Search

Find a vulnerability

Search criteria

    16 vulnerabilities found for Cisco Finesse by Cisco

    CVE-2026-20175 (GCVE-0-2026-20175)

    Vulnerability from nvd – Published: 2026-06-03 16:06 – Updated: 2026-06-03 17:46
    VLAI
    Title
    Cisco Finesse File Inclusion Vulnerability
    Summary
    A vulnerability in Cisco Finesse could allow an unauthenticated, remote attacker to load arbitrary files from remote locations into an active user session on an affected device, possibly leading to browser-based attacks. This vulnerability is due to insufficient validation of user-supplied input for HTTP requests that are sent to an affected device. An attacker who has knowledge of the address of the affected device could exploit this vulnerability by persuading a user to click a crafted link that contains the affected device address. A successful exploit could allow the attacker to conduct browser-based attacks and execute arbitrary script code in the context of the affected interface or access sensitive information on the affected device.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-73 - External Control of File Name or Path
    Assigner
    Impacted products
    Vendor Product Version
    Cisco Cisco Finesse Affected: 11.0(1)ES_Rollback
    Affected: 10.5(1)ES4
    Affected: 11.6(1)ES3
    Affected: 11.0(1)ES2
    Affected: 12.0(1)ES2
    Affected: 10.5(1)ES3
    Affected: 11.0(1)
    Affected: 11.6(1)FIPS
    Affected: 11.6(1)ES4
    Affected: 11.0(1)ES3
    Affected: 10.5(1)ES6
    Affected: 11.0(1)ES7
    Affected: 11.5(1)ES4
    Affected: 10.5(1)ES8
    Affected: 11.5(1)
    Affected: 11.6(1)
    Affected: 10.5(1)ES10
    Affected: 11.6(1)ES2
    Affected: 11.6(1)ES
    Affected: 11.0(1)ES6
    Affected: 11.0(1)ES4
    Affected: 12.0(1)
    Affected: 11.6(1)ES7
    Affected: 10.5(1)ES7
    Affected: 11.6(1)ES8
    Affected: 11.5(1)ES1
    Affected: 11.6(1)ES1
    Affected: 11.5(1)ES5
    Affected: 11.0(1)ES1
    Affected: 10.5(1)
    Affected: 11.6(1)ES6
    Affected: 10.5(1)ES2
    Affected: 12.0(1)ES1
    Affected: 11.0(1)ES5
    Affected: 10.5(1)ES5
    Affected: 11.5(1)ES3
    Affected: 11.5(1)ES2
    Affected: 10.5(1)ES9
    Affected: 11.6(1)ES5
    Affected: 11.6(1)ES9
    Affected: 11.5(1)ES6
    Affected: 10.5(1)ES1
    Affected: 12.5(1)
    Affected: 12.0(1)ES3
    Affected: 11.6(1)ES10
    Affected: 12.5(1)ES1
    Affected: 12.5(1)ES2
    Affected: 12.0(1)ES4
    Affected: 12.5(1)ES3
    Affected: 12.0(1)ES5
    Affected: 12.5(1)ES4
    Affected: 12.0(1)ES6
    Affected: 12.5(1)ES5
    Affected: 12.5(1)ES6
    Affected: 12.0(1)ES7
    Affected: 12.6(1)
    Affected: 12.5(1)ES7
    Affected: 11.6(1)ES11
    Affected: 12.6(1)ES1
    Affected: 12.0(1)ES8
    Affected: 12.5(1)ES8
    Affected: 12.6(1)ES2
    Affected: 12.6(1)ES3
    Affected: 12.6(1)ES4
    Affected: 12.6(1)ES5
    Affected: 12.5(2)
    Affected: 12.5(1)_SU
    Affected: 12.5(1)SU
    Affected: 12.6(1)ES6
    Affected: 12.5(1)SU ES1
    Affected: 12.6(1)ES7
    Affected: 12.6(1)ES7_ET
    Affected: 12.6(2)
    Affected: 12.6(1)ES8
    Affected: 12.6(1)ES9
    Affected: 12.6(2)ES1
    Affected: 12.6(1)ES10
    Affected: 12.5(1)SU ES2
    Affected: 12.6(1)ES11
    Affected: 12.6(2)ES2
    Affected: 12.6(2)ES3
    Affected: 12.5(1)SU ES3
    Affected: 12.6(2)ES4
    Affected: 12.6(2)ES5
    Affected: 15.0(1)
    Affected: 12.6(2)ES6
    Affected: 15.0(1)ES202508
    Affected: 15.0(1)ES202511
    Affected: 15.0(1)ES202602
    Affected: 15.0(1)SU1
    Affected: 12.6(2)ES7
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-20175",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-03T17:45:48.882718Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-03T17:46:00.557Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unknown",
              "product": "Cisco Finesse",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "11.0(1)ES_Rollback"
                },
                {
                  "status": "affected",
                  "version": "10.5(1)ES4"
                },
                {
                  "status": "affected",
                  "version": "11.6(1)ES3"
                },
                {
                  "status": "affected",
                  "version": "11.0(1)ES2"
                },
                {
                  "status": "affected",
                  "version": "12.0(1)ES2"
                },
                {
                  "status": "affected",
                  "version": "10.5(1)ES3"
                },
                {
                  "status": "affected",
                  "version": "11.0(1)"
                },
                {
                  "status": "affected",
                  "version": "11.6(1)FIPS"
                },
                {
                  "status": "affected",
                  "version": "11.6(1)ES4"
                },
                {
                  "status": "affected",
                  "version": "11.0(1)ES3"
                },
                {
                  "status": "affected",
                  "version": "10.5(1)ES6"
                },
                {
                  "status": "affected",
                  "version": "11.0(1)ES7"
                },
                {
                  "status": "affected",
                  "version": "11.5(1)ES4"
                },
                {
                  "status": "affected",
                  "version": "10.5(1)ES8"
                },
                {
                  "status": "affected",
                  "version": "11.5(1)"
                },
                {
                  "status": "affected",
                  "version": "11.6(1)"
                },
                {
                  "status": "affected",
                  "version": "10.5(1)ES10"
                },
                {
                  "status": "affected",
                  "version": "11.6(1)ES2"
                },
                {
                  "status": "affected",
                  "version": "11.6(1)ES"
                },
                {
                  "status": "affected",
                  "version": "11.0(1)ES6"
                },
                {
                  "status": "affected",
                  "version": "11.0(1)ES4"
                },
                {
                  "status": "affected",
                  "version": "12.0(1)"
                },
                {
                  "status": "affected",
                  "version": "11.6(1)ES7"
                },
                {
                  "status": "affected",
                  "version": "10.5(1)ES7"
                },
                {
                  "status": "affected",
                  "version": "11.6(1)ES8"
                },
                {
                  "status": "affected",
                  "version": "11.5(1)ES1"
                },
                {
                  "status": "affected",
                  "version": "11.6(1)ES1"
                },
                {
                  "status": "affected",
                  "version": "11.5(1)ES5"
                },
                {
                  "status": "affected",
                  "version": "11.0(1)ES1"
                },
                {
                  "status": "affected",
                  "version": "10.5(1)"
                },
                {
                  "status": "affected",
                  "version": "11.6(1)ES6"
                },
                {
                  "status": "affected",
                  "version": "10.5(1)ES2"
                },
                {
                  "status": "affected",
                  "version": "12.0(1)ES1"
                },
                {
                  "status": "affected",
                  "version": "11.0(1)ES5"
                },
                {
                  "status": "affected",
                  "version": "10.5(1)ES5"
                },
                {
                  "status": "affected",
                  "version": "11.5(1)ES3"
                },
                {
                  "status": "affected",
                  "version": "11.5(1)ES2"
                },
                {
                  "status": "affected",
                  "version": "10.5(1)ES9"
                },
                {
                  "status": "affected",
                  "version": "11.6(1)ES5"
                },
                {
                  "status": "affected",
                  "version": "11.6(1)ES9"
                },
                {
                  "status": "affected",
                  "version": "11.5(1)ES6"
                },
                {
                  "status": "affected",
                  "version": "10.5(1)ES1"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)"
                },
                {
                  "status": "affected",
                  "version": "12.0(1)ES3"
                },
                {
                  "status": "affected",
                  "version": "11.6(1)ES10"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)ES1"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)ES2"
                },
                {
                  "status": "affected",
                  "version": "12.0(1)ES4"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)ES3"
                },
                {
                  "status": "affected",
                  "version": "12.0(1)ES5"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)ES4"
                },
                {
                  "status": "affected",
                  "version": "12.0(1)ES6"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)ES5"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)ES6"
                },
                {
                  "status": "affected",
                  "version": "12.0(1)ES7"
                },
                {
                  "status": "affected",
                  "version": "12.6(1)"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)ES7"
                },
                {
                  "status": "affected",
                  "version": "11.6(1)ES11"
                },
                {
                  "status": "affected",
                  "version": "12.6(1)ES1"
                },
                {
                  "status": "affected",
                  "version": "12.0(1)ES8"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)ES8"
                },
                {
                  "status": "affected",
                  "version": "12.6(1)ES2"
                },
                {
                  "status": "affected",
                  "version": "12.6(1)ES3"
                },
                {
                  "status": "affected",
                  "version": "12.6(1)ES4"
                },
                {
                  "status": "affected",
                  "version": "12.6(1)ES5"
                },
                {
                  "status": "affected",
                  "version": "12.5(2)"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)_SU"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)SU"
                },
                {
                  "status": "affected",
                  "version": "12.6(1)ES6"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)SU ES1"
                },
                {
                  "status": "affected",
                  "version": "12.6(1)ES7"
                },
                {
                  "status": "affected",
                  "version": "12.6(1)ES7_ET"
                },
                {
                  "status": "affected",
                  "version": "12.6(2)"
                },
                {
                  "status": "affected",
                  "version": "12.6(1)ES8"
                },
                {
                  "status": "affected",
                  "version": "12.6(1)ES9"
                },
                {
                  "status": "affected",
                  "version": "12.6(2)ES1"
                },
                {
                  "status": "affected",
                  "version": "12.6(1)ES10"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)SU ES2"
                },
                {
                  "status": "affected",
                  "version": "12.6(1)ES11"
                },
                {
                  "status": "affected",
                  "version": "12.6(2)ES2"
                },
                {
                  "status": "affected",
                  "version": "12.6(2)ES3"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)SU ES3"
                },
                {
                  "status": "affected",
                  "version": "12.6(2)ES4"
                },
                {
                  "status": "affected",
                  "version": "12.6(2)ES5"
                },
                {
                  "status": "affected",
                  "version": "15.0(1)"
                },
                {
                  "status": "affected",
                  "version": "12.6(2)ES6"
                },
                {
                  "status": "affected",
                  "version": "15.0(1)ES202508"
                },
                {
                  "status": "affected",
                  "version": "15.0(1)ES202511"
                },
                {
                  "status": "affected",
                  "version": "15.0(1)ES202602"
                },
                {
                  "status": "affected",
                  "version": "15.0(1)SU1"
                },
                {
                  "status": "affected",
                  "version": "12.6(2)ES7"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability in Cisco Finesse could allow an unauthenticated, remote attacker to load arbitrary files from remote locations into an active user session on an affected device, possibly leading to browser-based attacks.\r\n\r\nThis vulnerability is due to insufficient validation of user-supplied input for HTTP requests that are sent to an affected device. An attacker who has knowledge of the address of the affected device could exploit this vulnerability by persuading a user to click a crafted link that contains the affected device address. A successful exploit could allow the attacker to conduct browser-based attacks and execute arbitrary script code in the context of the affected interface or access sensitive information on the affected device."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 6.1,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "scope": "CHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
                "version": "3.1"
              },
              "format": "cvssV3_1"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-73",
                  "description": "External Control of File Name or Path",
                  "lang": "en",
                  "type": "cwe"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-03T16:06:15.233Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "cisco-sa-finesse-rfi-gwpkdc89",
              "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-finesse-rfi-gwpkdc89"
            }
          ],
          "source": {
            "advisory": "cisco-sa-finesse-rfi-gwpkdc89",
            "defects": [
              "CSCws76655"
            ],
            "discovery": "EXTERNAL"
          },
          "title": "Cisco Finesse File Inclusion Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2026-20175",
        "datePublished": "2026-06-03T16:06:15.233Z",
        "dateReserved": "2025-10-08T11:59:15.392Z",
        "dateUpdated": "2026-06-03T17:46:00.557Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-20278 (GCVE-0-2025-20278)

    Vulnerability from nvd – Published: 2025-06-04 16:18 – Updated: 2026-02-26 17:51
    VLAI
    Title
    Cisco Unified Communications Products Command Injection Vulnerability
    Summary
    A vulnerability in the CLI of multiple Cisco Unified Communications products could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system of an affected device as the root user. This vulnerability is due to improper validation of user-supplied command arguments. An attacker could exploit this vulnerability by executing crafted commands on the CLI of an affected device. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system of an affected device as the root user. To exploit this vulnerability, the attacker must have valid administrative credentials.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-77 - Improper Neutralization of Special Elements used in a Command ('Command Injection')
    Assigner
    Impacted products
    Vendor Product Version
    Cisco Cisco Finesse Affected: 11.0(1)ES_Rollback
    Affected: 10.5(1)ES4
    Affected: 11.6(1)ES3
    Affected: 11.0(1)ES2
    Affected: 12.0(1)ES2
    Affected: 10.5(1)ES3
    Affected: 11.0(1)
    Affected: 11.6(1)FIPS
    Affected: 11.6(1)ES4
    Affected: 11.0(1)ES3
    Affected: 10.5(1)ES6
    Affected: 11.0(1)ES7
    Affected: 11.5(1)ES4
    Affected: 10.5(1)ES8
    Affected: 11.5(1)
    Affected: 11.6(1)
    Affected: 10.5(1)ES10
    Affected: 11.6(1)ES2
    Affected: 11.6(1)ES
    Affected: 11.0(1)ES6
    Affected: 11.0(1)ES4
    Affected: 12.0(1)
    Affected: 11.6(1)ES7
    Affected: 10.5(1)ES7
    Affected: 11.6(1)ES8
    Affected: 11.5(1)ES1
    Affected: 11.6(1)ES1
    Affected: 11.5(1)ES5
    Affected: 11.0(1)ES1
    Affected: 10.5(1)
    Affected: 11.6(1)ES6
    Affected: 10.5(1)ES2
    Affected: 12.0(1)ES1
    Affected: 11.0(1)ES5
    Affected: 10.5(1)ES5
    Affected: 11.5(1)ES3
    Affected: 11.5(1)ES2
    Affected: 10.5(1)ES9
    Affected: 11.6(1)ES5
    Affected: 11.6(1)ES9
    Affected: 11.5(1)ES6
    Affected: 10.5(1)ES1
    Affected: 12.5(1)
    Affected: 12.0(1)ES3
    Affected: 11.6(1)ES10
    Affected: 12.5(1)ES1
    Affected: 12.5(1)ES2
    Affected: 12.0(1)ES4
    Affected: 12.5(1)ES3
    Affected: 12.0(1)ES5
    Affected: 12.5(1)ES4
    Affected: 12.0(1)ES6
    Affected: 12.5(1)ES5
    Affected: 12.5(1)ES6
    Affected: 12.0(1)ES7
    Affected: 12.6(1)
    Affected: 12.5(1)ES7
    Affected: 11.6(1)ES11
    Affected: 12.6(1)ES1
    Affected: 12.0(1)ES8
    Affected: 12.5(1)ES8
    Affected: 12.6(1)ES2
    Affected: 12.6(1)ES3
    Affected: 12.6(1)ES4
    Affected: 12.6(1)ES5
    Affected: 12.5(2)
    Affected: 12.5(1)_SU
    Affected: 12.5(1)SU
    Affected: 12.6(1)ES6
    Affected: 12.5(1)SU ES1
    Affected: 12.6(1)ES7
    Affected: 12.6(1)ES7_ET
    Affected: 12.6(2)
    Affected: 12.6(1)ES8
    Affected: 12.6(1)ES9
    Affected: 12.6(2)ES1
    Affected: 12.6(1)ES10
    Affected: 12.5(1)SU ES2
    Affected: 12.6(1)ES11
    Affected: 12.6(2)ES2
    Affected: 12.6(2)ES3
    Affected: 12.5(1)SU ES3
    Affected: 12.6(2)ES4
    Affected: 12.6(2)ES5
    Create a notification for this product.
    Cisco Cisco SocialMiner Affected: 12.5(1)ES01
    Affected: 10.5(1)
    Affected: 11.6(1)
    Affected: 10.6(1)
    Affected: 12.0(1)ES04
    Affected: 10.6(2)
    Affected: 12.5(1)
    Affected: 11.6(2)
    Affected: 12.0(1)
    Affected: 12.0(1)ES02
    Affected: 11.0(1)
    Affected: 11.5(1)
    Affected: 11.5(1)SU1
    Affected: 12.0(1)ES03
    Affected: 12.5(1)SU3
    Affected: 12.5(1)SU1
    Affected: 12.5(1)SU2
    Create a notification for this product.
    Cisco Cisco Unified Communications Manager Affected: 12.5(1)SU2
    Affected: 12.5(1)SU1
    Affected: 12.5(1)
    Affected: 12.5(1)SU3
    Affected: 12.5(1)SU4
    Affected: 14
    Affected: 12.5(1)SU5
    Affected: 14SU1
    Affected: 12.5(1)SU6
    Affected: 14SU2
    Affected: 12.5(1)SU7
    Affected: 12.5(1)SU7a
    Affected: 14SU3
    Affected: 12.5(1)SU8
    Affected: 12.5(1)SU8a
    Affected: 15
    Affected: 15SU1
    Affected: 14SU4
    Affected: 14SU4a
    Affected: 15SU1a
    Affected: 12.5(1)SU9
    Create a notification for this product.
    Cisco Cisco Unified Communications Manager IM and Presence Service Affected: 12.5(1)
    Affected: 12.5(1)SU1
    Affected: 12.5(1)SU2
    Affected: 12.5(1)SU3
    Affected: 12.5(1)SU4
    Affected: 14
    Affected: 12.5(1)SU5
    Affected: 14SU1
    Affected: 12.5(1)SU6
    Affected: 14SU2
    Affected: 14SU2a
    Affected: 12.5(1)SU7
    Affected: 14SU3
    Affected: 12.5(1)SU8
    Affected: 15
    Affected: Recovery ISO
    Affected: 15SU1
    Affected: 14SU4
    Affected: 12.5(1)SU9
    Create a notification for this product.
    Cisco Cisco Unified Contact Center Express Affected: 10.6(1)
    Affected: 10.5(1)SU1
    Affected: 10.6(1)SU3
    Affected: 12.0(1)
    Affected: 10.0(1)SU1
    Affected: 10.6(1)SU1
    Affected: 11.0(1)SU1
    Affected: 11.5(1)SU1
    Affected: 10.5(1)
    Affected: 11.6(1)
    Affected: 11.6(2)
    Affected: 12.5(1)
    Affected: 12.5(1)SU1
    Affected: 12.5(1)SU2
    Affected: 12.5(1)SU3
    Affected: 12.5(1)_SU03_ES01
    Affected: 12.5(1)_SU03_ES02
    Affected: 12.5(1)_SU02_ES03
    Affected: 12.5(1)_SU02_ES04
    Affected: 12.5(1)_SU02_ES02
    Affected: 12.5(1)_SU01_ES02
    Affected: 12.5(1)_SU01_ES03
    Affected: 12.5(1)_SU02_ES01
    Affected: 11.6(2)ES07
    Affected: 11.6(2)ES08
    Affected: 12.5(1)_SU01_ES01
    Affected: 12.0(1)ES04
    Affected: 12.5(1)ES02
    Affected: 12.5(1)ES03
    Affected: 11.6(2)ES06
    Affected: 12.5(1)ES01
    Affected: 12.0(1)ES03
    Affected: 12.0(1)ES01
    Affected: 11.6(2)ES05
    Affected: 12.0(1)ES02
    Affected: 11.6(2)ES04
    Affected: 11.6(2)ES03
    Affected: 11.6(2)ES02
    Affected: 11.6(2)ES01
    Affected: 10.6(1)SU3ES03
    Affected: 11.0(1)SU1ES03
    Affected: 10.6(1)SU3ES01
    Affected: 10.5(1)SU1ES10
    Affected: 10.0(1)SU1ES04
    Affected: 11.5(1)SU1ES03
    Affected: 11.6(1)ES02
    Affected: 11.5(1)ES01
    Affected: 9.0(2)SU3ES04
    Affected: 10.6(1)SU2
    Affected: 10.6(1)SU2ES04
    Affected: 11.6(1)ES01
    Affected: 10.6(1)SU3ES02
    Affected: 11.5(1)SU1ES02
    Affected: 11.5(1)SU1ES01
    Affected: 8.5(1)
    Affected: 11.0(1)SU1ES02
    Affected: 12.5(1)_SU03_ES03
    Affected: 12.5(1)_SU03_ES04
    Affected: 12.5(1)_SU03_ES05
    Affected: 12.5(1)_SU03_ES06
    Create a notification for this product.
    Cisco Cisco Unified Intelligence Center Affected: 11.6(1)
    Affected: 10.5(1)
    Affected: 11.0(1)
    Affected: 11.5(1)
    Affected: 12.0(1)
    Affected: 12.5(1)
    Affected: 11.0(2)
    Affected: 12.6(1)
    Affected: 12.5(1)SU
    Affected: 12.6(1)_ET
    Affected: 12.6(1)_ES05_ET
    Affected: 11.0(3)
    Affected: 12.6(2)
    Affected: 12.6(2)_504_Issue_ET
    Affected: 12.6.1_ExcelIssue_ET
    Affected: 12.6(2)_Permalink_ET
    Affected: 12.6.2_CSCwk19536_ET
    Affected: 12.6.2_CSCwm96922_ET
    Affected: 12.6.2_Amq_OOS_ET
    Affected: 12.5(2)ET_CSCwi79933
    Affected: 12.6(2)_ET
    Affected: 12.6.2_CSCwn48501_ET
    Create a notification for this product.
    Cisco Cisco Unity Connection Affected: 12.5(1)
    Affected: 12.5(1)SU1
    Affected: 12.5(1)SU2
    Affected: 12.5(1)SU3
    Affected: 12.5(1)SU4
    Affected: 14
    Affected: 12.5(1)SU5
    Affected: 14SU1
    Affected: 12.5(1)SU6
    Affected: 14SU2
    Affected: 12.5(1)SU7
    Affected: 14SU3
    Affected: 12.5(1)SU8
    Affected: 14SU3a
    Affected: 12.5(1)SU8a
    Affected: 15
    Affected: 15SU1
    Affected: 14SU4
    Affected: 12.5(1)SU9
    Create a notification for this product.
    Cisco Cisco Virtualized Voice Browser Affected: 11.0(1)
    Affected: 11.6(1)_ES84
    Affected: 11.5(1)_ES54
    Affected: 11.5(1)_ES27
    Affected: 11.5(1)
    Affected: 11.5(1)ES36
    Affected: 12.0(1)_ES01
    Affected: 11.6(1)_ES85
    Affected: 12.5(1)_ES05
    Affected: 11.5(1)_ES32
    Affected: 11.6(1)_ES83
    Affected: 11.5(1)_ES29
    Affected: 12.0(1)_ES06
    Affected: 12.5(1)
    Affected: 12.0(1)_ES07
    Affected: 11.6(1)_ES80
    Affected: 12.0(1)_ES05
    Affected: 11.5(1)_ES36
    Affected: 11.5(1)_ES53
    Affected: 12.5(1)_ES08
    Affected: 11.5(1)ES43
    Affected: 12.0(1)_ES03
    Affected: 11.6(1)_ES86
    Affected: 12.0(1)_ES04
    Affected: 11.5(1)ES27
    Affected: 12.5(1)_ES03
    Affected: 11.6(1)_ES88
    Affected: 12.5(1)_ES06
    Affected: 11.6(1)_ES82
    Affected: 11.6(1)
    Affected: 11.5(1)ES29
    Affected: 12.5(1)_ES04
    Affected: 12.5(1)_ES07
    Affected: 11.6(1)_ES87
    Affected: 11.6(1)_ES81
    Affected: 12.0(1)
    Affected: 11.6(1)_ES22
    Affected: 11.5(1)_ES43
    Affected: 11.5(1)ES32
    Affected: 12.0(1)_ES02
    Affected: 12.5(1)_ES02
    Affected: 12.6(1)
    Affected: 12.5(1)_ES09
    Affected: 12.6(1)_ES01
    Affected: 12.0(1)_ES08
    Affected: 12.5(1)_ES10
    Affected: 12.6(1)_ES02
    Affected: 12.5(1)_ES11
    Affected: 12.5(1)_ES12
    Affected: 12.6(1)_ES03
    Affected: 12.5(1)_ES13
    Affected: 12.5(1)_ES14
    Affected: 12.6(1)_ES04
    Affected: 12.6(1)_ES05
    Affected: 12.5(1)_ES15
    Affected: 12.6(1)_ES06
    Affected: 12.6(1)_ET
    Affected: 12.5(1)_ES16
    Affected: 12.5(1)SU
    Affected: 12.5(1)_SU
    Affected: 12.5(1)_SU_ES01
    Affected: 12.6(1)_ES07
    Affected: 12.6(2)
    Affected: 12.5(1)_ES17
    Affected: 12.6(1)_ES08
    Affected: 12.6(1)_ES09
    Affected: 12.6(1)_ES10
    Affected: 12.5(1)_SU_ES02
    Affected: 12.6(2)_ES01
    Affected: 12.6(2)_ET01
    Affected: 12.5(2)_ET
    Affected: 12.6(2)_ES02
    Affected: 12.6(2)_ET_Streaming
    Affected: 12.6(2)ET_Transcribe
    Affected: 12.6(2)_ES03
    Affected: 12.6(2)ET_NuanceMix
    Affected: 12.6(2)ET_FileUpload
    Affected: 12.6(2)_ET02
    Affected: 12.6(2)_ES04
    Affected: 12.6.2ET_RTPfallback
    Affected: 12.6.2ET_CSCwf55306
    Affected: 12.6.2_ET_CSCwj36712
    Affected: 12.5.2 ET-CSCwj33374
    Affected: 12.5(1) SU ET
    Affected: 12.6(2)ET_CSCwj87296
    Affected: 12.6(2)_ES05
    Affected: 12.5.2_ET_CSCvz27014
    Affected: 12.6(2)_ET
    Affected: 12.6.2-ET
    Affected: 12.6(2)ET_CSCwk83135
    Affected: 12.6.2_ET_CX_ALAW
    Affected: 12.6.2-ET01-SSL
    Affected: 12.6(2)_ES06
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-20278",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-06-06T03:55:33.465322Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-02-26T17:51:08.371Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unknown",
              "product": "Cisco Finesse",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "11.0(1)ES_Rollback"
                },
                {
                  "status": "affected",
                  "version": "10.5(1)ES4"
                },
                {
                  "status": "affected",
                  "version": "11.6(1)ES3"
                },
                {
                  "status": "affected",
                  "version": "11.0(1)ES2"
                },
                {
                  "status": "affected",
                  "version": "12.0(1)ES2"
                },
                {
                  "status": "affected",
                  "version": "10.5(1)ES3"
                },
                {
                  "status": "affected",
                  "version": "11.0(1)"
                },
                {
                  "status": "affected",
                  "version": "11.6(1)FIPS"
                },
                {
                  "status": "affected",
                  "version": "11.6(1)ES4"
                },
                {
                  "status": "affected",
                  "version": "11.0(1)ES3"
                },
                {
                  "status": "affected",
                  "version": "10.5(1)ES6"
                },
                {
                  "status": "affected",
                  "version": "11.0(1)ES7"
                },
                {
                  "status": "affected",
                  "version": "11.5(1)ES4"
                },
                {
                  "status": "affected",
                  "version": "10.5(1)ES8"
                },
                {
                  "status": "affected",
                  "version": "11.5(1)"
                },
                {
                  "status": "affected",
                  "version": "11.6(1)"
                },
                {
                  "status": "affected",
                  "version": "10.5(1)ES10"
                },
                {
                  "status": "affected",
                  "version": "11.6(1)ES2"
                },
                {
                  "status": "affected",
                  "version": "11.6(1)ES"
                },
                {
                  "status": "affected",
                  "version": "11.0(1)ES6"
                },
                {
                  "status": "affected",
                  "version": "11.0(1)ES4"
                },
                {
                  "status": "affected",
                  "version": "12.0(1)"
                },
                {
                  "status": "affected",
                  "version": "11.6(1)ES7"
                },
                {
                  "status": "affected",
                  "version": "10.5(1)ES7"
                },
                {
                  "status": "affected",
                  "version": "11.6(1)ES8"
                },
                {
                  "status": "affected",
                  "version": "11.5(1)ES1"
                },
                {
                  "status": "affected",
                  "version": "11.6(1)ES1"
                },
                {
                  "status": "affected",
                  "version": "11.5(1)ES5"
                },
                {
                  "status": "affected",
                  "version": "11.0(1)ES1"
                },
                {
                  "status": "affected",
                  "version": "10.5(1)"
                },
                {
                  "status": "affected",
                  "version": "11.6(1)ES6"
                },
                {
                  "status": "affected",
                  "version": "10.5(1)ES2"
                },
                {
                  "status": "affected",
                  "version": "12.0(1)ES1"
                },
                {
                  "status": "affected",
                  "version": "11.0(1)ES5"
                },
                {
                  "status": "affected",
                  "version": "10.5(1)ES5"
                },
                {
                  "status": "affected",
                  "version": "11.5(1)ES3"
                },
                {
                  "status": "affected",
                  "version": "11.5(1)ES2"
                },
                {
                  "status": "affected",
                  "version": "10.5(1)ES9"
                },
                {
                  "status": "affected",
                  "version": "11.6(1)ES5"
                },
                {
                  "status": "affected",
                  "version": "11.6(1)ES9"
                },
                {
                  "status": "affected",
                  "version": "11.5(1)ES6"
                },
                {
                  "status": "affected",
                  "version": "10.5(1)ES1"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)"
                },
                {
                  "status": "affected",
                  "version": "12.0(1)ES3"
                },
                {
                  "status": "affected",
                  "version": "11.6(1)ES10"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)ES1"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)ES2"
                },
                {
                  "status": "affected",
                  "version": "12.0(1)ES4"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)ES3"
                },
                {
                  "status": "affected",
                  "version": "12.0(1)ES5"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)ES4"
                },
                {
                  "status": "affected",
                  "version": "12.0(1)ES6"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)ES5"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)ES6"
                },
                {
                  "status": "affected",
                  "version": "12.0(1)ES7"
                },
                {
                  "status": "affected",
                  "version": "12.6(1)"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)ES7"
                },
                {
                  "status": "affected",
                  "version": "11.6(1)ES11"
                },
                {
                  "status": "affected",
                  "version": "12.6(1)ES1"
                },
                {
                  "status": "affected",
                  "version": "12.0(1)ES8"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)ES8"
                },
                {
                  "status": "affected",
                  "version": "12.6(1)ES2"
                },
                {
                  "status": "affected",
                  "version": "12.6(1)ES3"
                },
                {
                  "status": "affected",
                  "version": "12.6(1)ES4"
                },
                {
                  "status": "affected",
                  "version": "12.6(1)ES5"
                },
                {
                  "status": "affected",
                  "version": "12.5(2)"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)_SU"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)SU"
                },
                {
                  "status": "affected",
                  "version": "12.6(1)ES6"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)SU ES1"
                },
                {
                  "status": "affected",
                  "version": "12.6(1)ES7"
                },
                {
                  "status": "affected",
                  "version": "12.6(1)ES7_ET"
                },
                {
                  "status": "affected",
                  "version": "12.6(2)"
                },
                {
                  "status": "affected",
                  "version": "12.6(1)ES8"
                },
                {
                  "status": "affected",
                  "version": "12.6(1)ES9"
                },
                {
                  "status": "affected",
                  "version": "12.6(2)ES1"
                },
                {
                  "status": "affected",
                  "version": "12.6(1)ES10"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)SU ES2"
                },
                {
                  "status": "affected",
                  "version": "12.6(1)ES11"
                },
                {
                  "status": "affected",
                  "version": "12.6(2)ES2"
                },
                {
                  "status": "affected",
                  "version": "12.6(2)ES3"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)SU ES3"
                },
                {
                  "status": "affected",
                  "version": "12.6(2)ES4"
                },
                {
                  "status": "affected",
                  "version": "12.6(2)ES5"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Cisco SocialMiner",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "12.5(1)ES01"
                },
                {
                  "status": "affected",
                  "version": "10.5(1)"
                },
                {
                  "status": "affected",
                  "version": "11.6(1)"
                },
                {
                  "status": "affected",
                  "version": "10.6(1)"
                },
                {
                  "status": "affected",
                  "version": "12.0(1)ES04"
                },
                {
                  "status": "affected",
                  "version": "10.6(2)"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)"
                },
                {
                  "status": "affected",
                  "version": "11.6(2)"
                },
                {
                  "status": "affected",
                  "version": "12.0(1)"
                },
                {
                  "status": "affected",
                  "version": "12.0(1)ES02"
                },
                {
                  "status": "affected",
                  "version": "11.0(1)"
                },
                {
                  "status": "affected",
                  "version": "11.5(1)"
                },
                {
                  "status": "affected",
                  "version": "11.5(1)SU1"
                },
                {
                  "status": "affected",
                  "version": "12.0(1)ES03"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)SU3"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)SU1"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)SU2"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Cisco Unified Communications Manager",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "12.5(1)SU2"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)SU1"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)SU3"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)SU4"
                },
                {
                  "status": "affected",
                  "version": "14"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)SU5"
                },
                {
                  "status": "affected",
                  "version": "14SU1"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)SU6"
                },
                {
                  "status": "affected",
                  "version": "14SU2"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)SU7"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)SU7a"
                },
                {
                  "status": "affected",
                  "version": "14SU3"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)SU8"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)SU8a"
                },
                {
                  "status": "affected",
                  "version": "15"
                },
                {
                  "status": "affected",
                  "version": "15SU1"
                },
                {
                  "status": "affected",
                  "version": "14SU4"
                },
                {
                  "status": "affected",
                  "version": "14SU4a"
                },
                {
                  "status": "affected",
                  "version": "15SU1a"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)SU9"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Cisco Unified Communications Manager IM and Presence Service",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "12.5(1)"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)SU1"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)SU2"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)SU3"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)SU4"
                },
                {
                  "status": "affected",
                  "version": "14"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)SU5"
                },
                {
                  "status": "affected",
                  "version": "14SU1"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)SU6"
                },
                {
                  "status": "affected",
                  "version": "14SU2"
                },
                {
                  "status": "affected",
                  "version": "14SU2a"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)SU7"
                },
                {
                  "status": "affected",
                  "version": "14SU3"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)SU8"
                },
                {
                  "status": "affected",
                  "version": "15"
                },
                {
                  "status": "affected",
                  "version": "Recovery ISO"
                },
                {
                  "status": "affected",
                  "version": "15SU1"
                },
                {
                  "status": "affected",
                  "version": "14SU4"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)SU9"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Cisco Unified Contact Center Express",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "10.6(1)"
                },
                {
                  "status": "affected",
                  "version": "10.5(1)SU1"
                },
                {
                  "status": "affected",
                  "version": "10.6(1)SU3"
                },
                {
                  "status": "affected",
                  "version": "12.0(1)"
                },
                {
                  "status": "affected",
                  "version": "10.0(1)SU1"
                },
                {
                  "status": "affected",
                  "version": "10.6(1)SU1"
                },
                {
                  "status": "affected",
                  "version": "11.0(1)SU1"
                },
                {
                  "status": "affected",
                  "version": "11.5(1)SU1"
                },
                {
                  "status": "affected",
                  "version": "10.5(1)"
                },
                {
                  "status": "affected",
                  "version": "11.6(1)"
                },
                {
                  "status": "affected",
                  "version": "11.6(2)"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)SU1"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)SU2"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)SU3"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)_SU03_ES01"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)_SU03_ES02"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)_SU02_ES03"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)_SU02_ES04"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)_SU02_ES02"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)_SU01_ES02"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)_SU01_ES03"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)_SU02_ES01"
                },
                {
                  "status": "affected",
                  "version": "11.6(2)ES07"
                },
                {
                  "status": "affected",
                  "version": "11.6(2)ES08"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)_SU01_ES01"
                },
                {
                  "status": "affected",
                  "version": "12.0(1)ES04"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)ES02"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)ES03"
                },
                {
                  "status": "affected",
                  "version": "11.6(2)ES06"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)ES01"
                },
                {
                  "status": "affected",
                  "version": "12.0(1)ES03"
                },
                {
                  "status": "affected",
                  "version": "12.0(1)ES01"
                },
                {
                  "status": "affected",
                  "version": "11.6(2)ES05"
                },
                {
                  "status": "affected",
                  "version": "12.0(1)ES02"
                },
                {
                  "status": "affected",
                  "version": "11.6(2)ES04"
                },
                {
                  "status": "affected",
                  "version": "11.6(2)ES03"
                },
                {
                  "status": "affected",
                  "version": "11.6(2)ES02"
                },
                {
                  "status": "affected",
                  "version": "11.6(2)ES01"
                },
                {
                  "status": "affected",
                  "version": "10.6(1)SU3ES03"
                },
                {
                  "status": "affected",
                  "version": "11.0(1)SU1ES03"
                },
                {
                  "status": "affected",
                  "version": "10.6(1)SU3ES01"
                },
                {
                  "status": "affected",
                  "version": "10.5(1)SU1ES10"
                },
                {
                  "status": "affected",
                  "version": "10.0(1)SU1ES04"
                },
                {
                  "status": "affected",
                  "version": "11.5(1)SU1ES03"
                },
                {
                  "status": "affected",
                  "version": "11.6(1)ES02"
                },
                {
                  "status": "affected",
                  "version": "11.5(1)ES01"
                },
                {
                  "status": "affected",
                  "version": "9.0(2)SU3ES04"
                },
                {
                  "status": "affected",
                  "version": "10.6(1)SU2"
                },
                {
                  "status": "affected",
                  "version": "10.6(1)SU2ES04"
                },
                {
                  "status": "affected",
                  "version": "11.6(1)ES01"
                },
                {
                  "status": "affected",
                  "version": "10.6(1)SU3ES02"
                },
                {
                  "status": "affected",
                  "version": "11.5(1)SU1ES02"
                },
                {
                  "status": "affected",
                  "version": "11.5(1)SU1ES01"
                },
                {
                  "status": "affected",
                  "version": "8.5(1)"
                },
                {
                  "status": "affected",
                  "version": "11.0(1)SU1ES02"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)_SU03_ES03"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)_SU03_ES04"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)_SU03_ES05"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)_SU03_ES06"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Cisco Unified Intelligence Center",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "11.6(1)"
                },
                {
                  "status": "affected",
                  "version": "10.5(1)"
                },
                {
                  "status": "affected",
                  "version": "11.0(1)"
                },
                {
                  "status": "affected",
                  "version": "11.5(1)"
                },
                {
                  "status": "affected",
                  "version": "12.0(1)"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)"
                },
                {
                  "status": "affected",
                  "version": "11.0(2)"
                },
                {
                  "status": "affected",
                  "version": "12.6(1)"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)SU"
                },
                {
                  "status": "affected",
                  "version": "12.6(1)_ET"
                },
                {
                  "status": "affected",
                  "version": "12.6(1)_ES05_ET"
                },
                {
                  "status": "affected",
                  "version": "11.0(3)"
                },
                {
                  "status": "affected",
                  "version": "12.6(2)"
                },
                {
                  "status": "affected",
                  "version": "12.6(2)_504_Issue_ET"
                },
                {
                  "status": "affected",
                  "version": "12.6.1_ExcelIssue_ET"
                },
                {
                  "status": "affected",
                  "version": "12.6(2)_Permalink_ET"
                },
                {
                  "status": "affected",
                  "version": "12.6.2_CSCwk19536_ET"
                },
                {
                  "status": "affected",
                  "version": "12.6.2_CSCwm96922_ET"
                },
                {
                  "status": "affected",
                  "version": "12.6.2_Amq_OOS_ET"
                },
                {
                  "status": "affected",
                  "version": "12.5(2)ET_CSCwi79933"
                },
                {
                  "status": "affected",
                  "version": "12.6(2)_ET"
                },
                {
                  "status": "affected",
                  "version": "12.6.2_CSCwn48501_ET"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Cisco Unity Connection",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "12.5(1)"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)SU1"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)SU2"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)SU3"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)SU4"
                },
                {
                  "status": "affected",
                  "version": "14"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)SU5"
                },
                {
                  "status": "affected",
                  "version": "14SU1"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)SU6"
                },
                {
                  "status": "affected",
                  "version": "14SU2"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)SU7"
                },
                {
                  "status": "affected",
                  "version": "14SU3"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)SU8"
                },
                {
                  "status": "affected",
                  "version": "14SU3a"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)SU8a"
                },
                {
                  "status": "affected",
                  "version": "15"
                },
                {
                  "status": "affected",
                  "version": "15SU1"
                },
                {
                  "status": "affected",
                  "version": "14SU4"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)SU9"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Cisco Virtualized Voice Browser",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "11.0(1)"
                },
                {
                  "status": "affected",
                  "version": "11.6(1)_ES84"
                },
                {
                  "status": "affected",
                  "version": "11.5(1)_ES54"
