fkie_cve-2025-20113
Vulnerability from fkie_nvd
Published
2025-05-21 17:15
Modified
2025-07-22 14:41
Severity ?
7.1 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N
Summary
A vulnerability in Cisco Unified Intelligence Center could allow an authenticated, remote attacker to elevate privileges to Administrator for a limited set of functions on an affected system. This vulnerability is due to insufficient server-side validation of user-supplied parameters in API or HTTP requests. An attacker could exploit this vulnerability by submitting a crafted API or HTTP request to an affected system. A successful exploit could allow the attacker to access, modify, or delete data beyond the sphere of their intended access level, including obtaining potentially sensitive information stored in the system.
References
psirt@cisco.comhttps://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cuis-priv-esc-3Pk96SU4Vendor Advisory
Impacted products
Vendor Product Version
cisco unified_intelligence_center 10.5\(1\)
cisco unified_intelligence_center 11.0\(1\)
cisco unified_intelligence_center 11.0\(2\)
cisco unified_intelligence_center 11.0\(3\)
cisco unified_intelligence_center 11.5\(1\)
cisco unified_intelligence_center 11.6\(1\)
cisco unified_intelligence_center 12.0\(1\)
cisco unified_intelligence_center 12.5\(1\)
cisco unified_intelligence_center 12.5\(1\)su
cisco unified_intelligence_center 12.6\(1\)
cisco unified_intelligence_center 12.6\(1\)_es05_et
cisco unified_intelligence_center 12.6\(1\)_et
cisco unified_intelligence_center 12.6\(2\)
cisco unified_contact_center_express 8.5\(1\)
cisco unified_contact_center_express 9.0\(2\)su3es04
cisco unified_contact_center_express 10.0\(1\)su1
cisco unified_contact_center_express 10.0\(1\)su1es04
cisco unified_contact_center_express 10.5\(1\)
cisco unified_contact_center_express 10.5\(1\)su1
cisco unified_contact_center_express 10.5\(1\)su1es10
cisco unified_contact_center_express 10.6\(1\)
cisco unified_contact_center_express 10.6\(1\)su1
cisco unified_contact_center_express 10.6\(1\)su2
cisco unified_contact_center_express 10.6\(1\)su2es04
cisco unified_contact_center_express 10.6\(1\)su3
cisco unified_contact_center_express 10.6\(1\)su3es01
cisco unified_contact_center_express 10.6\(1\)su3es02
cisco unified_contact_center_express 10.6\(1\)su3es03
cisco unified_contact_center_express 11.0\(1\)su1
cisco unified_contact_center_express 11.0\(1\)su1es02
cisco unified_contact_center_express 11.0\(1\)su1es03
cisco unified_contact_center_express 11.5\(1\)es01
cisco unified_contact_center_express 11.5\(1\)su1
cisco unified_contact_center_express 11.5\(1\)su1es01
cisco unified_contact_center_express 11.5\(1\)su1es02
cisco unified_contact_center_express 11.5\(1\)su1es03
cisco unified_contact_center_express 11.6\(1\)
cisco unified_contact_center_express 11.6\(1\)es01
cisco unified_contact_center_express 11.6\(1\)es02
cisco unified_contact_center_express 11.6\(2\)
cisco unified_contact_center_express 11.6\(2\)es01
cisco unified_contact_center_express 11.6\(2\)es02
cisco unified_contact_center_express 11.6\(2\)es03
cisco unified_contact_center_express 11.6\(2\)es04
cisco unified_contact_center_express 11.6\(2\)es05
cisco unified_contact_center_express 11.6\(2\)es06
cisco unified_contact_center_express 11.6\(2\)es07
cisco unified_contact_center_express 11.6\(2\)es08
cisco unified_contact_center_express 12.0\(1\)
cisco unified_contact_center_express 12.0\(1\)es01
cisco unified_contact_center_express 12.0\(1\)es02
cisco unified_contact_center_express 12.0\(1\)es03
cisco unified_contact_center_express 12.0\(1\)es04
cisco unified_contact_center_express 12.5\(1\)
cisco unified_contact_center_express 12.5\(1\)_su01_es01
cisco unified_contact_center_express 12.5\(1\)_su01_es02
cisco unified_contact_center_express 12.5\(1\)_su01_es03
cisco unified_contact_center_express 12.5\(1\)_su02_es01
cisco unified_contact_center_express 12.5\(1\)_su02_es02
cisco unified_contact_center_express 12.5\(1\)_su02_es03
cisco unified_contact_center_express 12.5\(1\)_su02_es04
cisco unified_contact_center_express 12.5\(1\)_su03_es01
cisco unified_contact_center_express 12.5\(1\)_su03_es02
cisco unified_contact_center_express 12.5\(1\)_su03_es03
cisco unified_contact_center_express 12.5\(1\)_su03_es04
cisco unified_contact_center_express 12.5\(1\)_su03_es05
cisco unified_contact_center_express 12.5\(1\)_su03_es06
cisco unified_contact_center_express 12.5\(1\)es01
cisco unified_contact_center_express 12.5\(1\)es02
cisco unified_contact_center_express 12.5\(1\)es03
cisco unified_contact_center_express 12.5\(1\)su1
cisco unified_contact_center_express 12.5\(1\)su2
cisco unified_contact_center_express 12.5\(1\)su3


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:unified_intelligence_center:10.5\\(1\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "5601C191-19B9-4CC3-94E0-AB144A6BD02C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_intelligence_center:11.0\\(1\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "D92445EF-1107-456D-8F03-44BA2A385383",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_intelligence_center:11.0\\(2\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "2F4F7BC5-E393-4C85-93ED-8F8DBD81A383",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_intelligence_center:11.0\\(3\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "BD658DE5-84D2-4527-AF25-09F31572C184",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_intelligence_center:11.5\\(1\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "060AFE51-F470-4B14-8D74-8B721129A37E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_intelligence_center:11.6\\(1\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "7B59061B-ED98-47C6-A8CF-41CA11500AF2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_intelligence_center:12.0\\(1\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "DF881F48-7268-4A06-A72B-FEE1BD58A193",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_intelligence_center:12.5\\(1\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "84C52246-9E02-434A-8E41-76B21DB3F25C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_intelligence_center:12.5\\(1\\)su:*:*:*:*:*:*:*",
              "matchCriteriaId": "42B2688A-4E07-4EA0-8304-E168FB672202",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_intelligence_center:12.6\\(1\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "0EAE9043-E488-4FBE-8A60-377F71D5D126",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_intelligence_center:12.6\\(1\\)_es05_et:*:*:*:*:*:*:*",
              "matchCriteriaId": "45676746-8B75-4095-A4FF-9AC34CF0E72F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_intelligence_center:12.6\\(1\\)_et:*:*:*:*:*:*:*",
              "matchCriteriaId": "D94589CB-61F9-474F-800A-5387FB4AEF9C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_intelligence_center:12.6\\(2\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "0A136173-603C-427A-AC03-76CBB6757C92",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:unified_contact_center_express:8.5\\(1\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "ED97AAD8-D02D-42AB-863A-7538A1F6D425",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_contact_center_express:9.0\\(2\\)su3es04:*:*:*:*:*:*:*",
              "matchCriteriaId": "E1202DE4-CA67-424E-8379-2BC13630F0C7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_contact_center_express:10.0\\(1\\)su1:*:*:*:*:*:*:*",
              "matchCriteriaId": "31854EAF-89B5-40BB-98E7-7EBB2E867C96",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_contact_center_express:10.0\\(1\\)su1es04:*:*:*:*:*:*:*",
              "matchCriteriaId": "DE1194F1-9CF5-460E-AF26-FB7CDC1EE878",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_contact_center_express:10.5\\(1\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "1C277058-F33F-4E60-AE89-658CB6558D9A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_contact_center_express:10.5\\(1\\)su1:*:*:*:*:*:*:*",
