CVE-2025-20114
published 2025-05-21CVE-2025-20114: A vulnerability in the API of Cisco Unified Intelligence Center could allow an authenticated, remote attacker to perform a horizontal privilege escalation…
medium4.3CVSS 3.1
AVNACLPRLUINSUCLINAN
A vulnerability in the API of Cisco Unified Intelligence Center could allow an authenticated, remote attacker to perform a horizontal privilege escalation attack on an affected system.
This vulnerability is due to insufficient validation of user-supplied parameters in API requests. An attacker could exploit this vulnerability by submitting crafted API requests to an affected system to execute an insecure direct object reference attack. A successful exploit could allow the attacker to access specific data that is associated with different users on the affected system.
Affected
156 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| cisco | cisco_unified_contact_center_express | — | — |
| cisco | cisco_unified_contact_center_express | — | — |
| cisco | cisco_unified_contact_center_express | — | — |
| cisco | cisco_unified_contact_center_express | — | — |
| cisco | cisco_unified_contact_center_express | — | — |
| cisco | cisco_unified_contact_center_express | — | — |
| cisco | cisco_unified_contact_center_express | — | — |
| cisco | cisco_unified_contact_center_express | — | — |
| cisco | cisco_unified_contact_center_express | — | — |
| cisco | cisco_unified_contact_center_express | — | — |
| cisco | cisco_unified_contact_center_express | — | — |
| cisco | cisco_unified_contact_center_express | — | — |
| cisco | cisco_unified_contact_center_express | — | — |
| cisco | cisco_unified_contact_center_express | — | — |
| cisco | cisco_unified_contact_center_express | — | — |
| cisco | cisco_unified_contact_center_express | — | — |
| cisco | cisco_unified_contact_center_express | — | — |
| cisco | cisco_unified_contact_center_express | — | — |
| cisco | cisco_unified_contact_center_express | — | — |
| cisco | cisco_unified_contact_center_express | — | — |
| cisco | cisco_unified_contact_center_express | — | — |
| cisco | cisco_unified_contact_center_express | — | — |
| cisco | cisco_unified_contact_center_express | — | — |
| cisco | cisco_unified_contact_center_express | — | — |
| cisco | cisco_unified_contact_center_express | — | — |