{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-22T17:12:53.015","vulnerabilities":[{"cve":{"id":"CVE-2025-20126","sourceIdentifier":"psirt@cisco.com","published":"2025-01-08T16:15:38.357","lastModified":"2025-07-22T15:33:29.487","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"A vulnerability in certification validation routines of Cisco ThousandEyes Endpoint Agent for macOS and RoomOS could allow an unauthenticated, remote attacker to intercept or manipulate metrics information.\r\n\r\nThis vulnerability exists because the affected software does not properly validate certificates for hosted metrics services. An on-path attacker could exploit this vulnerability by intercepting network traffic using a crafted certificate. A successful exploit could allow the attacker to masquerade as a trusted host and monitor or change communications between the remote metrics service and the vulnerable client."},{"lang":"es","value":"Una vulnerabilidad en certification validation routines de Cisco ThousandEyes Endpoint Agent para macOS y RoomOS podría permitir que un atacante remoto no autenticado intercepte o manipule la información de métricas. Esta vulnerabilidad existe porque el software afectado no valida correctamente los certificados para los servicios de métricas alojados. Un atacante en ruta podría aprovechar esta vulnerabilidad interceptando el tráfico de red mediante un certificado manipulado. Una explotación exitosa podría permitir al atacante hacerse pasar por un host confiable y monitorear o cambiar las comunicaciones entre el servicio de métricas remoto y el cliente vulnerable."}],"metrics":{"cvssMetricV31":[{"source":"psirt@cisco.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N","baseScore":4.8,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.2,"impactScore":2.5},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N","baseScore":4.8,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.2,"impactScore":2.5}]},"weaknesses":[{"source":"psirt@cisco.com","type":"Secondary","description":[{"lang":"en","value":"CWE-295"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:thousandeyes_endpoint_agent:*:*:*:*:*:*:*:*","versionEndExcluding":"1.206.3","matchCriteriaId":"750FAF96-CB1C-4594-ADAD-1759E2814248"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*","matchCriteriaId":"387021A0-AF36-463C-A605-32EA7DAC172E"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:thousandeyes_endpoint_agent:*:*:*:*:*:*:*:*","versionEndExcluding":"1.207.2","matchCriteriaId":"68F80C79-AA52-457E-806A-92B049076693"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:o:cisco:roomos:-:*:*:*:*:*:*:*","matchCriteriaId":"8F10D2C6-D629-45E1-966F-AB9EAB4EDB03"}]}]}],"references":[{"url":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-thousandeyes-cert-pqtJUv9N","source":"psirt@cisco.com","tags":["Vendor Advisory"]}]}}]}