Show plain JSON{"id": "CVE-2025-20114", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "psirt@cisco.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 4.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "LOW"}, "impactScore": 1.4, "exploitabilityScore": 2.8}]}, "published": "2025-05-21T17:15:55.810", "references": [{"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cuis-priv-esc-3Pk96SU4", "tags": ["Vendor Advisory"], "source": "psirt@cisco.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "psirt@cisco.com", "description": [{"lang": "en", "value": "CWE-639"}]}], "descriptions": [{"lang": "en", "value": "A vulnerability in the API of Cisco Unified Intelligence Center could allow an authenticated, remote attacker to perform a horizontal privilege escalation attack on an affected system.\r\n\r\nThis vulnerability is due to insufficient validation of user-supplied parameters in API requests. An attacker could exploit this vulnerability by submitting crafted API requests to an affected system to execute an insecure direct object reference attack. A successful exploit could allow the attacker to access specific data that is associated with different users on the affected system."}, {"lang": "es", "value": "Una vulnerabilidad en la API de Cisco Unified Intelligence Center podr\u00eda permitir que un atacante remoto autenticado realice un ataque de escalada horizontal de privilegios en un sistema afectado. Esta vulnerabilidad se debe a una validaci\u00f3n insuficiente de los par\u00e1metros proporcionados por el usuario en las solicitudes de API. Un atacante podr\u00eda explotar esta vulnerabilidad enviando solicitudes de API manipuladas a un sistema afectado para ejecutar un ataque de referencia directa a objetos inseguro. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante acceder a datos espec\u00edficos asociados a diferentes usuarios del sistema afectado."}], "lastModified": "2025-07-22T14:41:40.413", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:cisco:unified_intelligence_center:10.5\\(1\\):*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5601C191-19B9-4CC3-94E0-AB144A6BD02C"}, {"criteria": "cpe:2.3:a:cisco:unified_intelligence_center:11.0\\(1\\):*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D92445EF-1107-456D-8F03-44BA2A385383"}, {"criteria": "cpe:2.3:a:cisco:unified_intelligence_center:11.0\\(2\\):*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2F4F7BC5-E393-4C85-93ED-8F8DBD81A383"}, {"criteria": "cpe:2.3:a:cisco:unified_intelligence_center:11.0\\(3\\):*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BD658DE5-84D2-4527-AF25-09F31572C184"}, {"criteria": "cpe:2.3:a:cisco:unified_intelligence_center:11.5\\(1\\):*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "060AFE51-F470-4B14-8D74-8B721129A37E"}, {"criteria": "cpe:2.3:a:cisco:unified_intelligence_center:11.6\\(1\\):*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7B59061B-ED98-47C6-A8CF-41CA11500AF2"}, {"criteria": "cpe:2.3:a:cisco:unified_intelligence_center:12.0\\(1\\):*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DF881F48-7268-4A06-A72B-FEE1BD58A193"}, {"criteria": "cpe:2.3:a:cisco:unified_intelligence_center:12.5\\(1\\):*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "84C52246-9E02-434A-8E41-76B21DB3F25C"}, {"criteria": "cpe:2.3:a:cisco:unified_intelligence_center:12.5\\(1\\)su:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "42B2688A-4E07-4EA0-8304-E168FB672202"}, {"criteria": "cpe:2.3:a:cisco:unified_intelligence_center:12.6\\(1\\):*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0EAE9043-E488-4FBE-8A60-377F71D5D126"}, {"criteria": "cpe:2.3:a:cisco:unified_intelligence_center:12.6\\(1\\)_es05_et:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "45676746-8B75-4095-A4FF-9AC34CF0E72F"}, {"criteria": "cpe:2.3:a:cisco:unified_intelligence_center:12.6\\(1\\)_et:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D94589CB-61F9-474F-800A-5387FB4AEF9C"}, {"criteria": "cpe:2.3:a:cisco:unified_intelligence_center:12.6\\(2\\):*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0A136173-603C-427A-AC03-76CBB6757C92"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:8.5\\(1\\):*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "ED97AAD8-D02D-42AB-863A-7538A1F6D425"}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:9.0\\(2\\)su3es04:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E1202DE4-CA67-424E-8379-2BC13630F0C7"}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:10.0\\(1\\)su1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "31854EAF-89B5-40BB-98E7-7EBB2E867C96"}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:10.0\\(1\\)su1es04:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DE1194F1-9CF5-460E-AF26-FB7CDC1EE878"}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:10.5\\(1\\):*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1C277058-F33F-4E60-AE89-658CB6558D9A"}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:10.5\\(1\\)su1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1E255206-BDDB-4F0F-9ED7-3A3ACA74EF83"}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:10.5\\(1\\)su1es10:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CE358FF2-CB8A-4E0D-926E-ED151B585E52"}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:10.6\\(1\\):*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D6F83A65-F3AC-4F6B-97A3-9FC582683BCB"}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:10.6\\(1\\)su1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A766B903-E6DB-4838-90A7-63918C9F8AD9"}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:10.6\\(1\\)su2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2F1F0C70-E644-4DCA-93C2-6BCB331D08E6"}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:10.6\\(1\\)su2es04:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DF54B434-E765-40B1-B12A-21FC7F415ACE"}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:10.6\\(1\\)su3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "60839544-11E0-4381-A9AA-21D6FB403F88"}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:10.6\\(1\\)su3es01:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7D8114CF-6689-4C97-BD5D-07CC8EEF35A2"}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:10.6\\(1\\)su3es02:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1D90986B-64ED-44A1-9CF1-7C9FD27555FF"}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:10.6\\(1\\)su3es03:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "442E4715-5043-4BF7-8961-C8844A00A7B5"}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:11.0\\(1\\)su1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0242DD9A-A5BB-4DE7-9218-7AE0FE2A65AD"}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:11.0\\(1\\)su1es02:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A5002FAA-FE64-4AA7-B0D7-22084CCE0CE4"}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:11.0\\(1\\)su1es03:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6C17A2AB-33B3-4089-A701-A29A4E55D667"}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:11.5\\(1\\)es01:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DC6FFA8B-248F-42C7-8A06-3F7E158386EE"}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:11.5\\(1\\)su1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "26A35E9A-FFFB-49AF-BA70-67F3EA54B9ED"}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:11.5\\(1\\)su1es01:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3F529FE5-1DE8-43A5-88EE-0980D3A55BCF"}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:11.5\\(1\\)su1es02:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "766350AF-1B2F-4DC0-9DA3-E17B45892163"}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:11.5\\(1\\)su1es03:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "702E48CC-3858-491C-A328-5D9ADDDC8DC0"}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:11.6\\(1\\):*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "20CF8B80-28C0-407B-BA60-1B07694A3DFA"}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:11.6\\(1\\)es01:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "59A30F7B-9756-40BD-89C1-60E2702CC806"}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:11.6\\(1\\)es02:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "29A15BB5-0725-4159-B387-74CFBF58F349"}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:11.6\\(2\\):*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "82F5416D-0DF3-48BB-8A23-DBC2B0746195"}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:11.6\\(2\\)es01:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "908E3B03-7248-44B4-B0DE-E3B3F7FA9555"}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:11.6\\(2\\)es02:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1705F343-BF9D-4EBC-B833-64F03EDD7C27"}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:11.6\\(2\\)es03:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "686F6450-99FC-4260-B9CE-B7F313464EFB"}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:11.6\\(2\\)es04:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "93851C02-3E0A-41F1-82BB-24546A83E272"}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:11.6\\(2\\)es05:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "10E25C7A-42B4-40CE-A13B-0252C05FCFD5"}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:11.6\\(2\\)es06:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4D0128C7-3FB4-42EE-B4D8-68EAAC4727A9"}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:11.6\\(2\\)es07:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2A92970B-53FD-4ED6-95BC-FDC7BB6780CB"}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:11.6\\(2\\)es08:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FE8E4137-3059-46B0-B241-2AA42A3D959E"}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:12.0\\(1\\):*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "30A8784D-B7A6-4F13-B89D-4ED910CC0576"}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:12.0\\(1\\)es01:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B368DEE7-7639-4D46-997B-2F2409712CAA"}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:12.0\\(1\\)es02:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B721320B-C72C-4550-B585-9F43439FAB25"}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:12.0\\(1\\)es03:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A5F18549-A002-4106-9740-6B641E0ECF8E"}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:12.0\\(1\\)es04:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CFF4AD59-6A04-4473-84E0-D99D24D99BC4"}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:12.5\\(1\\):*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A9715BD0-F519-462E-ACF6-859B203638D5"}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:12.5\\(1\\)_su01_es01:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CB2C8F59-78F2-4E3A-8261-F4EF214F691A"}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:12.5\\(1\\)_su01_es02:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D3117461-56A5-4957-8BE0-83F44B66AE3E"}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:12.5\\(1\\)_su01_es03:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4B279AE4-9CF7-49F1-A4C3-D8A6301EF136"}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:12.5\\(1\\)_su02_es01:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "860ACAB6-5CB9-468C-90C4-B7C8E9559D2A"}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:12.5\\(1\\)_su02_es02:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FB2D8357-773D-492F-BC5B-F672C4D736A7"}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:12.5\\(1\\)_su02_es03:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EE0B3B5E-2C4C-473C-B7FB-F62AAC19744C"}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:12.5\\(1\\)_su02_es04:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "51D7EEFA-D04C-4769-8C62-B8B5902F79ED"}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:12.5\\(1\\)_su03_es01:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E31A16D3-3B40-42EA-BAC3-05A13082CED2"}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:12.5\\(1\\)_su03_es02:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "21F08B08-23C1-4AD7-AD67-34D196C8470E"}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:12.5\\(1\\)_su03_es03:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "05AD3A80-2409-475E-87F5-430E51C53087"}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:12.5\\(1\\)_su03_es04:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "49165652-275C-4AD9-9585-2F130989D404"}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:12.5\\(1\\)_su03_es05:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A4480EF1-226E-459E-B2F5-3985A219BBD5"}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:12.5\\(1\\)_su03_es06:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2A408698-6123-4772-8D11-FE89EBB135D0"}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:12.5\\(1\\)es01:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "81728CDB-DD39-4DD9-BB82-6F2D8E3D1E2D"}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:12.5\\(1\\)es02:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "80F9AF5B-3670-4910-9AD8-C1FB90C7190B"}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:12.5\\(1\\)es03:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "78DAF852-5CA1-4D2B-948B-F0E9FB9DA973"}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:12.5\\(1\\)su1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "83EDDAAF-0746-4851-B7E5-60E4ED039D02"}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:12.5\\(1\\)su2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0FBB3406-4AD0-41B1-AFC3-3FC6E7E01B10"}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:12.5\\(1\\)su3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6BF183D9-CDF6-44D9-B529-F13666A3EE07"}], "operator": "OR"}]}], "sourceIdentifier": "psirt@cisco.com"}