CVE-2025-20113

HIGH7.1

Description

A vulnerability in Cisco Unified Intelligence Center could allow an authenticated, remote attacker to elevate privileges to Administrator for a limited set of functions on an affected system. This vulnerability is due to insufficient server-side validation of user-supplied parameters in API or HTTP requests. An attacker could exploit this vulnerability by submitting a crafted API or HTTP request to an affected system. A successful exploit could allow the attacker to access, modify, or delete data beyond the sphere of their intended access level, including obtaining potentially sensitive information stored in the system.

CVSS breakdown

CVSS 3.1

Attack Vector

Network

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

Low

Availability

None

Affected products

Cisco / Cisco Unified Contact Center Express10.6(1) – 10.6(1)
Cisco / Cisco Unified Contact Center Express10.5(1)SU1 – 10.5(1)SU1
Cisco / Cisco Unified Contact Center Express10.6(1)SU3 – 10.6(1)SU3
Cisco / Cisco Unified Contact Center Express12.0(1) – 12.0(1)
Cisco / Cisco Unified Contact Center Express10.0(1)SU1 – 10.0(1)SU1
Cisco / Cisco Unified Contact Center Express10.6(1)SU1 – 10.6(1)SU1
Cisco / Cisco Unified Contact Center Express11.0(1)SU1 – 11.0(1)SU1
Cisco / Cisco Unified Contact Center Express11.5(1)SU1 – 11.5(1)SU1
Cisco / Cisco Unified Contact Center Express10.5(1) – 10.5(1)
Cisco / Cisco Unified Contact Center Express11.6(1) – 11.6(1)
Cisco / Cisco Unified Contact Center Express11.6(2) – 11.6(2)
Cisco / Cisco Unified Contact Center Express12.5(1) – 12.5(1)
Cisco / Cisco Unified Contact Center Express12.5(1)SU1 – 12.5(1)SU1
Cisco / Cisco Unified Contact Center Express12.5(1)SU2 – 12.5(1)SU2
Cisco / Cisco Unified Contact Center Express12.5(1)SU3 – 12.5(1)SU3
Cisco / Cisco Unified Contact Center Express12.5(1)_SU03_ES01 – 12.5(1)_SU03_ES01
Cisco / Cisco Unified Contact Center Express12.5(1)_SU03_ES02 – 12.5(1)_SU03_ES02
Cisco / Cisco Unified Contact Center Express12.5(1)_SU02_ES03 – 12.5(1)_SU02_ES03
Cisco / Cisco Unified Contact Center Express12.5(1)_SU02_ES04 – 12.5(1)_SU02_ES04
Cisco / Cisco Unified Contact Center Express12.5(1)_SU02_ES02 – 12.5(1)_SU02_ES02
Cisco / Cisco Unified Contact Center Express12.5(1)_SU01_ES02 – 12.5(1)_SU01_ES02
Cisco / Cisco Unified Contact Center Express12.5(1)_SU01_ES03 – 12.5(1)_SU01_ES03
Cisco / Cisco Unified Contact Center Express12.5(1)_SU02_ES01 – 12.5(1)_SU02_ES01
Cisco / Cisco Unified Contact Center Express11.6(2)ES07 – 11.6(2)ES07
Cisco / Cisco Unified Contact Center Express11.6(2)ES08 – 11.6(2)ES08
Cisco / Cisco Unified Contact Center Express12.5(1)_SU01_ES01 – 12.5(1)_SU01_ES01
Cisco / Cisco Unified Contact Center Express12.0(1)ES04 – 12.0(1)ES04
Cisco / Cisco Unified Contact Center Express12.5(1)ES02 – 12.5(1)ES02
Cisco / Cisco Unified Contact Center Express12.5(1)ES03 – 12.5(1)ES03
Cisco / Cisco Unified Contact Center Express11.6(2)ES06 – 11.6(2)ES06
Cisco / Cisco Unified Contact Center Express12.5(1)ES01 – 12.5(1)ES01
Cisco / Cisco Unified Contact Center Express12.0(1)ES03 – 12.0(1)ES03
Cisco / Cisco Unified Contact Center Express12.0(1)ES01 – 12.0(1)ES01
Cisco / Cisco Unified Contact Center Express11.6(2)ES05 – 11.6(2)ES05
Cisco / Cisco Unified Contact Center Express12.0(1)ES02 – 12.0(1)ES02
Cisco / Cisco Unified Contact Center Express11.6(2)ES04 – 11.6(2)ES04
Cisco / Cisco Unified Contact Center Express11.6(2)ES03 – 11.6(2)ES03
Cisco / Cisco Unified Contact Center Express11.6(2)ES02 – 11.6(2)ES02
Cisco / Cisco Unified Contact Center Express11.6(2)ES01 – 11.6(2)ES01
Cisco / Cisco Unified Contact Center Express10.6(1)SU3ES03 – 10.6(1)SU3ES03
Cisco / Cisco Unified Contact Center Express11.0(1)SU1ES03 – 11.0(1)SU1ES03
Cisco / Cisco Unified Contact Center Express10.6(1)SU3ES01 – 10.6(1)SU3ES01
Cisco / Cisco Unified Contact Center Express10.5(1)SU1ES10 – 10.5(1)SU1ES10
Cisco / Cisco Unified Contact Center Express10.0(1)SU1ES04 – 10.0(1)SU1ES04
Cisco / Cisco Unified Contact Center Express11.5(1)SU1ES03 – 11.5(1)SU1ES03
Cisco / Cisco Unified Contact Center Express11.6(1)ES02 – 11.6(1)ES02
Cisco / Cisco Unified Contact Center Express11.5(1)ES01 – 11.5(1)ES01
Cisco / Cisco Unified Contact Center Express9.0(2)SU3ES04 – 9.0(2)SU3ES04
Cisco / Cisco Unified Contact Center Express10.6(1)SU2 – 10.6(1)SU2
Cisco / Cisco Unified Contact Center Express10.6(1)SU2ES04 – 10.6(1)SU2ES04
Cisco / Cisco Unified Contact Center Express11.6(1)ES01 – 11.6(1)ES01
Cisco / Cisco Unified Contact Center Express10.6(1)SU3ES02 – 10.6(1)SU3ES02
Cisco / Cisco Unified Contact Center Express11.5(1)SU1ES02 – 11.5(1)SU1ES02
Cisco / Cisco Unified Contact Center Express11.5(1)SU1ES01 – 11.5(1)SU1ES01
Cisco / Cisco Unified Contact Center Express8.5(1) – 8.5(1)
Cisco / Cisco Unified Contact Center Express11.0(1)SU1ES02 – 11.0(1)SU1ES02
Cisco / Cisco Unified Contact Center Express12.5(1)_SU03_ES03 – 12.5(1)_SU03_ES03
Cisco / Cisco Unified Contact Center Express12.5(1)_SU03_ES04 – 12.5(1)_SU03_ES04
Cisco / Cisco Unified Contact Center Express12.5(1)_SU03_ES05 – 12.5(1)_SU03_ES05
Cisco / Cisco Unified Contact Center Express12.5(1)_SU03_ES06 – 12.5(1)_SU03_ES06
Cisco / Cisco Unified Intelligence Center11.6(1) – 11.6(1)
Cisco / Cisco Unified Intelligence Center10.5(1) – 10.5(1)
Cisco / Cisco Unified Intelligence Center11.0(1) – 11.0(1)
Cisco / Cisco Unified Intelligence Center11.5(1) – 11.5(1)
Cisco / Cisco Unified Intelligence Center12.0(1) – 12.0(1)
Cisco / Cisco Unified Intelligence Center12.5(1) – 12.5(1)
Cisco / Cisco Unified Intelligence Center11.0(2) – 11.0(2)
Cisco / Cisco Unified Intelligence Center12.6(1) – 12.6(1)
Cisco / Cisco Unified Intelligence Center12.5(1)SU – 12.5(1)SU
Cisco / Cisco Unified Intelligence Center12.6(1)_ET – 12.6(1)_ET
Cisco / Cisco Unified Intelligence Center12.6(1)_ES05_ET – 12.6(1)_ES05_ET
Cisco / Cisco Unified Intelligence Center11.0(3) – 11.0(3)
Cisco / Cisco Unified Intelligence Center12.6(2) – 12.6(2)
Cisco / Cisco Unified Intelligence Center12.6(2)_504_Issue_ET – 12.6(2)_504_Issue_ET
Cisco / Cisco Unified Intelligence Center12.6.1_ExcelIssue_ET – 12.6.1_ExcelIssue_ET
Cisco / Cisco Unified Intelligence Center12.6(2)_Permalink_ET – 12.6(2)_Permalink_ET
Cisco / Cisco Unified Intelligence Center12.6.2_CSCwk19536_ET – 12.6.2_CSCwk19536_ET
Cisco / Cisco Unified Intelligence Center12.6.2_CSCwm96922_ET – 12.6.2_CSCwm96922_ET
Cisco / Cisco Unified Intelligence Center12.5(2)ET_CSCwi79933 – 12.5(2)ET_CSCwi79933
Cisco / Cisco Unified Intelligence Center12.6.2_CSCwn48501_ET – 12.6.2_CSCwn48501_ET

References

VENDOR_ADVISORYhttps://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cuis-priv-esc-3Pk96SU4