- Description
- A vulnerability in Cisco Unified Intelligence Center could allow an authenticated, remote attacker to elevate privileges to Administrator for a limited set of functions on an affected system. This vulnerability is due to insufficient server-side validation of user-supplied parameters in API or HTTP requests. An attacker could exploit this vulnerability by submitting a crafted API or HTTP request to an affected system. A successful exploit could allow the attacker to access, modify, or delete data beyond the sphere of their intended access level, including obtaining potentially sensitive information stored in the system.
- Source
- psirt@cisco.com
- NVD status
- Awaiting Analysis
CVSS 3.1
- Type
- Primary
- Base score
- 7.1
- Impact score
- 4.2
- Exploitability score
- 2.8
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N
- Severity
- HIGH
- psirt@cisco.com
- CWE-602
- Hype score
- Not currently trending
Cisco、ISEおよび統合管理製品に深刻な脆弱性を修正(CVE-2025-20152,CVE-2025-20113) #セキュリティ対策Lab #セキュリティ #Security https://t.co/02TIXQZees
@securityLab_jp
27 May 2025
30 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Cisco Unified Intelligence Center Privilege Escalation Vulnerabilities (CVE-2025-20113 & CVE-2025-20114) #Cisco #CiscoUnifiedIntelligenceCenter #CVE202520113 #CVE202520114 #CyberSecurity https://t.co/UY9QTxVo1k https://t.co/Jdv4nMnbOV
@SystemTek_UK
23 May 2025
17 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
⚠️Vulnerabilidades corregidas en productos de Cisco ❗CVE-2025-20152 ❗CVE-2025-20113 ➡️Más info: https://t.co/fPuCM36TC7 https://t.co/2sJaRANYn2
@CERTpy
22 May 2025
125 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes