CVE-2025-20113

21.05.2025, 17:15

A vulnerability in Cisco Unified Intelligence Center could allow an authenticated, remote attacker to elevate privileges to Administrator for a limited set of functions on an affected system.

This vulnerability is due to insufficient server-side validation of user-supplied parameters in API or HTTP requests. An attacker could exploit this vulnerability by submitting a crafted API or HTTP request to an affected system. A successful exploit could allow the attacker to access, modify, or delete data beyond the sphere of their intended access level, including obtaining potentially sensitive information stored in the system.

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	NIST	7.1 HIGH	NETWORK	LOW	LOW	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N
cisco	CNA	7.1 HIGH	NETWORK	LOW	LOW	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N
CISA-ADP	ADP	---				---

Base Score

CVSS 3.x

EPSS Score

Percentile: 24%

Vendor	Product	Version
cisco	unified_intelligence_center	10.5\(1\)
cisco	unified_intelligence_center	11.0\(1\)
cisco	unified_intelligence_center	11.0\(2\)
cisco	unified_intelligence_center	11.0\(3\)
cisco	unified_intelligence_center	11.5\(1\)
cisco	unified_intelligence_center	11.6\(1\)
cisco	unified_intelligence_center	12.0\(1\)
cisco	unified_intelligence_center	12.5\(1\)
cisco	unified_intelligence_center	12.5\(1\)su
cisco	unified_intelligence_center	12.6\(1\)
cisco	unified_intelligence_center	12.6\(1\)_es05_et
cisco	unified_intelligence_center	12.6\(1\)_et
cisco	unified_intelligence_center	12.6\(2\)
cisco	unified_contact_center_express	8.5\(1\)
cisco	unified_contact_center_express	9.0\(2\)su3es04
cisco	unified_contact_center_express	10.0\(1\)su1
cisco	unified_contact_center_express	10.0\(1\)su1es04
cisco	unified_contact_center_express	10.5\(1\)
cisco	unified_contact_center_express	10.5\(1\)su1
cisco	unified_contact_center_express	10.5\(1\)su1es10
cisco	unified_contact_center_express	10.6\(1\)
cisco	unified_contact_center_express	10.6\(1\)su1
cisco	unified_contact_center_express	10.6\(1\)su2
cisco	unified_contact_center_express	10.6\(1\)su2es04
cisco	unified_contact_center_express	10.6\(1\)su3
cisco	unified_contact_center_express	10.6\(1\)su3es01
cisco	unified_contact_center_express	10.6\(1\)su3es02
cisco	unified_contact_center_express	10.6\(1\)su3es03
cisco	unified_contact_center_express	11.0\(1\)su1
cisco	unified_contact_center_express	11.0\(1\)su1es02
cisco	unified_contact_center_express	11.0\(1\)su1es03
cisco	unified_contact_center_express	11.5\(1\)es01
cisco	unified_contact_center_express	11.5\(1\)su1
cisco	unified_contact_center_express	11.5\(1\)su1es01
cisco	unified_contact_center_express	11.5\(1\)su1es02
cisco	unified_contact_center_express	11.5\(1\)su1es03
cisco	unified_contact_center_express	11.6\(1\)
cisco	unified_contact_center_express	11.6\(1\)es01
cisco	unified_contact_center_express	11.6\(1\)es02
cisco	unified_contact_center_express	11.6\(2\)
cisco	unified_contact_center_express	11.6\(2\)es01
cisco	unified_contact_center_express	11.6\(2\)es02
cisco	unified_contact_center_express	11.6\(2\)es03
cisco	unified_contact_center_express	11.6\(2\)es04
cisco	unified_contact_center_express	11.6\(2\)es05
cisco	unified_contact_center_express	11.6\(2\)es06
cisco	unified_contact_center_express	11.6\(2\)es07
cisco	unified_contact_center_express	11.6\(2\)es08
cisco	unified_contact_center_express	12.0\(1\)
cisco	unified_contact_center_express	12.0\(1\)es01
cisco	unified_contact_center_express	12.0\(1\)es02
cisco	unified_contact_center_express	12.0\(1\)es03
cisco	unified_contact_center_express	12.0\(1\)es04
cisco	unified_contact_center_express	12.5\(1\)
cisco	unified_contact_center_express	12.5\(1\)_su01_es01
cisco	unified_contact_center_express	12.5\(1\)_su01_es02
cisco	unified_contact_center_express	12.5\(1\)_su01_es03
cisco	unified_contact_center_express	12.5\(1\)_su02_es01
cisco	unified_contact_center_express	12.5\(1\)_su02_es02
cisco	unified_contact_center_express	12.5\(1\)_su02_es03
cisco	unified_contact_center_express	12.5\(1\)_su02_es04
cisco	unified_contact_center_express	12.5\(1\)_su03_es01
cisco	unified_contact_center_express	12.5\(1\)_su03_es02
cisco	unified_contact_center_express	12.5\(1\)_su03_es03
cisco	unified_contact_center_express	12.5\(1\)_su03_es04
cisco	unified_contact_center_express	12.5\(1\)_su03_es05
cisco	unified_contact_center_express	12.5\(1\)_su03_es06
cisco	unified_contact_center_express	12.5\(1\)es01
cisco	unified_contact_center_express	12.5\(1\)es02
cisco	unified_contact_center_express	12.5\(1\)es03
cisco	unified_contact_center_express	12.5\(1\)su1
cisco	unified_contact_center_express	12.5\(1\)su2
cisco	unified_contact_center_express	12.5\(1\)su3

𝑥

= Vulnerable software versions

Common Weakness Enumeration

CWE-602 - Client-Side Enforcement of Server-Side Security
The product is composed of a server that relies on the client to implement a mechanism that is intended to protect the server.

References

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cuis-priv-esc-3Pk96SU4