A vulnerability in certification validation routines of Cisco ThousandEyes Endpoint Agent for macOS and RoomOS could allow an unauthenticated, remote attacker to intercept or manipulate metrics information. This vulnerability exists because the affected software does not properly validate certificates for hosted metrics services. An on-path attacker could exploit this vulnerability by intercepting network traffic using a crafted certificate. A successful exploit could allow the attacker to masquerade as a trusted host and monitor or change communications between the remote metrics service and the vulnerable client.
History

Wed, 08 Jan 2025 21:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Wed, 08 Jan 2025 19:45:00 +0000


Wed, 08 Jan 2025 16:15:00 +0000

Type Values Removed Values Added
Description A vulnerability in certification validation routines of Cisco ThousandEyes Endpoint Agent for macOS and RoomOS could allow an unauthenticated, remote attacker to intercept or manipulate metrics information. This vulnerability exists because the affected software does not properly validate certificates for hosted metrics services. An on-path attacker could exploit this vulnerability by intercepting network traffic using a crafted certificate. A successful exploit could allow the attacker to masquerade as a trusted host and monitor or change communications between the remote metrics service and the vulnerable client.
Title Cisco ThousandEyes Endpoint Agent Certificate Validation Vulnerability
Weaknesses CWE-295
References
Metrics cvssV3_1

{'score': 4.8, 'vector': 'CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N'}


cve-icon MITRE

Status: PUBLISHED

Assigner: cisco

Published: 2025-01-08T16:09:46.465Z

Updated: 2025-01-13T22:24:43.145Z

Reserved: 2024-10-10T19:15:13.212Z

Link: CVE-2025-20126

cve-icon Vulnrichment

Updated: 2025-01-08T20:25:39.747Z

cve-icon NVD

Status : Received

Published: 2025-01-08T16:15:38.357

Modified: 2025-01-08T19:15:38.553

Link: CVE-2025-20126

cve-icon Redhat

No data.