CVE-2025-20345
BaseFortify
Publication date: 2025-08-20
Last updated on: 2025-08-22
Assigner: Cisco Systems, Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| cisco | duo_authentication_proxy | 6.5.1 |
| cisco | duo_authentication_proxy | 5.8.2 |
| cisco | duo_authentication_proxy | 6.5.2 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-200 | The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability exists in the debug logging function of Cisco Duo Authentication Proxy. It allows an authenticated, high-privileged, remote attacker to view sensitive information because the system does not properly mask sensitive data before writing it to log files. An attacker who can access these logs could see information that should be protected.
How can this vulnerability impact me? :
The vulnerability could allow an attacker with high privileges to access sensitive information from system log files, potentially exposing confidential data. This could lead to unauthorized disclosure of sensitive information, which may compromise system security or privacy.