"affected\", \"version\": \"3.0(4r)\"}, {\"status\": \"affected\", \"version\": \"4.0(2n)\"}, {\"status\": \"affected\", \"version\": \"4.1(1h)\"}, {\"status\": \"affected\", \"version\": \"3.1(3k)\"}, {\"status\": \"affected\", \"version\": \"4.1(2b)\"}, {\"status\": \"affected\", \"version\": \"4.0(2o)\"}, {\"status\": \"affected\", \"version\": \"4.0(4m)\"}, {\"status\": \"affected\", \"version\": \"4.1(2d)\"}, {\"status\": \"affected\", \"version\": \"4.1(3b)\"}, {\"status\": \"affected\", \"version\": \"4.0(2p)\"}, {\"status\": \"affected\", \"version\": \"4.1(2e)\"}, {\"status\": \"affected\", \"version\": \"4.1(2f)\"}, {\"status\": \"affected\", \"version\": \"3.0(4s)\"}, {\"status\": \"affected\", \"version\": \"4.0(4n)\"}, {\"status\": \"affected\", \"version\": \"4.0(2q)\"}, {\"status\": \"affected\", \"version\": \"4.1(3c)\"}, {\"status\": \"affected\", \"version\": \"4.0(2r)\"}, {\"status\": \"affected\", \"version\": \"4.1(3d)\"}, {\"status\": \"affected\", \"version\": \"4.1(2g)\"}, {\"status\": \"affected\", \"version\": \"4.1(2h)\"}, {\"status\": \"affected\", \"version\": \"4.1(3f)\"}, {\"status\": \"affected\", \"version\": \"4.1(2j)\"}, {\"status\": \"affected\", \"version\": \"4.1(2k)\"}, {\"status\": \"affected\", \"version\": \"4.1(3h)\"}, {\"status\": \"affected\", \"version\": \"4.2(2a)\"}, {\"status\": \"affected\", \"version\": \"4.1(3i)\"}, {\"status\": \"affected\", \"version\": \"4.2(2f)\"}, {\"status\": \"affected\", \"version\": \"4.2(2g)\"}, {\"status\": \"affected\", \"version\": \"4.2(3b)\"}, {\"status\": \"affected\", \"version\": \"4.1(3l)\"}, {\"status\": \"affected\", \"version\": \"4.2(3d)\"}, {\"status\": \"affected\", \"version\": \"4.3(1.230097)\"}, {\"status\": \"affected\", \"version\": \"4.2(1e)\"}, {\"status\": \"affected\", \"version\": \"4.2(1b)\"}, {\"status\": \"affected\", \"version\": \"4.2(1j)\"}, {\"status\": \"affected\", \"version\": \"4.2(1i)\"}, {\"status\": \"affected\", \"version\": \"4.2(1f)\"}, {\"status\": \"affected\", \"version\": \"4.2(1a)\"}, {\"status\": \"affected\", \"version\": \"4.2(1c)\"}, {\"status\": \"affected\", \"version\": \"4.2(1g)\"}, {\"status\": \"affected\", \"version\": \"4.3(1.230124)\"}, {\"status\": \"affected\", \"version\": \"4.1(2l)\"}, {\"status\": \"affected\", \"version\": \"4.2(3e)\"}, {\"status\": \"affected\", \"version\": \"4.3(1.230138)\"}, {\"status\": \"affected\", \"version\": \"4.2(3g)\"}, {\"status\": \"affected\", \"version\": \"4.3(2.230207)\"}, {\"status\": \"affected\", \"version\": \"4.2(3h)\"}, {\"status\": \"affected\", \"version\": \"4.2(3i)\"}, {\"status\": \"affected\", \"version\": \"4.3(2.230270)\"}, {\"status\": \"affected\", \"version\": \"4.1(3m)\"}, {\"status\": \"affected\", \"version\": \"4.1(2m)\"}, {\"status\": \"affected\", \"version\": \"4.3(2.240002)\"}, {\"status\": \"affected\", \"version\": \"4.3(3.240022)\"}, {\"status\": \"affected\", \"version\": \"4.2(3j)\"}, {\"status\": \"affected\", \"version\": \"4.1(3n)\"}, {\"status\": \"affected\", \"version\": \"4.3(2.240009)\"}, {\"status\": \"affected\", \"version\": \"4.3(3.240043)\"}, {\"status\": \"affected\", \"version\": \"4.3(4.240142)\"}, {\"status\": \"affected\", \"version\": \"4.3(2.240037)\"}, {\"status\": \"affected\", \"version\": \"4.3(2.240053)\"}, {\"status\": \"affected\", \"version\": \"4.3(4.240152)\"}, {\"status\": \"affected\", \"version\": \"4.2(3l)\"}, {\"status\": \"affected\", \"version\": \"4.3(2.240077)\"}, {\"status\": \"affected\", \"version\": \"4.3(4.242028)\"}, {\"status\": \"affected\", \"version\": \"4.3(4.241063)\"}, {\"status\": \"affected\", \"version\": \"4.3(4.242038)\"}, {\"status\": \"affected\", \"version\": \"4.2(3m)\"}, {\"status\": \"affected\", \"version\": \"4.3(2.240090)\"}, {\"status\": \"affected\", \"version\": \"4.3(5.240021)\"}, {\"status\": \"affected\", \"version\": \"4.3(2.240107)\"}, {\"status\": \"affected\", \"version\": \"4.3(4.242066)\"}, {\"status\": \"affected\", \"version\": \"4.2(3n)\"}, {\"status\": \"affected\", \"version\": \"4.3(2.250016)\"}, {\"status\": \"affected\", \"version\": \"4.3(2.250021)\"}, {\"status\": \"affected\", \"version\": \"4.3(2.250022)\"}, {\"status\": \"affected\", \"version\": \"4.3(2.250037)\"}, {\"status\": \"affected\", \"version\": \"4.3(2.250045)\"}, {\"status\": \"affected\", \"version\": \"4.3(4.252001)\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Cisco\", \"product\": \"Cisco Unified Computing System E-Series Software (UCSE)\", \"versions\": [{\"status\": \"affected\", \"version\": \"3.2.7\"}, {\"status\": \"affected\", \"version\": \"3.2.6\"}, {\"status\": \"affected\", \"version\": \"3.2.4\"}, {\"status\": \"affected\", \"version\": \"3.2.10\"}, {\"status\": \"affected\", \"version\": \"3.2.2\"}, {\"status\": \"affected\", \"version\": \"3.2.3\"}, {\"status\": \"affected\", \"version\": \"2.4.0\"}, {\"status\": \"affected\", \"version\": \"3.2.1\"}, {\"status\": \"affected\", \"version\": \"3.2.11.1\"}, {\"status\": \"affected\", \"version\": \"3.2.8\"}, {\"status\": \"affected\", \"version\": \"3.1.1\"}, {\"status\": \"affected\", \"version\": \"3.0.2\"}, {\"status\": \"affected\", \"version\": \"2.1.0\"}, {\"status\": \"affected\", \"version\": \"2.2.2\"}, {\"status\": \"affected\", \"version\": \"3.1.2\"}, {\"status\": \"affected\", \"version\": \"3.0.1\"}, {\"status\": \"affected\", \"version\": \"2.3.2\"}, {\"status\": \"affected\", \"version\": \"2.3.5\"}, {\"status\": \"affected\", \"version\": \"2.2.1\"}, {\"status\": \"affected\", \"version\": \"3.1.4\"}, {\"status\": \"affected\", \"version\": \"2.4.1\"}, {\"status\": \"affected\", \"version\": \"2.3.1\"}, {\"status\": \"affected\", \"version\": \"3.1.3\"}, {\"status\": \"affected\", \"version\": \"2.3.3\"}, {\"status\": \"affected\", \"version\": \"2.4.2\"}, {\"status\": \"affected\", \"version\": \"3.1.5\"}, {\"status\": \"affected\", \"version\": \"3.1.0\"}, {\"status\": \"affected\", \"version\": \"2.0.0\"}, {\"status\": \"affected\", \"version\": \"3.2.11.3\"}, {\"status\": \"affected\", \"version\": \"3.2.11.5\"}, {\"status\": \"affected\", \"version\": \"3.2.12.2\"}, {\"status\": \"affected\", \"version\": \"3.2.13.6\"}, {\"status\": \"affected\", \"version\": \"3.2.14\"}, {\"status\": \"affected\", \"version\": \"4.11.1\"}, {\"status\": \"affected\", \"version\": \"3.2.15\"}, {\"status\": \"affected\", \"version\": \"4.12.1\"}, {\"status\": \"affected\", \"version\": \"3.2.15.3\"}, {\"status\": \"affected\", \"version\": \"4.12.2\"}, {\"status\": \"affected\", \"version\": \"3.2.16.1\"}, {\"status\": \"affected\", \"version\": \"2.02\"}, {\"status\": \"affected\", \"version\": \"4.00\"}], \"defaultStatus\": \"unknown\"}], \"exploits\": [{\"lang\": \"en\", \"value\": \"The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.\"}], \"references\": [{\"url\": \"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ucs-kvmsxss-6h7AnUyk\", \"name\": \"cisco-sa-ucs-kvmsxss-6h7AnUyk\"}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"A vulnerability in the Virtual Keyboard Video Monitor (vKVM) connection handling of Cisco Integrated Management Controller (IMC) could allow an authenticated, remote attacker with low privileges to conduct a stored cross-site scripting (XSS) attack against a user of the interface.\\r\\n\\r\\nThis vulnerability is due to insufficient validation of user-supplied input by the web-based management interface of an affected system. An attacker could exploit this vulnerability by injecting malicious code into a specific data field in the interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. To exploit this vulnerability, the attacker must have valid user credentials with privileges that allow for vKVM access on the affected device.\\r\\nNote: The affected vKVM client is also included in Cisco UCS Manager.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"cwe\", \"cweId\": \"CWE-80\", \"description\": \"Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)\"}]}], \"providerMetadata\": {\"orgId\": \"d1c1063e-7a18-46af-9102-31f8928bc633\", \"shortName\": \"cisco\", \"dateUpdated\": \"2025-08-27T16:23:18.618Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2025-20342\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-08-27T17:38:30.823Z\", \"dateReserved\": \"2024-10-10T19:15:13.255Z\", \"assignerOrgId\": \"d1c1063e-7a18-46af-9102-31f8928bc633\", \"datePublished\": \"2025-08-27T16:23:18.618Z\", \"assignerShortName\": \"cisco\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.


Loading…

Loading…

Loading…

Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.


Loading…