- Description
- A vulnerability in the API of Cisco Unified Intelligence Center could allow an authenticated, remote attacker to perform a horizontal privilege escalation attack on an affected system. This vulnerability is due to insufficient validation of user-supplied parameters in API requests. An attacker could exploit this vulnerability by submitting crafted API requests to an affected system to execute an insecure direct object reference attack. A successful exploit could allow the attacker to access specific data that is associated with different users on the affected system.
- Source
- psirt@cisco.com
- NVD status
- Awaiting Analysis
CVSS 3.1
- Type
- Primary
- Base score
- 4.3
- Impact score
- 1.4
- Exploitability score
- 2.8
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
- Severity
- MEDIUM
- psirt@cisco.com
- CWE-639
- Hype score
- Not currently trending
Cisco Unified Intelligence Center Privilege Escalation Vulnerabilities (CVE-2025-20113 & CVE-2025-20114) #Cisco #CiscoUnifiedIntelligenceCenter #CVE202520113 #CVE202520114 #CyberSecurity https://t.co/UY9QTxVo1k https://t.co/Jdv4nMnbOV
@SystemTek_UK
23 May 2025
17 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-20114 A vulnerability in the API of Cisco Unified Intelligence Center could allow an authenticated, remote attacker to perform a horizontal privilege escalation attack on a… https://t.co/R5ZLCSTm8g
@CVEnew
21 May 2025
204 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes