CVE-2025-20114 (GCVE-0-2025-20114)
Vulnerability from cvelistv5 – Published: 2025-05-21 16:19 – Updated: 2025-05-22 03:55
VLAI?
Summary
A vulnerability in the API of Cisco Unified Intelligence Center could allow an authenticated, remote attacker to perform a horizontal privilege escalation attack on an affected system.
This vulnerability is due to insufficient validation of user-supplied parameters in API requests. An attacker could exploit this vulnerability by submitting crafted API requests to an affected system to execute an insecure direct object reference attack. A successful exploit could allow the attacker to access specific data that is associated with different users on the affected system.
Severity ?
4.3 (Medium)
CWE
- CWE-639 - Authorization Bypass Through User-Controlled Key
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Cisco | Cisco Unified Contact Center Express |
Affected:
10.6(1)
Affected: 10.5(1)SU1 Affected: 10.6(1)SU3 Affected: 12.0(1) Affected: 10.0(1)SU1 Affected: 10.6(1)SU1 Affected: 11.0(1)SU1 Affected: 11.5(1)SU1 Affected: 10.5(1) Affected: 11.6(1) Affected: 11.6(2) Affected: 12.5(1) Affected: 12.5(1)SU1 Affected: 12.5(1)SU2 Affected: 12.5(1)SU3 Affected: 12.5(1)_SU03_ES01 Affected: 12.5(1)_SU03_ES02 Affected: 12.5(1)_SU02_ES03 Affected: 12.5(1)_SU02_ES04 Affected: 12.5(1)_SU02_ES02 Affected: 12.5(1)_SU01_ES02 Affected: 12.5(1)_SU01_ES03 Affected: 12.5(1)_SU02_ES01 Affected: 11.6(2)ES07 Affected: 11.6(2)ES08 Affected: 12.5(1)_SU01_ES01 Affected: 12.0(1)ES04 Affected: 12.5(1)ES02 Affected: 12.5(1)ES03 Affected: 11.6(2)ES06 Affected: 12.5(1)ES01 Affected: 12.0(1)ES03 Affected: 12.0(1)ES01 Affected: 11.6(2)ES05 Affected: 12.0(1)ES02 Affected: 11.6(2)ES04 Affected: 11.6(2)ES03 Affected: 11.6(2)ES02 Affected: 11.6(2)ES01 Affected: 10.6(1)SU3ES03 Affected: 11.0(1)SU1ES03 Affected: 10.6(1)SU3ES01 Affected: 10.5(1)SU1ES10 Affected: 10.0(1)SU1ES04 Affected: 11.5(1)SU1ES03 Affected: 11.6(1)ES02 Affected: 11.5(1)ES01 Affected: 9.0(2)SU3ES04 Affected: 10.6(1)SU2 Affected: 10.6(1)SU2ES04 Affected: 11.6(1)ES01 Affected: 10.6(1)SU3ES02 Affected: 11.5(1)SU1ES02 Affected: 11.5(1)SU1ES01 Affected: 8.5(1) Affected: 11.0(1)SU1ES02 Affected: 12.5(1)_SU03_ES03 Affected: 12.5(1)_SU03_ES04 Affected: 12.5(1)_SU03_ES05 Affected: 12.5(1)_SU03_ES06 |
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-20114",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-21T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-05-22T03:55:18.609Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Cisco Unified Contact Center Express",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "10.6(1)"
},
{
"status": "affected",
"version": "10.5(1)SU1"
},
{
"status": "affected",
"version": "10.6(1)SU3"
},
{
"status": "affected",
"version": "12.0(1)"
},
{
"status": "affected",
"version": "10.0(1)SU1"
},
{
"status": "affected",
"version": "10.6(1)SU1"
},
{
"status": "affected",
"version": "11.0(1)SU1"
},
{
"status": "affected",
"version": "11.5(1)SU1"
},
{
"status": "affected",
"version": "10.5(1)"
},
{
"status": "affected",
"version": "11.6(1)"
},
{
"status": "affected",
"version": "11.6(2)"
},
{
"status": "affected",
"version": "12.5(1)"
},
{
"status": "affected",
"version": "12.5(1)SU1"
},
{
"status": "affected",
"version": "12.5(1)SU2"
},
{
"status": "affected",
"version": "12.5(1)SU3"
},
{
"status": "affected",
"version": "12.5(1)_SU03_ES01"
},
{
"status": "affected",
"version": "12.5(1)_SU03_ES02"
},
{
"status": "affected",
"version": "12.5(1)_SU02_ES03"
},
{
"status": "affected",
"version": "12.5(1)_SU02_ES04"
},
{
"status": "affected",
"version": "12.5(1)_SU02_ES02"
},
{
"status": "affected",
"version": "12.5(1)_SU01_ES02"
},
{
"status": "affected",
"version": "12.5(1)_SU01_ES03"
},
{
"status": "affected",
"version": "12.5(1)_SU02_ES01"
},
{
"status": "affected",
"version": "11.6(2)ES07"
},
{
"status": "affected",
"version": "11.6(2)ES08"
},
{
"status": "affected",
"version": "12.5(1)_SU01_ES01"
},
{
"status": "affected",
"version": "12.0(1)ES04"
},
{
"status": "affected",
"version": "12.5(1)ES02"
},
{
"status": "affected",
"version": "12.5(1)ES03"
},
{
"status": "affected",
"version": "11.6(2)ES06"
},
{
"status": "affected",
"version": "12.5(1)ES01"
},
{
"status": "affected",
"version": "12.0(1)ES03"
},
{
"status": "affected",
"version": "12.0(1)ES01"
},
{
"status": "affected",
"version": "11.6(2)ES05"
},
{
"status": "affected",
"version": "12.0(1)ES02"
},
{
"status": "affected",
"version": "11.6(2)ES04"
},
{
"status": "affected",
"version": "11.6(2)ES03"
},
{
"status": "affected",
"version": "11.6(2)ES02"
},
{
"status": "affected",
"version": "11.6(2)ES01"
},
{
"status": "affected",
"version": "10.6(1)SU3ES03"
},
{
"status": "affected",
"version": "11.0(1)SU1ES03"
},
{
"status": "affected",
"version": "10.6(1)SU3ES01"
},
{
"status": "affected",
"version": "10.5(1)SU1ES10"
},
{
"status": "affected",
"version": "10.0(1)SU1ES04"
},
{
"status": "affected",
"version": "11.5(1)SU1ES03"
},
{
"status": "affected",
"version": "11.6(1)ES02"
},
{
"status": "affected",
"version": "11.5(1)ES01"
},
{
"status": "affected",
"version": "9.0(2)SU3ES04"
},
{
"status": "affected",
"version": "10.6(1)SU2"
},
{
"status": "affected",
"version": "10.6(1)SU2ES04"
},
{
"status": "affected",
"version": "11.6(1)ES01"
},
{
"status": "affected",
"version": "10.6(1)SU3ES02"
},
{
"status": "affected",
"version": "11.5(1)SU1ES02"
},
{
"status": "affected",
"version": "11.5(1)SU1ES01"
},
{
"status": "affected",
"version": "8.5(1)"
},
{
"status": "affected",
"version": "11.0(1)SU1ES02"
},
{
"status": "affected",
"version": "12.5(1)_SU03_ES03"
},
{
"status": "affected",
"version": "12.5(1)_SU03_ES04"
},
{
"status": "affected",
"version": "12.5(1)_SU03_ES05"
},
{
"status": "affected",
"version": "12.5(1)_SU03_ES06"
}
]
},
{
"defaultStatus": "unknown",
"product": "Cisco Unified Intelligence Center",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "11.6(1)"
},
{
"status": "affected",
"version": "10.5(1)"
},
{
"status": "affected",
"version": "11.0(1)"
},
{
"status": "affected",
"version": "11.5(1)"
},
{
"status": "affected",
"version": "12.0(1)"
},
{
"status": "affected",
"version": "12.5(1)"
},
{
"status": "affected",
"version": "11.0(2)"
},
{
"status": "affected",
"version": "12.6(1)"
},
{
"status": "affected",
"version": "12.5(1)SU"
},
{
"status": "affected",
"version": "12.6(1)_ET"
},
{
"status": "affected",
"version": "12.6(1)_ES05_ET"
},
{
"status": "affected",
"version": "11.0(3)"
},
{
"status": "affected",
"version": "12.6(2)"
},
{
"status": "affected",
"version": "12.6(2)_504_Issue_ET"
},
{
"status": "affected",
"version": "12.6.1_ExcelIssue_ET"
},
{
"status": "affected",
"version": "12.6(2)_Permalink_ET"
},
{
"status": "affected",
"version": "12.6.2_CSCwk19536_ET"
},
{
"status": "affected",
"version": "12.6.2_CSCwm96922_ET"
},
{
"status": "affected",
"version": "12.6.2_Amq_OOS_ET"
},
{
"status": "affected",
"version": "12.5(2)ET_CSCwi79933"
},
{
"status": "affected",
"version": "12.6(2)_ET"
},
{
"status": "affected",
"version": "12.6.2_CSCwn48501_ET"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the API of Cisco Unified Intelligence Center could allow an authenticated, remote attacker to perform a horizontal privilege escalation attack on an affected system.\r\n\r\nThis vulnerability is due to insufficient validation of user-supplied parameters in API requests. An attacker could exploit this vulnerability by submitting crafted API requests to an affected system to execute an insecure direct object reference attack. A successful exploit could allow the attacker to access specific data that is associated with different users on the affected system."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-639",
"description": "Authorization Bypass Through User-Controlled Key",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-21T16:19:33.618Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-cuis-priv-esc-3Pk96SU4",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cuis-priv-esc-3Pk96SU4"
}
],
"source": {
"advisory": "cisco-sa-cuis-priv-esc-3Pk96SU4",
"defects": [
"CSCwk34894"
],
"discovery": "EXTERNAL"
},
"title": "Cisco Unified Intelligence Center Insecure Direct Object Reference Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2025-20114",
"datePublished": "2025-05-21T16:19:33.618Z",
"dateReserved": "2024-10-10T19:15:13.210Z",
"dateUpdated": "2025-05-22T03:55:18.609Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2025-20114\",\"sourceIdentifier\":\"psirt@cisco.com\",\"published\":\"2025-05-21T17:15:55.810\",\"lastModified\":\"2025-07-22T14:41:40.413\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A vulnerability in the API of Cisco Unified Intelligence Center could allow an authenticated, remote attacker to perform a horizontal privilege escalation attack on an affected system.\\r\\n\\r\\nThis vulnerability is due to insufficient validation of user-supplied parameters in API requests. An attacker could exploit this vulnerability by submitting crafted API requests to an affected system to execute an insecure direct object reference attack. A successful exploit could allow the attacker to access specific data that is associated with different users on the affected system.\"},{\"lang\":\"es\",\"value\":\"Una vulnerabilidad en la API de Cisco Unified Intelligence Center podr\u00eda permitir que un atacante remoto autenticado realice un ataque de escalada horizontal de privilegios en un sistema afectado. Esta vulnerabilidad se debe a una validaci\u00f3n insuficiente de los par\u00e1metros proporcionados por el usuario en las solicitudes de API. Un atacante podr\u00eda explotar esta vulnerabilidad enviando solicitudes de API manipuladas a un sistema afectado para ejecutar un ataque de referencia directa a objetos inseguro. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante acceder a datos espec\u00edficos asociados a diferentes usuarios del sistema afectado.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"psirt@cisco.com\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N\",\"baseScore\":4.3,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":2.8,\"impactScore\":1.4}]},\"weaknesses\":[{\"source\":\"psirt@cisco.com\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-639\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:unified_intelligence_center:10.5\\\\(1\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5601C191-19B9-4CC3-94E0-AB144A6BD02C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:unified_intelligence_center:11.0\\\\(1\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D92445EF-1107-456D-8F03-44BA2A385383\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:unified_intelligence_center:11.0\\\\(2\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2F4F7BC5-E393-4C85-93ED-8F8DBD81A383\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:unified_intelligence_center:11.0\\\\(3\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BD658DE5-84D2-4527-AF25-09F31572C184\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:unified_intelligence_center:11.5\\\\(1\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"060AFE51-F470-4B14-8D74-8B721129A37E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:unified_intelligence_center:11.6\\\\(1\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7B59061B-ED98-47C6-A8CF-41CA11500AF2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:unified_intelligence_center:12.0\\\\(1\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DF881F48-7268-4A06-A72B-FEE1BD58A193\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:unified_intelligence_center:12.5\\\\(1\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"84C52246-9E02-434A-8E41-76B21DB3F25C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:unified_intelligence_center:12.5\\\\(1\\\\)su:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"42B2688A-4E07-4EA0-8304-E168FB672202\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:unified_intelligence_center:12.6\\\\(1\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0EAE9043-E488-4FBE-8A60-377F71D5D126\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:unified_intelligence_center:12.6\\\\(1\\\\)_es05_et:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"45676746-8B75-4095-A4FF-9AC34CF0E72F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:unified_intelligence_center:12.6\\\\(1\\\\)_et:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D94589CB-61F9-474F-800A-5387FB4AEF9C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:unified_intelligence_center:12.6\\\\(2\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0A136173-603C-427A-AC03-76CBB6757C92\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:unified_contact_center_express:8.5\\\\(1\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"ED97AAD8-D02D-42AB-863A-7538A1F6D425\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:unified_contact_center_express:9.0\\\\(2\\\\)su3es04:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E1202DE4-CA67-424E-8379-2BC13630F0C7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:unified_contact_center_express:10.0\\\\(1\\\\)su1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"31854EAF-89B5-40BB-98E7-7EBB2E867C96\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:unified_contact_center_express:10.0\\\\(1\\\\)su1es04:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DE1194F1-9CF5-460E-AF26-FB7CDC1EE878\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:unified_contact_center_express:10.5\\\\(1\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1C277058-F33F-4E60-AE89-658CB6558D9A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:unified_contact_center_express:10.5\\\\(1\\\\)su1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1E255206-BDDB-4F0F-9ED7-3A3ACA74EF83\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:unified_contact_center_express:10.5\\\\(1\\\\)su1es10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CE358FF2-CB8A-4E0D-926E-ED151B585E52\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:unified_contact_center_express:10.6\\\\(1\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D6F83A65-F3AC-4F6B-97A3-9FC582683BCB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:unified_contact_center_express:10.6\\\\(1\\\\)su1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A766B903-E6DB-4838-90A7-63918C9F8AD9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:unified_contact_center_express:10.6\\\\(1\\\\)su2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2F1F0C70-E644-4DCA-93C2-6BCB331D08E6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:unified_contact_center_express:10.6\\\\(1\\\\)su2es04:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DF54B434-E765-40B1-B12A-21FC7F415ACE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:unified_contact_center_express:10.6\\\\(1\\\\)su3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"60839544-11E0-4381-A9AA-21D6FB403F88\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:unified_contact_center_express:10.6\\\\(1\\\\)su3es01:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7D8114CF-6689-4C97-BD5D-07CC8EEF35A2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:unified_contact_center_express:10.6\\\\(1\\\\)su3es02:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1D90986B-64ED-44A1-9CF1-7C9FD27555FF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:unified_contact_center_express:10.6\\\\(1\\\\)su3es03:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"442E4715-5043-4BF7-8961-C8844A00A7B5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:unified_contact_center_express:11.0\\\\(1\\\\)su1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0242DD9A-A5BB-4DE7-9218-7AE0FE2A65AD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:unified_contact_center_express:11.0\\\\(1\\\\)su1es02:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A5002FAA-FE64-4AA7-B0D7-22084CCE0CE4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:unified_contact_center_express:11.0\\\\(1\\\\)su1es03:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6C17A2AB-33B3-4089-A701-A29A4E55D667\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:unified_contact_center_express:11.5\\\\(1\\\\)es01:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DC6FFA8B-248F-42C7-8A06-3F7E158386EE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:unified_contact_center_express:11.5\\\\(1\\\\)su1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"26A35E9A-FFFB-49AF-BA70-67F3EA54B9ED\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:unified_contact_center_express:11.5\\\\(1\\\\)su1es01:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3F529FE5-1DE8-43A5-88EE-0980D3A55BCF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:unified_contact_center_express:11.5\\\\(1\\\\)su1es02:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"766350AF-1B2F-4DC0-9DA3-E17B45892163\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:unified_contact_center_express:11.5\\\\(1\\\\)su1es03:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"702E48CC-3858-491C-A328-5D9ADDDC8DC0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:unified_contact_center_express:11.6\\\\(1\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"20CF8B80-28C0-407B-BA60-1B07694A3DFA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:unified_contact_center_express:11.6\\\\(1\\\\)es01:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"59A30F7B-9756-40BD-89C1-60E2702CC806\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:unified_contact_center_express:11.6\\\\(1\\\\)es02:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"29A15BB5-0725-4159-B387-74CFBF58F349\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:unified_contact_center_express:11.6\\\\(2\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"82F5416D-0DF3-48BB-8A23-DBC2B0746195\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:unified_contact_center_express:11.6\\\\(2\\\\)es01:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"908E3B03-7248-44B4-B0DE-E3B3F7FA9555\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:unified_contact_center_express:11.6\\\\(2\\\\)es02:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1705F343-BF9D-4EBC-B833-64F03EDD7C27\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:unified_contact_center_express:11.6\\\\(2\\\\)es03:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"686F6450-99FC-4260-B9CE-B7F313464EFB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:unified_contact_center_express:11.6\\\\(2\\\\)es04:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"93851C02-3E0A-41F1-82BB-24546A83E272\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:unified_contact_center_express:11.6\\\\(2\\\\)es05:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"10E25C7A-42B4-40CE-A13B-0252C05FCFD5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:unified_contact_center_express:11.6\\\\(2\\\\)es06:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4D0128C7-3FB4-42EE-B4D8-68EAAC4727A9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:unified_contact_center_express:11.6\\\\(2\\\\)es07:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2A92970B-53FD-4ED6-95BC-FDC7BB6780CB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:unified_contact_center_express:11.6\\\\(2\\\\)es08:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FE8E4137-3059-46B0-B241-2AA42A3D959E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:unified_contact_center_express:12.0\\\\(1\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"30A8784D-B7A6-4F13-B89D-4ED910CC0576\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:unified_contact_center_express:12.0\\\\(1\\\\)es01:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B368DEE7-7639-4D46-997B-2F2409712CAA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:unified_contact_center_express:12.0\\\\(1\\\\)es02:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B721320B-C72C-4550-B585-9F43439FAB25\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:unified_contact_center_express:12.0\\\\(1\\\\)es03:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A5F18549-A002-4106-9740-6B641E0ECF8E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:unified_contact_center_express:12.0\\\\(1\\\\)es04:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CFF4AD59-6A04-4473-84E0-D99D24D99BC4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:unified_contact_center_express:12.5\\\\(1\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A9715BD0-F519-462E-ACF6-859B203638D5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:unified_contact_center_express:12.5\\\\(1\\\\)_su01_es01:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CB2C8F59-78F2-4E3A-8261-F4EF214F691A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:unified_contact_center_express:12.5\\\\(1\\\\)_su01_es02:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D3117461-56A5-4957-8BE0-83F44B66AE3E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:unified_contact_center_express:12.5\\\\(1\\\\)_su01_es03:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4B279AE4-9CF7-49F1-A4C3-D8A6301EF136\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:unified_contact_center_express:12.5\\\\(1\\\\)_su02_es01:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"860ACAB6-5CB9-468C-90C4-B7C8E9559D2A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:unified_contact_center_express:12.5\\\\(1\\\\)_su02_es02:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FB2D8357-773D-492F-BC5B-F672C4D736A7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:unified_contact_center_express:12.5\\\\(1\\\\)_su02_es03:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EE0B3B5E-2C4C-473C-B7FB-F62AAC19744C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:unified_contact_center_express:12.5\\\\(1\\\\)_su02_es04:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"51D7EEFA-D04C-4769-8C62-B8B5902F79ED\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:unified_contact_center_express:12.5\\\\(1\\\\)_su03_es01:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E31A16D3-3B40-42EA-BAC3-05A13082CED2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:unified_contact_center_express:12.5\\\\(1\\\\)_su03_es02:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"21F08B08-23C1-4AD7-AD67-34D196C8470E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:unified_contact_center_express:12.5\\\\(1\\\\)_su03_es03:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"05AD3A80-2409-475E-87F5-430E51C53087\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:unified_contact_center_express:12.5\\\\(1\\\\)_su03_es04:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"49165652-275C-4AD9-9585-2F130989D404\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:unified_contact_center_express:12.5\\\\(1\\\\)_su03_es05:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A4480EF1-226E-459E-B2F5-3985A219BBD5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:unified_contact_center_express:12.5\\\\(1\\\\)_su03_es06:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2A408698-6123-4772-8D11-FE89EBB135D0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:unified_contact_center_express:12.5\\\\(1\\\\)es01:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"81728CDB-DD39-4DD9-BB82-6F2D8E3D1E2D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:unified_contact_center_express:12.5\\\\(1\\\\)es02:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"80F9AF5B-3670-4910-9AD8-C1FB90C7190B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:unified_contact_center_express:12.5\\\\(1\\\\)es03:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"78DAF852-5CA1-4D2B-948B-F0E9FB9DA973\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:unified_contact_center_express:12.5\\\\(1\\\\)su1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"83EDDAAF-0746-4851-B7E5-60E4ED039D02\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:unified_contact_center_express:12.5\\\\(1\\\\)su2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0FBB3406-4AD0-41B1-AFC3-3FC6E7E01B10\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:unified_contact_center_express:12.5\\\\(1\\\\)su3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6BF183D9-CDF6-44D9-B529-F13666A3EE07\"}]}]}],\"references\":[{\"url\":\"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cuis-priv-esc-3Pk96SU4\",\"source\":\"psirt@cisco.com\",\"tags\":[\"Vendor Advisory\"]}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2025-20114\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-05-21T19:27:17.464312Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-05-21T19:27:20.462Z\"}}], \"cna\": {\"title\": \"Cisco Unified Intelligence Center Insecure Direct Object Reference Vulnerability\", \"source\": {\"defects\": [\"CSCwk34894\"], \"advisory\": \"cisco-sa-cuis-priv-esc-3Pk96SU4\", \"discovery\": \"EXTERNAL\"}, \"metrics\": [{\"format\": \"cvssV3_1\", \"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 4.3, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"NONE\", \"privilegesRequired\": \"LOW\", \"confidentialityImpact\": \"LOW\"}}], \"affected\": [{\"vendor\": \"Cisco\", \"product\": \"Cisco Unified Contact Center Express\", \"versions\": [{\"status\": \"affected\", \"version\": \"10.6(1)\"}, {\"status\": \"affected\", \"version\": \"10.5(1)SU1\"}, {\"status\": \"affected\", \"version\": \"10.6(1)SU3\"}, {\"status\": \"affected\", \"version\": \"12.0(1)\"}, {\"status\": \"affected\", \"version\": \"10.0(1)SU1\"}, {\"status\": \"affected\", \"version\": \"10.6(1)SU1\"}, {\"status\": \"affected\", \"version\": \"11.0(1)SU1\"}, {\"status\": \"affected\", \"version\": \"11.5(1)SU1\"}, {\"status\": \"affected\", \"version\": \"10.5(1)\"}, {\"status\": \"affected\", \"version\": \"11.6(1)\"}, {\"status\": \"affected\", \"version\": \"11.6(2)\"}, {\"status\": \"affected\", \"version\": \"12.5(1)\"}, {\"status\": \"affected\", \"version\": \"12.5(1)SU1\"}, {\"status\": \"affected\", \"version\": \"12.5(1)SU2\"}, {\"status\": \"affected\", \"version\": \"12.5(1)SU3\"}, {\"status\": \"affected\", \"version\": \"12.5(1)_SU03_ES01\"}, {\"status\": \"affected\", \"version\": \"12.5(1)_SU03_ES02\"}, {\"status\": \"affected\", \"version\": \"12.5(1)_SU02_ES03\"}, {\"status\": \"affected\", \"version\": \"12.5(1)_SU02_ES04\"}, {\"status\": \"affected\", \"version\": \"12.5(1)_SU02_ES02\"}, {\"status\": \"affected\", \"version\": \"12.5(1)_SU01_ES02\"}, {\"status\": \"affected\", \"version\": \"12.5(1)_SU01_ES03\"}, {\"status\": \"affected\", \"version\": \"12.5(1)_SU02_ES01\"}, {\"status\": \"affected\", \"version\": \"11.6(2)ES07\"}, {\"status\": \"affected\", \"version\": \"11.6(2)ES08\"}, {\"status\": \"affected\", \"version\": \"12.5(1)_SU01_ES01\"}, {\"status\": \"affected\", \"version\": \"12.0(1)ES04\"}, {\"status\": \"affected\", \"version\": \"12.5(1)ES02\"}, {\"status\": \"affected\", \"version\": \"12.5(1)ES03\"}, {\"status\": \"affected\", \"version\": \"11.6(2)ES06\"}, {\"status\": \"affected\", \"version\": \"12.5(1)ES01\"}, {\"status\": \"affected\", \"version\": \"12.0(1)ES03\"}, {\"status\": \"affected\", \"version\": \"12.0(1)ES01\"}, {\"status\": \"affected\", \"version\": \"11.6(2)ES05\"}, {\"status\": \"affected\", \"version\": \"12.0(1)ES02\"}, {\"status\": \"affected\", \"version\": \"11.6(2)ES04\"}, {\"status\": \"affected\", \"version\": \"11.6(2)ES03\"}, {\"status\": \"affected\", \"version\": \"11.6(2)ES02\"}, {\"status\": \"affected\", \"version\": \"11.6(2)ES01\"}, {\"status\": \"affected\", \"version\": \"10.6(1)SU3ES03\"}, {\"status\": \"affected\", \"version\": \"11.0(1)SU1ES03\"}, {\"status\": \"affected\", \"version\": \"10.6(1)SU3ES01\"}, {\"status\": \"affected\", \"version\": \"10.5(1)SU1ES10\"}, {\"status\": \"affected\", \"version\": \"10.0(1)SU1ES04\"}, {\"status\": \"affected\", \"version\": \"11.5(1)SU1ES03\"}, {\"status\": \"affected\", \"version\": \"11.6(1)ES02\"}, {\"status\": \"affected\", \"version\": \"11.5(1)ES01\"}, {\"status\": \"affected\", \"version\": \"9.0(2)SU3ES04\"}, {\"status\": \"affected\", \"version\": \"10.6(1)SU2\"}, {\"status\": \"affected\", \"version\": \"10.6(1)SU2ES04\"}, {\"status\": \"affected\", \"version\": \"11.6(1)ES01\"}, {\"status\": \"affected\", \"version\": \"10.6(1)SU3ES02\"}, {\"status\": \"affected\", \"version\": \"11.5(1)SU1ES02\"}, {\"status\": \"affected\", \"version\": \"11.5(1)SU1ES01\"}, {\"status\": \"affected\", \"version\": \"8.5(1)\"}, {\"status\": \"affected\", \"version\": \"11.0(1)SU1ES02\"}, {\"status\": \"affected\", \"version\": \"12.5(1)_SU03_ES03\"}, {\"status\": \"affected\", \"version\": \"12.5(1)_SU03_ES04\"}, {\"status\": \"affected\", \"version\": \"12.5(1)_SU03_ES05\"}, {\"status\": \"affected\", \"version\": \"12.5(1)_SU03_ES06\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"Cisco\", \"product\": \"Cisco Unified Intelligence Center\", \"versions\": [{\"status\": \"affected\", \"version\": \"11.6(1)\"}, {\"status\": \"affected\", \"version\": \"10.5(1)\"}, {\"status\": \"affected\", \"version\": \"11.0(1)\"}, {\"status\": \"affected\", \"version\": \"11.5(1)\"}, {\"status\": \"affected\", \"version\": \"12.0(1)\"}, {\"status\": \"affected\", \"version\": \"12.5(1)\"}, {\"status\": \"affected\", \"version\": \"11.0(2)\"}, {\"status\": \"affected\", \"version\": \"12.6(1)\"}, {\"status\": \"affected\", \"version\": \"12.5(1)SU\"}, {\"status\": \"affected\", \"version\": \"12.6(1)_ET\"}, {\"status\": \"affected\", \"version\": \"12.6(1)_ES05_ET\"}, {\"status\": \"affected\", \"version\": \"11.0(3)\"}, {\"status\": \"affected\", \"version\": \"12.6(2)\"}, {\"status\": \"affected\", \"version\": \"12.6(2)_504_Issue_ET\"}, {\"status\": \"affected\", \"version\": \"12.6.1_ExcelIssue_ET\"}, {\"status\": \"affected\", \"version\": \"12.6(2)_Permalink_ET\"}, {\"status\": \"affected\", \"version\": \"12.6.2_CSCwk19536_ET\"}, {\"status\": \"affected\", \"version\": \"12.6.2_CSCwm96922_ET\"}, {\"status\": \"affected\", \"version\": \"12.6.2_Amq_OOS_ET\"}, {\"status\": \"affected\", \"version\": \"12.5(2)ET_CSCwi79933\"}, {\"status\": \"affected\", \"version\": \"12.6(2)_ET\"}, {\"status\": \"affected\", \"version\": \"12.6.2_CSCwn48501_ET\"}], \"defaultStatus\": \"unknown\"}], \"exploits\": [{\"lang\": \"en\", \"value\": \"The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory.\"}], \"references\": [{\"url\": \"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cuis-priv-esc-3Pk96SU4\", \"name\": \"cisco-sa-cuis-priv-esc-3Pk96SU4\"}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"A vulnerability in the API of Cisco Unified Intelligence Center could allow an authenticated, remote attacker to perform a horizontal privilege escalation attack on an affected system.\\r\\n\\r\\nThis vulnerability is due to insufficient validation of user-supplied parameters in API requests. An attacker could exploit this vulnerability by submitting crafted API requests to an affected system to execute an insecure direct object reference attack. A successful exploit could allow the attacker to access specific data that is associated with different users on the affected system.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"cwe\", \"cweId\": \"CWE-639\", \"description\": \"Authorization Bypass Through User-Controlled Key\"}]}], \"providerMetadata\": {\"orgId\": \"d1c1063e-7a18-46af-9102-31f8928bc633\", \"shortName\": \"cisco\", \"dateUpdated\": \"2025-05-21T16:19:33.618Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2025-20114\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-05-22T03:55:18.609Z\", \"dateReserved\": \"2024-10-10T19:15:13.210Z\", \"assignerOrgId\": \"d1c1063e-7a18-46af-9102-31f8928bc633\", \"datePublished\": \"2025-05-21T16:19:33.618Z\", \"assignerShortName\": \"cisco\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…