CVE-2025-20288

Published Jul 16, 2025
Last updated 8 months ago
CVSS medium 5.8
Overview

Description: A vulnerability in the web-based management interface of Cisco Unified Intelligence Center could allow an unauthenticated, remote attacker to conduct a server-side request forgery (SSRF) attack through an affected device. This vulnerability is due to improper input validation for specific HTTP requests. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected device. A successful exploit could allow the attacker to send arbitrary network requests that are sourced from the affected device.
Source: psirt@cisco.com
NVD status: Analyzed
Products: unified_intelligence_center, unified_contact_center_express
Risk scores

CVSS 3.1

Type: Primary
Base score: 5.3
Impact score: 1.4
Exploitability score: 3.9
Vector string: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
Severity: MEDIUM
Weaknesses

psirt@cisco.com: CWE-918
Hype score: Not currently trending
Configurations

[
  {
    "nodes": [
      {
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:cisco:unified_intelligence_center:10.5\\(1\\):*:*:*:*:*:*:*",
            "matchCriteriaId": "5601C191-19B9-4CC3-94E0-AB144A6BD02C",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:a:cisco:unified_intelligence_center:11.0\\(1\\):*:*:*:*:*:*:*",
            "matchCriteriaId": "D92445EF-1107-456D-8F03-44BA2A385383",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:a:cisco:unified_intelligence_center:11.0\\(2\\):*:*:*:*:*:*:*",
            "matchCriteriaId": "2F4F7BC5-E393-4C85-93ED-8F8DBD81A383",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:a:cisco:unified_intelligence_center:11.0\\(3\\):*:*:*:*:*:*:*",
            "matchCriteriaId": "BD658DE5-84D2-4527-AF25-09F31572C184",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:a:cisco:unified_intelligence_center:11.5\\(1\\):*:*:*:*:*:*:*",
            "matchCriteriaId": "060AFE51-F470-4B14-8D74-8B721129A37E",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:a:cisco:unified_intelligence_center:11.6\\(1\\):*:*:*:*:*:*:*",
            "matchCriteriaId": "7B59061B-ED98-47C6-A8CF-41CA11500AF2",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:a:cisco:unified_intelligence_center:12.0\\(1\\):*:*:*:*:*:*:*",
            "matchCriteriaId": "DF881F48-7268-4A06-A72B-FEE1BD58A193",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:a:cisco:unified_intelligence_center:12.5\\(1\\):*:*:*:*:*:*:*",
            "matchCriteriaId": "84C52246-9E02-434A-8E41-76B21DB3F25C",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:a:cisco:unified_intelligence_center:12.5\\(1\\)su:*:*:*:*:*:*:*",
            "matchCriteriaId": "42B2688A-4E07-4EA0-8304-E168FB672202",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:a:cisco:unified_intelligence_center:12.6\\(1\\):*:*:*:*:*:*:*",
            "matchCriteriaId": "0EAE9043-E488-4FBE-8A60-377F71D5D126",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:a:cisco:unified_intelligence_center:12.6\\(1\\)_es05_et:*:*:*:*:*:*:*",
            "matchCriteriaId": "45676746-8B75-4095-A4FF-9AC34CF0E72F",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:a:cisco:unified_intelligence_center:12.6\\(1\\)_et:*:*:*:*:*:*:*",
            "matchCriteriaId": "D94589CB-61F9-474F-800A-5387FB4AEF9C",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:a:cisco:unified_intelligence_center:12.6\\(2\\):*:*:*:*:*:*:*",
            "matchCriteriaId": "0A136173-603C-427A-AC03-76CBB6757C92",
            "vulnerable": true
          }
        ],
        "negate": false,
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:cisco:unified_contact_center_express:10.5\\(1\\):*:*:*:*:*:*:*",
            "matchCriteriaId": "1C277058-F33F-4E60-AE89-658CB6558D9A",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:a:cisco:unified_contact_center_express:10.5\\(1\\)su1:*:*:*:*:*:*:*",
            "matchCriteriaId": "1E255206-BDDB-4F0F-9ED7-3A3ACA74EF83",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:a:cisco:unified_contact_center_express:10.5\\(1\\)su1es10:*:*:*:*:*:*:*",
            "matchCriteriaId": "CE358FF2-CB8A-4E0D-926E-ED151B585E52",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:a:cisco:unified_contact_center_express:10.6\\(1\\):*:*:*:*:*:*:*",
            "matchCriteriaId": "D6F83A65-F3AC-4F6B-97A3-9FC582683BCB",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:a:cisco:unified_contact_center_express:10.6\\(1\\)su1:*:*:*:*:*:*:*",
            "matchCriteriaId": "A766B903-E6DB-4838-90A7-63918C9F8AD9",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:a:cisco:unified_contact_center_express:10.6\\(1\\)su2:*:*:*:*:*:*:*",
            "matchCriteriaId": "2F1F0C70-E644-4DCA-93C2-6BCB331D08E6",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:a:cisco:unified_contact_center_express:10.6\\(1\\)su2es04:*:*:*:*:*:*:*",
            "matchCriteriaId": "DF54B434-E765-40B1-B12A-21FC7F415ACE",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:a:cisco:unified_contact_center_express:10.6\\(1\\)su3:*:*:*:*:*:*:*",
            "matchCriteriaId": "60839544-11E0-4381-A9AA-21D6FB403F88",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:a:cisco:unified_contact_center_express:10.6\\(1\\)su3es01:*:*:*:*:*:*:*",
            "matchCriteriaId": "7D8114CF-6689-4C97-BD5D-07CC8EEF35A2",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:a:cisco:unified_contact_center_express:10.6\\(1\\)su3es02:*:*:*:*:*:*:*",
            "matchCriteriaId": "1D90986B-64ED-44A1-9CF1-7C9FD27555FF",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:a:cisco:unified_contact_center_express:10.6\\(1\\)su3es03:*:*:*:*:*:*:*",
            "matchCriteriaId": "442E4715-5043-4BF7-8961-C8844A00A7B5",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:a:cisco:unified_contact_center_express:11.0\\(1\\)su1:*:*:*:*:*:*:*",
            "matchCriteriaId": "0242DD9A-A5BB-4DE7-9218-7AE0FE2A65AD",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:a:cisco:unified_contact_center_express:11.0\\(1\\)su1es02:*:*:*:*:*:*:*",
            "matchCriteriaId": "A5002FAA-FE64-4AA7-B0D7-22084CCE0CE4",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:a:cisco:unified_contact_center_express:11.0\\(1\\)su1es03:*:*:*:*:*:*:*",
            "matchCriteriaId": "6C17A2AB-33B3-4089-A701-A29A4E55D667",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:a:cisco:unified_contact_center_express:11.5\\(1\\)es01:*:*:*:*:*:*:*",
            "matchCriteriaId": "DC6FFA8B-248F-42C7-8A06-3F7E158386EE",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:a:cisco:unified_contact_center_express:11.5\\(1\\)su1:*:*:*:*:*:*:*",
            "matchCriteriaId": "26A35E9A-FFFB-49AF-BA70-67F3EA54B9ED",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:a:cisco:unified_contact_center_express:11.5\\(1\\)su1es01:*:*:*:*:*:*:*",
            "matchCriteriaId": "3F529FE5-1DE8-43A5-88EE-0980D3A55BCF",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:a:cisco:unified_contact_center_express:11.5\\(1\\)su1es02:*:*:*:*:*:*:*",
            "matchCriteriaId": "766350AF-1B2F-4DC0-9DA3-E17B45892163",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:a:cisco:unified_contact_center_express:11.5\\(1\\)su1es03:*:*:*:*:*:*:*",
            "matchCriteriaId": "702E48CC-3858-491C-A328-5D9ADDDC8DC0",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:a:cisco:unified_contact_center_express:11.6\\(1\\):*:*:*:*:*:*:*",
            "matchCriteriaId": "20CF8B80-28C0-407B-BA60-1B07694A3DFA",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:a:cisco:unified_contact_center_express:11.6\\(1\\)es01:*:*:*:*:*:*:*",
            "matchCriteriaId": "59A30F7B-9756-40BD-89C1-60E2702CC806",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:a:cisco:unified_contact_center_express:11.6\\(1\\)es02:*:*:*:*:*:*:*",
            "matchCriteriaId": "29A15BB5-0725-4159-B387-74CFBF58F349",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:a:cisco:unified_contact_center_express:11.6\\(2\\):*:*:*:*:*:*:*",
            "matchCriteriaId": "82F5416D-0DF3-48BB-8A23-DBC2B0746195",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:a:cisco:unified_contact_center_express:11.6\\(2\\)es01:*:*:*:*:*:*:*",
            "matchCriteriaId": "908E3B03-7248-44B4-B0DE-E3B3F7FA9555",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:a:cisco:unified_contact_center_express:11.6\\(2\\)es02:*:*:*:*:*:*:*",
            "matchCriteriaId": "1705F343-BF9D-4EBC-B833-64F03EDD7C27",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:a:cisco:unified_contact_center_express:11.6\\(2\\)es03:*:*:*:*:*:*:*",
            "matchCriteriaId": "686F6450-99FC-4260-B9CE-B7F313464EFB",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:a:cisco:unified_contact_center_express:11.6\\(2\\)es04:*:*:*:*:*:*:*",
            "matchCriteriaId": "93851C02-3E0A-41F1-82BB-24546A83E272",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:a:cisco:unified_contact_center_express:11.6\\(2\\)es05:*:*:*:*:*:*:*",
            "matchCriteriaId": "10E25C7A-42B4-40CE-A13B-0252C05FCFD5",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:a:cisco:unified_contact_center_express:11.6\\(2\\)es06:*:*:*:*:*:*:*",
            "matchCriteriaId": "4D0128C7-3FB4-42EE-B4D8-68EAAC4727A9",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:a:cisco:unified_contact_center_express:11.6\\(2\\)es07:*:*:*:*:*:*:*",
            "matchCriteriaId": "2A92970B-53FD-4ED6-95BC-FDC7BB6780CB",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:a:cisco:unified_contact_center_express:11.6\\(2\\)es08:*:*:*:*:*:*:*",
            "matchCriteriaId": "FE8E4137-3059-46B0-B241-2AA42A3D959E",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:a:cisco:unified_contact_center_express:12.0\\(1\\):*:*:*:*:*:*:*",
            "matchCriteriaId": "30A8784D-B7A6-4F13-B89D-4ED910CC0576",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:a:cisco:unified_contact_center_express:12.0\\(1\\)es01:*:*:*:*:*:*:*",
            "matchCriteriaId": "B368DEE7-7639-4D46-997B-2F2409712CAA",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:a:cisco:unified_contact_center_express:12.0\\(1\\)es02:*:*:*:*:*:*:*",
            "matchCriteriaId": "B721320B-C72C-4550-B585-9F43439FAB25",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:a:cisco:unified_contact_center_express:12.0\\(1\\)es03:*:*:*:*:*:*:*",
            "matchCriteriaId": "A5F18549-A002-4106-9740-6B641E0ECF8E",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:a:cisco:unified_contact_center_express:12.0\\(1\\)es04:*:*:*:*:*:*:*",
            "matchCriteriaId": "CFF4AD59-6A04-4473-84E0-D99D24D99BC4",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:a:cisco:unified_contact_center_express:12.5\\(1\\):*:*:*:*:*:*:*",
            "matchCriteriaId": "A9715BD0-F519-462E-ACF6-859B203638D5",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:a:cisco:unified_contact_center_express:12.5\\(1\\)_su01_es01:*:*:*:*:*:*:*",
            "matchCriteriaId": "CB2C8F59-78F2-4E3A-8261-F4EF214F691A",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:a:cisco:unified_contact_center_express:12.5\\(1\\)_su01_es02:*:*:*:*:*:*:*",
            "matchCriteriaId": "D3117461-56A5-4957-8BE0-83F44B66AE3E",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:a:cisco:unified_contact_center_express:12.5\\(1\\)_su01_es03:*:*:*:*:*:*:*",
            "matchCriteriaId": "4B279AE4-9CF7-49F1-A4C3-D8A6301EF136",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:a:cisco:unified_contact_center_express:12.5\\(1\\)_su02_es01:*:*:*:*:*:*:*",
            "matchCriteriaId": "860ACAB6-5CB9-468C-90C4-B7C8E9559D2A",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:a:cisco:unified_contact_center_express:12.5\\(1\\)_su02_es02:*:*:*:*:*:*:*",
            "matchCriteriaId": "FB2D8357-773D-492F-BC5B-F672C4D736A7",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:a:cisco:unified_contact_center_express:12.5\\(1\\)_su02_es03:*:*:*:*:*:*:*",
            "matchCriteriaId": "EE0B3B5E-2C4C-473C-B7FB-F62AAC19744C",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:a:cisco:unified_contact_center_express:12.5\\(1\\)_su02_es04:*:*:*:*:*:*:*",
            "matchCriteriaId": "51D7EEFA-D04C-4769-8C62-B8B5902F79ED",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:a:cisco:unified_contact_center_express:12.5\\(1\\)_su03_es01:*:*:*:*:*:*:*",
            "matchCriteriaId": "E31A16D3-3B40-42EA-BAC3-05A13082CED2",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:a:cisco:unified_contact_center_express:12.5\\(1\\)_su03_es02:*:*:*:*:*:*:*",
            "matchCriteriaId": "21F08B08-23C1-4AD7-AD67-34D196C8470E",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:a:cisco:unified_contact_center_express:12.5\\(1\\)_su03_es03:*:*:*:*:*:*:*",
            "matchCriteriaId": "05AD3A80-2409-475E-87F5-430E51C53087",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:a:cisco:unified_contact_center_express:12.5\\(1\\)_su03_es04:*:*:*:*:*:*:*",
            "matchCriteriaId": "49165652-275C-4AD9-9585-2F130989D404",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:a:cisco:unified_contact_center_express:12.5\\(1\\)_su03_es05:*:*:*:*:*:*:*",
            "matchCriteriaId": "A4480EF1-226E-459E-B2F5-3985A219BBD5",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:a:cisco:unified_contact_center_express:12.5\\(1\\)_su03_es06:*:*:*:*:*:*:*",
            "matchCriteriaId": "2A408698-6123-4772-8D11-FE89EBB135D0",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:a:cisco:unified_contact_center_express:12.5\\(1\\)es01:*:*:*:*:*:*:*",
            "matchCriteriaId": "81728CDB-DD39-4DD9-BB82-6F2D8E3D1E2D",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:a:cisco:unified_contact_center_express:12.5\\(1\\)es02:*:*:*:*:*:*:*",
            "matchCriteriaId": "80F9AF5B-3670-4910-9AD8-C1FB90C7190B",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:a:cisco:unified_contact_center_express:12.5\\(1\\)es03:*:*:*:*:*:*:*",
            "matchCriteriaId": "78DAF852-5CA1-4D2B-948B-F0E9FB9DA973",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:a:cisco:unified_contact_center_express:12.5\\(1\\)su1:*:*:*:*:*:*:*",
            "matchCriteriaId": "83EDDAAF-0746-4851-B7E5-60E4ED039D02",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:a:cisco:unified_contact_center_express:12.5\\(1\\)su2:*:*:*:*:*:*:*",
            "matchCriteriaId": "0FBB3406-4AD0-41B1-AFC3-3FC6E7E01B10",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:a:cisco:unified_contact_center_express:12.5\\(1\\)su3:*:*:*:*:*:*:*",
            "matchCriteriaId": "6BF183D9-CDF6-44D9-B529-F13666A3EE07",
            "vulnerable": true
          }
        ],
        "negate": false,
        "operator": "OR"
      }
    ]
  }
]
References

Sources include official advisories and independent security research.
Overview

Risk scores

CVSS 3.1

Weaknesses

Social media

Configurations

Related CVEs

References
