FKIE_CVE-2025-20129

Vulnerability from fkie_nvd - Published: 2025-06-04 17:15 - Updated: 2025-08-01 15:08
Severity ?
4.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
5.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
Summary
A vulnerability in the web-based chat interface of Cisco Customer Collaboration Platform (CCP), formerly Cisco SocialMiner, could allow an unauthenticated, remote attacker to persuade users to disclose sensitive data. This vulnerability is due to improper sanitization of HTTP requests that are sent to the web-based chat interface. An attacker could exploit this vulnerability by sending crafted HTTP requests to the chat interface of a targeted user on a vulnerable server. A successful exploit could allow the attacker to redirect chat traffic to a server that is under their control, resulting in sensitive information being redirected to the attacker.
References
psirt@cisco.comhttps://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ccp-info-disc-ZyGerQpdVendor Advisory
Impacted products
Vendor Product Version
cisco socialminer 10.5\(1\)
cisco socialminer 10.6\(1\)
cisco socialminer 10.6\(2\)
cisco socialminer 11.0\(1\)
cisco socialminer 11.5\(1\)
cisco socialminer 11.5\(1\)su1
cisco socialminer 11.6\(1\)
cisco socialminer 11.6\(2\)
cisco socialminer 12.0\(1\)
cisco socialminer 12.0\(1\)es02
cisco socialminer 12.0\(1\)es03
cisco socialminer 12.0\(1\)es04
cisco socialminer 12.5\(1\)
cisco socialminer 12.5\(1\)es01
cisco socialminer 12.5\(1\)su1
cisco socialminer 12.5\(1\)su2
cisco socialminer 12.5\(1\)su3
cisco unified_contact_center_express 8.5\(1\)
cisco unified_contact_center_express 9.0\(2\)su3es04
cisco unified_contact_center_express 10.0\(1\)su1
cisco unified_contact_center_express 10.0\(1\)su1es04
cisco unified_contact_center_express 10.5\(1\)
cisco unified_contact_center_express 10.5\(1\)su1
cisco unified_contact_center_express 10.5\(1\)su1es10
cisco unified_contact_center_express 10.6\(1\)
cisco unified_contact_center_express 10.6\(1\)su1
cisco unified_contact_center_express 10.6\(1\)su2
cisco unified_contact_center_express 10.6\(1\)su2es04
cisco unified_contact_center_express 10.6\(1\)su3
cisco unified_contact_center_express 10.6\(1\)su3es01
cisco unified_contact_center_express 10.6\(1\)su3es02
cisco unified_contact_center_express 10.6\(1\)su3es03
cisco unified_contact_center_express 11.0\(1\)su1
cisco unified_contact_center_express 11.0\(1\)su1es02
cisco unified_contact_center_express 11.0\(1\)su1es03
cisco unified_contact_center_express 11.5\(1\)es01
cisco unified_contact_center_express 11.5\(1\)su1
cisco unified_contact_center_express 11.5\(1\)su1es01
cisco unified_contact_center_express 11.5\(1\)su1es02
cisco unified_contact_center_express 11.5\(1\)su1es03
cisco unified_contact_center_express 11.6\(1\)
cisco unified_contact_center_express 11.6\(1\)es01
cisco unified_contact_center_express 11.6\(1\)es02
cisco unified_contact_center_express 11.6\(2\)
cisco unified_contact_center_express 11.6\(2\)es01
cisco unified_contact_center_express 11.6\(2\)es02
cisco unified_contact_center_express 11.6\(2\)es03
cisco unified_contact_center_express 11.6\(2\)es04
cisco unified_contact_center_express 11.6\(2\)es05
cisco unified_contact_center_express 11.6\(2\)es06
cisco unified_contact_center_express 11.6\(2\)es07
cisco unified_contact_center_express 11.6\(2\)es08
cisco unified_contact_center_express 12.0\(1\)
cisco unified_contact_center_express 12.0\(1\)es01
cisco unified_contact_center_express 12.0\(1\)es02
cisco unified_contact_center_express 12.0\(1\)es03
cisco unified_contact_center_express 12.0\(1\)es04
cisco unified_contact_center_express 12.5\(1\)
cisco unified_contact_center_express 12.5\(1\)_su01_es01
cisco unified_contact_center_express 12.5\(1\)_su01_es02
cisco unified_contact_center_express 12.5\(1\)_su01_es03
cisco unified_contact_center_express 12.5\(1\)_su02_es01
cisco unified_contact_center_express 12.5\(1\)_su02_es02
cisco unified_contact_center_express 12.5\(1\)_su02_es03
cisco unified_contact_center_express 12.5\(1\)_su02_es04
cisco unified_contact_center_express 12.5\(1\)_su03_es01
cisco unified_contact_center_express 12.5\(1\)_su03_es02
cisco unified_contact_center_express 12.5\(1\)_su03_es03
cisco unified_contact_center_express 12.5\(1\)_su03_es04
cisco unified_contact_center_express 12.5\(1\)_su03_es05
cisco unified_contact_center_express 12.5\(1\)_su03_es06
cisco unified_contact_center_express 12.5\(1\)es01
cisco unified_contact_center_express 12.5\(1\)es02
cisco unified_contact_center_express 12.5\(1\)es03
cisco unified_contact_center_express 12.5\(1\)su1
cisco unified_contact_center_express 12.5\(1\)su2
cisco unified_contact_center_express 12.5\(1\)su3
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:socialminer:10.5\\(1\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "3F8BC85C-F3C7-4FE6-97D5-30C2DA4858D8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:socialminer:10.6\\(1\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "8496A6AF-FF0B-4DCD-9524-4C89E74B44C7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:socialminer:10.6\\(2\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "0D8D8B8B-FD28-4A42-8364-72D896742533",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:socialminer:11.0\\(1\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "152B13F1-4EB5-4DA0-A943-326F8F324432",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:socialminer:11.5\\(1\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "9CBA712A-A9FC-4DA9-A06A-9A49A0355F34",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:socialminer:11.5\\(1\\)su1:*:*:*:*:*:*:*",
              "matchCriteriaId": "D807EB1C-6970-4A6D-B50A-A16DC43C443E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:socialminer:11.6\\(1\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "1382D72C-1447-4296-A520-BEF4EB48633C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:socialminer:11.6\\(2\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "6D53D578-A6D5-4BD0-9CD2-C8E496D136B0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:socialminer:12.0\\(1\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "24871067-7ADC-473D-A148-A82BE2C158A1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:socialminer:12.0\\(1\\)es02:*:*:*:*:*:*:*",
              "matchCriteriaId": "CC5C6FC1-CD6B-48C0-803C-E77C4B182A1F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:socialminer:12.0\\(1\\)es03:*:*:*:*:*:*:*",
              "matchCriteriaId": "9898EB83-A3A1-45A8-9E88-09A5A27D6EC6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:socialminer:12.0\\(1\\)es04:*:*:*:*:*:*:*",
              "matchCriteriaId": "A2AB2650-7D2B-4117-888D-CCB5E894E5C4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:socialminer:12.5\\(1\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "D32D6A4A-08E6-470E-B82C-D5E4E4B810FD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:socialminer:12.5\\(1\\)es01:*:*:*:*:*:*:*",
              "matchCriteriaId": "15F7499F-5F1E-47BA-8A84-33B55CA4E966",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:socialminer:12.5\\(1\\)su1:*:*:*:*:*:*:*",
              "matchCriteriaId": "33B065FE-3FA0-4109-90F3-57EABB2DB6DC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:socialminer:12.5\\(1\\)su2:*:*:*:*:*:*:*",
              "matchCriteriaId": "7EA97B42-BE0D-4D64-9791-C74DE3DB3EA8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:socialminer:12.5\\(1\\)su3:*:*:*:*:*:*:*",
              "matchCriteriaId": "811913C6-4E1B-449F-9E95-F57D96436A59",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:unified_contact_center_express:8.5\\(1\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "ED97AAD8-D02D-42AB-863A-7538A1F6D425",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_contact_center_express:9.0\\(2\\)su3es04:*:*:*:*:*:*:*",
              "matchCriteriaId": "E1202DE4-CA67-424E-8379-2BC13630F0C7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_contact_center_express:10.0\\(1\\)su1:*:*:*:*:*:*:*",
              "matchCriteriaId": "31854EAF-89B5-40BB-98E7-7EBB2E867C96",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_contact_center_express:10.0\\(1\\)su1es04:*:*:*:*:*:*:*",
              "matchCriteriaId": "DE1194F1-9CF5-460E-AF26-FB7CDC1EE878",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_contact_center_express:10.5\\(1\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "1C277058-F33F-4E60-AE89-658CB6558D9A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_contact_center_express:10.5\\(1\\)su1:*:*:*:*:*:*:*",
              "matchCriteriaId": "1E255206-BDDB-4F0F-9ED7-3A3ACA74EF83",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_contact_center_express:10.5\\(1\\)su1es10:*:*:*:*:*:*:*",
              "matchCriteriaId": "CE358FF2-CB8A-4E0D-926E-ED151B585E52",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_contact_center_express:10.6\\(1\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "D6F83A65-F3AC-4F6B-97A3-9FC582683BCB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_contact_center_express:10.6\\(1\\)su1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A766B903-E6DB-4838-90A7-63918C9F8AD9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_contact_center_express:10.6\\(1\\)su2:*:*:*:*:*:*:*",
              "matchCriteriaId": "2F1F0C70-E644-4DCA-93C2-6BCB331D08E6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_contact_center_express:10.6\\(1\\)su2es04:*:*:*:*:*:*:*",
              "matchCriteriaId": "DF54B434-E765-40B1-B12A-21FC7F415ACE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_contact_center_express:10.6\\(1\\)su3:*:*:*:*:*:*:*",
              "matchCriteriaId": "60839544-11E0-4381-A9AA-21D6FB403F88",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_contact_center_express:10.6\\(1\\)su3es01:*:*:*:*:*:*:*",
              "matchCriteriaId": "7D8114CF-6689-4C97-BD5D-07CC8EEF35A2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_contact_center_express:10.6\\(1\\)su3es02:*:*:*:*:*:*:*",
              "matchCriteriaId": "1D90986B-64ED-44A1-9CF1-7C9FD27555FF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_contact_center_express:10.6\\(1\\)su3es03:*:*:*:*:*:*:*",
              "matchCriteriaId": "442E4715-5043-4BF7-8961-C8844A00A7B5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_contact_center_express:11.0\\(1\\)su1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0242DD9A-A5BB-4DE7-9218-7AE0FE2A65AD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_contact_center_express:11.0\\(1\\)su1es02:*:*:*:*:*:*:*",
              "matchCriteriaId": "A5002FAA-FE64-4AA7-B0D7-22084CCE0CE4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_contact_center_express:11.0\\(1\\)su1es03:*:*:*:*:*:*:*",
              "matchCriteriaId": "6C17A2AB-33B3-4089-A701-A29A4E55D667",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_contact_center_express:11.5\\(1\\)es01:*:*:*:*:*:*:*",
              "matchCriteriaId": "DC6FFA8B-248F-42C7-8A06-3F7E158386EE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_contact_center_express:11.5\\(1\\)su1:*:*:*:*:*:*:*",
              "matchCriteriaId": "26A35E9A-FFFB-49AF-BA70-67F3EA54B9ED",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_contact_center_express:11.5\\(1\\)su1es01:*:*:*:*:*:*:*",
              "matchCriteriaId": "3F529FE5-1DE8-43A5-88EE-0980D3A55BCF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_contact_center_express:11.5\\(1\\)su1es02:*:*:*:*:*:*:*",
              "matchCriteriaId": "766350AF-1B2F-4DC0-9DA3-E17B45892163",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_contact_center_express:11.5\\(1\\)su1es03:*:*:*:*:*:*:*",
              "matchCriteriaId": "702E48CC-3858-491C-A328-5D9ADDDC8DC0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_contact_center_express:11.6\\(1\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "20CF8B80-28C0-407B-BA60-1B07694A3DFA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_contact_center_express:11.6\\(1\\)es01:*:*:*:*:*:*:*",
              "matchCriteriaId": "59A30F7B-9756-40BD-89C1-60E2702CC806",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_contact_center_express:11.6\\(1\\)es02:*:*:*:*:*:*:*",
              "matchCriteriaId": "29A15BB5-0725-4159-B387-74CFBF58F349",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_contact_center_express:11.6\\(2\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "82F5416D-0DF3-48BB-8A23-DBC2B0746195",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_contact_center_express:11.6\\(2\\)es01:*:*:*:*:*:*:*",