              "matchCriteriaId": "1E255206-BDDB-4F0F-9ED7-3A3ACA74EF83",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_contact_center_express:10.5\\(1\\)su1es10:*:*:*:*:*:*:*",
              "matchCriteriaId": "CE358FF2-CB8A-4E0D-926E-ED151B585E52",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_contact_center_express:10.6\\(1\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "D6F83A65-F3AC-4F6B-97A3-9FC582683BCB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_contact_center_express:10.6\\(1\\)su1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A766B903-E6DB-4838-90A7-63918C9F8AD9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_contact_center_express:10.6\\(1\\)su2:*:*:*:*:*:*:*",
              "matchCriteriaId": "2F1F0C70-E644-4DCA-93C2-6BCB331D08E6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_contact_center_express:10.6\\(1\\)su2es04:*:*:*:*:*:*:*",
              "matchCriteriaId": "DF54B434-E765-40B1-B12A-21FC7F415ACE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_contact_center_express:10.6\\(1\\)su3:*:*:*:*:*:*:*",
              "matchCriteriaId": "60839544-11E0-4381-A9AA-21D6FB403F88",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_contact_center_express:10.6\\(1\\)su3es01:*:*:*:*:*:*:*",
              "matchCriteriaId": "7D8114CF-6689-4C97-BD5D-07CC8EEF35A2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_contact_center_express:10.6\\(1\\)su3es02:*:*:*:*:*:*:*",
              "matchCriteriaId": "1D90986B-64ED-44A1-9CF1-7C9FD27555FF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_contact_center_express:10.6\\(1\\)su3es03:*:*:*:*:*:*:*",
              "matchCriteriaId": "442E4715-5043-4BF7-8961-C8844A00A7B5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_contact_center_express:11.0\\(1\\)su1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0242DD9A-A5BB-4DE7-9218-7AE0FE2A65AD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_contact_center_express:11.0\\(1\\)su1es02:*:*:*:*:*:*:*",
              "matchCriteriaId": "A5002FAA-FE64-4AA7-B0D7-22084CCE0CE4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_contact_center_express:11.0\\(1\\)su1es03:*:*:*:*:*:*:*",
              "matchCriteriaId": "6C17A2AB-33B3-4089-A701-A29A4E55D667",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_contact_center_express:11.5\\(1\\)es01:*:*:*:*:*:*:*",
              "matchCriteriaId": "DC6FFA8B-248F-42C7-8A06-3F7E158386EE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_contact_center_express:11.5\\(1\\)su1:*:*:*:*:*:*:*",
              "matchCriteriaId": "26A35E9A-FFFB-49AF-BA70-67F3EA54B9ED",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_contact_center_express:11.5\\(1\\)su1es01:*:*:*:*:*:*:*",
              "matchCriteriaId": "3F529FE5-1DE8-43A5-88EE-0980D3A55BCF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_contact_center_express:11.5\\(1\\)su1es02:*:*:*:*:*:*:*",
              "matchCriteriaId": "766350AF-1B2F-4DC0-9DA3-E17B45892163",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_contact_center_express:11.5\\(1\\)su1es03:*:*:*:*:*:*:*",
              "matchCriteriaId": "702E48CC-3858-491C-A328-5D9ADDDC8DC0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_contact_center_express:11.6\\(1\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "20CF8B80-28C0-407B-BA60-1B07694A3DFA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_contact_center_express:11.6\\(1\\)es01:*:*:*:*:*:*:*",
              "matchCriteriaId": "59A30F7B-9756-40BD-89C1-60E2702CC806",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_contact_center_express:11.6\\(1\\)es02:*:*:*:*:*:*:*",
              "matchCriteriaId": "29A15BB5-0725-4159-B387-74CFBF58F349",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_contact_center_express:11.6\\(2\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "82F5416D-0DF3-48BB-8A23-DBC2B0746195",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_contact_center_express:11.6\\(2\\)es01:*:*:*:*:*:*:*",
              "matchCriteriaId": "908E3B03-7248-44B4-B0DE-E3B3F7FA9555",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_contact_center_express:11.6\\(2\\)es02:*:*:*:*:*:*:*",
              "matchCriteriaId": "1705F343-BF9D-4EBC-B833-64F03EDD7C27",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_contact_center_express:11.6\\(2\\)es03:*:*:*:*:*:*:*",
              "matchCriteriaId": "686F6450-99FC-4260-B9CE-B7F313464EFB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_contact_center_express:11.6\\(2\\)es04:*:*:*:*:*:*:*",
              "matchCriteriaId": "93851C02-3E0A-41F1-82BB-24546A83E272",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_contact_center_express:11.6\\(2\\)es05:*:*:*:*:*:*:*",
              "matchCriteriaId": "10E25C7A-42B4-40CE-A13B-0252C05FCFD5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_contact_center_express:11.6\\(2\\)es06:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D0128C7-3FB4-42EE-B4D8-68EAAC4727A9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_contact_center_express:11.6\\(2\\)es07:*:*:*:*:*:*:*",
              "matchCriteriaId": "2A92970B-53FD-4ED6-95BC-FDC7BB6780CB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_contact_center_express:11.6\\(2\\)es08:*:*:*:*:*:*:*",
              "matchCriteriaId": "FE8E4137-3059-46B0-B241-2AA42A3D959E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_contact_center_express:12.0\\(1\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "30A8784D-B7A6-4F13-B89D-4ED910CC0576",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_contact_center_express:12.0\\(1\\)es01:*:*:*:*:*:*:*",
              "matchCriteriaId": "B368DEE7-7639-4D46-997B-2F2409712CAA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_contact_center_express:12.0\\(1\\)es02:*:*:*:*:*:*:*",
              "matchCriteriaId": "B721320B-C72C-4550-B585-9F43439FAB25",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_contact_center_express:12.0\\(1\\)es03:*:*:*:*:*:*:*",
              "matchCriteriaId": "A5F18549-A002-4106-9740-6B641E0ECF8E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_contact_center_express:12.0\\(1\\)es04:*:*:*:*:*:*:*",
              "matchCriteriaId": "CFF4AD59-6A04-4473-84E0-D99D24D99BC4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_contact_center_express:12.5\\(1\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "A9715BD0-F519-462E-ACF6-859B203638D5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_contact_center_express:12.5\\(1\\)_su01_es01:*:*:*:*:*:*:*",
              "matchCriteriaId": "CB2C8F59-78F2-4E3A-8261-F4EF214F691A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_contact_center_express:12.5\\(1\\)_su01_es02:*:*:*:*:*:*:*",
              "matchCriteriaId": "D3117461-56A5-4957-8BE0-83F44B66AE3E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_contact_center_express:12.5\\(1\\)_su01_es03:*:*:*:*:*:*:*",
              "matchCriteriaId": "4B279AE4-9CF7-49F1-A4C3-D8A6301EF136",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_contact_center_express:12.5\\(1\\)_su02_es01:*:*:*:*:*:*:*",
              "matchCriteriaId": "860ACAB6-5CB9-468C-90C4-B7C8E9559D2A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_contact_center_express:12.5\\(1\\)_su02_es02:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB2D8357-773D-492F-BC5B-F672C4D736A7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_contact_center_express:12.5\\(1\\)_su02_es03:*:*:*:*:*:*:*",
              "matchCriteriaId": "EE0B3B5E-2C4C-473C-B7FB-F62AAC19744C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_contact_center_express:12.5\\(1\\)_su02_es04:*:*:*:*:*:*:*",
              "matchCriteriaId": "51D7EEFA-D04C-4769-8C62-B8B5902F79ED",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_contact_center_express:12.5\\(1\\)_su03_es01:*:*:*:*:*:*:*",
              "matchCriteriaId": "E31A16D3-3B40-42EA-BAC3-05A13082CED2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_contact_center_express:12.5\\(1\\)_su03_es02:*:*:*:*:*:*:*",
              "matchCriteriaId": "21F08B08-23C1-4AD7-AD67-34D196C8470E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_contact_center_express:12.5\\(1\\)_su03_es03:*:*:*:*:*:*:*",
              "matchCriteriaId": "05AD3A80-2409-475E-87F5-430E51C53087",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_contact_center_express:12.5\\(1\\)_su03_es04:*:*:*:*:*:*:*",
              "matchCriteriaId": "49165652-275C-4AD9-9585-2F130989D404",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_contact_center_express:12.5\\(1\\)_su03_es05:*:*:*:*:*:*:*",
              "matchCriteriaId": "A4480EF1-226E-459E-B2F5-3985A219BBD5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_contact_center_express:12.5\\(1\\)_su03_es06:*:*:*:*:*:*:*",
              "matchCriteriaId": "2A408698-6123-4772-8D11-FE89EBB135D0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_contact_center_express:12.5\\(1\\)es01:*:*:*:*:*:*:*",
              "matchCriteriaId": "81728CDB-DD39-4DD9-BB82-6F2D8E3D1E2D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_contact_center_express:12.5\\(1\\)es02:*:*:*:*:*:*:*",
              "matchCriteriaId": "80F9AF5B-3670-4910-9AD8-C1FB90C7190B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_contact_center_express:12.5\\(1\\)es03:*:*:*:*:*:*:*",
              "matchCriteriaId": "78DAF852-5CA1-4D2B-948B-F0E9FB9DA973",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_contact_center_express:12.5\\(1\\)su1:*:*:*:*:*:*:*",
              "matchCriteriaId": "83EDDAAF-0746-4851-B7E5-60E4ED039D02",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_contact_center_express:12.5\\(1\\)su2:*:*:*:*:*:*:*",
              "matchCriteriaId": "0FBB3406-4AD0-41B1-AFC3-3FC6E7E01B10",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_contact_center_express:12.5\\(1\\)su3:*:*:*:*:*:*:*",
              "matchCriteriaId": "6BF183D9-CDF6-44D9-B529-F13666A3EE07",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in Cisco Unified Intelligence Center could allow an authenticated, remote attacker to elevate privileges to Administrator for a limited set of functions on an affected system.\r\n\r\nThis vulnerability is due to insufficient server-side validation of user-supplied parameters in API or HTTP requests. An attacker could exploit this vulnerability by submitting a crafted API or HTTP request to an affected system. A successful exploit could allow the attacker to access, modify, or delete data beyond the sphere of their intended access level, including obtaining potentially sensitive information stored in the system."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en Cisco Unified Intelligence Center podr\u00eda permitir que un atacante remoto autenticado eleve privilegios a Administrador para un conjunto limitado de funciones en un sistema afectado. Esta vulnerabilidad se debe a una validaci\u00f3n insuficiente del lado del servidor de los par\u00e1metros proporcionados por el usuario en las solicitudes API o HTTP. Un atacante podr\u00eda explotar esta vulnerabilidad enviando una solicitud API o HTTP manipulada a un sistema afectado. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante acceder, modificar o eliminar datos m\u00e1s all\u00e1 del \u00e1mbito de su nivel de acceso previsto, incluyendo la obtenci\u00f3n de informaci\u00f3n potencialmente confidencial almacenada en el sistema."
    }
  ],
  "id": "CVE-2025-20113",
  "lastModified": "2025-07-22T14:41:12.307",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 7.1,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "LOW",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 4.2,
        "source": "psirt@cisco.com",
        "type": "Primary"
      }
    ]
  },
  "published": "2025-05-21T17:15:55.620",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cuis-priv-esc-3Pk96SU4"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-602"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.