              "matchCriteriaId": "908E3B03-7248-44B4-B0DE-E3B3F7FA9555",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_contact_center_express:11.6\\(2\\)es02:*:*:*:*:*:*:*",
              "matchCriteriaId": "1705F343-BF9D-4EBC-B833-64F03EDD7C27",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_contact_center_express:11.6\\(2\\)es03:*:*:*:*:*:*:*",
              "matchCriteriaId": "686F6450-99FC-4260-B9CE-B7F313464EFB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_contact_center_express:11.6\\(2\\)es04:*:*:*:*:*:*:*",
              "matchCriteriaId": "93851C02-3E0A-41F1-82BB-24546A83E272",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_contact_center_express:11.6\\(2\\)es05:*:*:*:*:*:*:*",
              "matchCriteriaId": "10E25C7A-42B4-40CE-A13B-0252C05FCFD5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_contact_center_express:11.6\\(2\\)es06:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D0128C7-3FB4-42EE-B4D8-68EAAC4727A9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_contact_center_express:11.6\\(2\\)es07:*:*:*:*:*:*:*",
              "matchCriteriaId": "2A92970B-53FD-4ED6-95BC-FDC7BB6780CB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_contact_center_express:11.6\\(2\\)es08:*:*:*:*:*:*:*",
              "matchCriteriaId": "FE8E4137-3059-46B0-B241-2AA42A3D959E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_contact_center_express:12.0\\(1\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "30A8784D-B7A6-4F13-B89D-4ED910CC0576",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_contact_center_express:12.0\\(1\\)es01:*:*:*:*:*:*:*",
              "matchCriteriaId": "B368DEE7-7639-4D46-997B-2F2409712CAA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_contact_center_express:12.0\\(1\\)es02:*:*:*:*:*:*:*",
              "matchCriteriaId": "B721320B-C72C-4550-B585-9F43439FAB25",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_contact_center_express:12.0\\(1\\)es03:*:*:*:*:*:*:*",
              "matchCriteriaId": "A5F18549-A002-4106-9740-6B641E0ECF8E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_contact_center_express:12.0\\(1\\)es04:*:*:*:*:*:*:*",
              "matchCriteriaId": "CFF4AD59-6A04-4473-84E0-D99D24D99BC4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_contact_center_express:12.5\\(1\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "A9715BD0-F519-462E-ACF6-859B203638D5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_contact_center_express:12.5\\(1\\)_su01_es01:*:*:*:*:*:*:*",
              "matchCriteriaId": "CB2C8F59-78F2-4E3A-8261-F4EF214F691A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_contact_center_express:12.5\\(1\\)_su01_es02:*:*:*:*:*:*:*",
              "matchCriteriaId": "D3117461-56A5-4957-8BE0-83F44B66AE3E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_contact_center_express:12.5\\(1\\)_su01_es03:*:*:*:*:*:*:*",
              "matchCriteriaId": "4B279AE4-9CF7-49F1-A4C3-D8A6301EF136",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_contact_center_express:12.5\\(1\\)_su02_es01:*:*:*:*:*:*:*",
              "matchCriteriaId": "860ACAB6-5CB9-468C-90C4-B7C8E9559D2A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_contact_center_express:12.5\\(1\\)_su02_es02:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB2D8357-773D-492F-BC5B-F672C4D736A7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_contact_center_express:12.5\\(1\\)_su02_es03:*:*:*:*:*:*:*",
              "matchCriteriaId": "EE0B3B5E-2C4C-473C-B7FB-F62AAC19744C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_contact_center_express:12.5\\(1\\)_su02_es04:*:*:*:*:*:*:*",
              "matchCriteriaId": "51D7EEFA-D04C-4769-8C62-B8B5902F79ED",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_contact_center_express:12.5\\(1\\)_su03_es01:*:*:*:*:*:*:*",
              "matchCriteriaId": "E31A16D3-3B40-42EA-BAC3-05A13082CED2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_contact_center_express:12.5\\(1\\)_su03_es02:*:*:*:*:*:*:*",
              "matchCriteriaId": "21F08B08-23C1-4AD7-AD67-34D196C8470E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_contact_center_express:12.5\\(1\\)_su03_es03:*:*:*:*:*:*:*",
              "matchCriteriaId": "05AD3A80-2409-475E-87F5-430E51C53087",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_contact_center_express:12.5\\(1\\)_su03_es04:*:*:*:*:*:*:*",
              "matchCriteriaId": "49165652-275C-4AD9-9585-2F130989D404",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_contact_center_express:12.5\\(1\\)_su03_es05:*:*:*:*:*:*:*",
              "matchCriteriaId": "A4480EF1-226E-459E-B2F5-3985A219BBD5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_contact_center_express:12.5\\(1\\)_su03_es06:*:*:*:*:*:*:*",
              "matchCriteriaId": "2A408698-6123-4772-8D11-FE89EBB135D0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_contact_center_express:12.5\\(1\\)es01:*:*:*:*:*:*:*",
              "matchCriteriaId": "81728CDB-DD39-4DD9-BB82-6F2D8E3D1E2D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_contact_center_express:12.5\\(1\\)es02:*:*:*:*:*:*:*",
              "matchCriteriaId": "80F9AF5B-3670-4910-9AD8-C1FB90C7190B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_contact_center_express:12.5\\(1\\)es03:*:*:*:*:*:*:*",
              "matchCriteriaId": "78DAF852-5CA1-4D2B-948B-F0E9FB9DA973",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_contact_center_express:12.5\\(1\\)su1:*:*:*:*:*:*:*",
              "matchCriteriaId": "83EDDAAF-0746-4851-B7E5-60E4ED039D02",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_contact_center_express:12.5\\(1\\)su2:*:*:*:*:*:*:*",
              "matchCriteriaId": "0FBB3406-4AD0-41B1-AFC3-3FC6E7E01B10",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_contact_center_express:12.5\\(1\\)su3:*:*:*:*:*:*:*",
              "matchCriteriaId": "6BF183D9-CDF6-44D9-B529-F13666A3EE07",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the web-based chat interface of Cisco Customer Collaboration Platform (CCP), formerly Cisco SocialMiner, could allow an unauthenticated, remote attacker to persuade users to disclose sensitive data.\r\n\r\nThis vulnerability is due to improper sanitization of HTTP requests that are sent to the web-based chat interface. An attacker could exploit this vulnerability by sending crafted HTTP requests to the chat interface of a targeted user on a vulnerable server. A successful exploit could allow the attacker to redirect chat traffic to a server that is under their control, resulting in sensitive information being redirected to the attacker."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en la interfaz de chat web de Cisco Customer Collaboration Platform (CCP), anteriormente Cisco SocialMiner, podr\u00eda permitir que un atacante remoto no autenticado persuada a los usuarios para que revelen informaci\u00f3n confidencial. Esta vulnerabilidad se debe a una depuraci\u00f3n inadecuada de las solicitudes HTTP enviadas a la interfaz de chat web. Un atacante podr\u00eda explotar esta vulnerabilidad enviando solicitudes HTTP manipuladas a la interfaz de chat de un usuario objetivo en un servidor vulnerable. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante redirigir el tr\u00e1fico de chat a un servidor bajo su control, lo que resultar\u00eda en la redirecci\u00f3n de informaci\u00f3n confidencial."
    }
  ],
  "id": "CVE-2025-20129",
  "lastModified": "2025-08-01T15:08:03.230",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 4.3,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "LOW",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 1.4,
        "source": "psirt@cisco.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 5.4,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "LOW",
          "integrityImpact": "LOW",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 2.5,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2025-06-04T17:15:25.407",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ccp-info-disc-ZyGerQpd"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-200"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.