                },
                {
                  "status": "affected",
                  "version": "11.5(1)_ES27"
                },
                {
                  "status": "affected",
                  "version": "11.5(1)"
                },
                {
                  "status": "affected",
                  "version": "11.5(1)ES36"
                },
                {
                  "status": "affected",
                  "version": "12.0(1)_ES01"
                },
                {
                  "status": "affected",
                  "version": "11.6(1)_ES85"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)_ES05"
                },
                {
                  "status": "affected",
                  "version": "11.5(1)_ES32"
                },
                {
                  "status": "affected",
                  "version": "11.6(1)_ES83"
                },
                {
                  "status": "affected",
                  "version": "11.5(1)_ES29"
                },
                {
                  "status": "affected",
                  "version": "12.0(1)_ES06"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)"
                },
                {
                  "status": "affected",
                  "version": "12.0(1)_ES07"
                },
                {
                  "status": "affected",
                  "version": "11.6(1)_ES80"
                },
                {
                  "status": "affected",
                  "version": "12.0(1)_ES05"
                },
                {
                  "status": "affected",
                  "version": "11.5(1)_ES36"
                },
                {
                  "status": "affected",
                  "version": "11.5(1)_ES53"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)_ES08"
                },
                {
                  "status": "affected",
                  "version": "11.5(1)ES43"
                },
                {
                  "status": "affected",
                  "version": "12.0(1)_ES03"
                },
                {
                  "status": "affected",
                  "version": "11.6(1)_ES86"
                },
                {
                  "status": "affected",
                  "version": "12.0(1)_ES04"
                },
                {
                  "status": "affected",
                  "version": "11.5(1)ES27"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)_ES03"
                },
                {
                  "status": "affected",
                  "version": "11.6(1)_ES88"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)_ES06"
                },
                {
                  "status": "affected",
                  "version": "11.6(1)_ES82"
                },
                {
                  "status": "affected",
                  "version": "11.6(1)"
                },
                {
                  "status": "affected",
                  "version": "11.5(1)ES29"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)_ES04"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)_ES07"
                },
                {
                  "status": "affected",
                  "version": "11.6(1)_ES87"
                },
                {
                  "status": "affected",
                  "version": "11.6(1)_ES81"
                },
                {
                  "status": "affected",
                  "version": "12.0(1)"
                },
                {
                  "status": "affected",
                  "version": "11.6(1)_ES22"
                },
                {
                  "status": "affected",
                  "version": "11.5(1)_ES43"
                },
                {
                  "status": "affected",
                  "version": "11.5(1)ES32"
                },
                {
                  "status": "affected",
                  "version": "12.0(1)_ES02"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)_ES02"
                },
                {
                  "status": "affected",
                  "version": "12.6(1)"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)_ES09"
                },
                {
                  "status": "affected",
                  "version": "12.6(1)_ES01"
                },
                {
                  "status": "affected",
                  "version": "12.0(1)_ES08"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)_ES10"
                },
                {
                  "status": "affected",
                  "version": "12.6(1)_ES02"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)_ES11"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)_ES12"
                },
                {
                  "status": "affected",
                  "version": "12.6(1)_ES03"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)_ES13"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)_ES14"
                },
                {
                  "status": "affected",
                  "version": "12.6(1)_ES04"
                },
                {
                  "status": "affected",
                  "version": "12.6(1)_ES05"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)_ES15"
                },
                {
                  "status": "affected",
                  "version": "12.6(1)_ES06"
                },
                {
                  "status": "affected",
                  "version": "12.6(1)_ET"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)_ES16"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)SU"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)_SU"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)_SU_ES01"
                },
                {
                  "status": "affected",
                  "version": "12.6(1)_ES07"
                },
                {
                  "status": "affected",
                  "version": "12.6(2)"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)_ES17"
                },
                {
                  "status": "affected",
                  "version": "12.6(1)_ES08"
                },
                {
                  "status": "affected",
                  "version": "12.6(1)_ES09"
                },
                {
                  "status": "affected",
                  "version": "12.6(1)_ES10"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)_SU_ES02"
                },
                {
                  "status": "affected",
                  "version": "12.6(2)_ES01"
                },
                {
                  "status": "affected",
                  "version": "12.6(2)_ET01"
                },
                {
                  "status": "affected",
                  "version": "12.5(2)_ET"
                },
                {
                  "status": "affected",
                  "version": "12.6(2)_ES02"
                },
                {
                  "status": "affected",
                  "version": "12.6(2)_ET_Streaming"
                },
                {
                  "status": "affected",
                  "version": "12.6(2)ET_Transcribe"
                },
                {
                  "status": "affected",
                  "version": "12.6(2)_ES03"
                },
                {
                  "status": "affected",
                  "version": "12.6(2)ET_NuanceMix"
                },
                {
                  "status": "affected",
                  "version": "12.6(2)ET_FileUpload"
                },
                {
                  "status": "affected",
                  "version": "12.6(2)_ET02"
                },
                {
                  "status": "affected",
                  "version": "12.6(2)_ES04"
                },
                {
                  "status": "affected",
                  "version": "12.6.2ET_RTPfallback"
                },
                {
                  "status": "affected",
                  "version": "12.6.2ET_CSCwf55306"
                },
                {
                  "status": "affected",
                  "version": "12.6.2_ET_CSCwj36712"
                },
                {
                  "status": "affected",
                  "version": "12.5.2 ET-CSCwj33374"
                },
                {
                  "status": "affected",
                  "version": "12.5(1) SU ET"
                },
                {
                  "status": "affected",
                  "version": "12.6(2)ET_CSCwj87296"
                },
                {
                  "status": "affected",
                  "version": "12.6(2)_ES05"
                },
                {
                  "status": "affected",
                  "version": "12.5.2_ET_CSCvz27014"
                },
                {
                  "status": "affected",
                  "version": "12.6(2)_ET"
                },
                {
                  "status": "affected",
                  "version": "12.6.2-ET"
                },
                {
                  "status": "affected",
                  "version": "12.6(2)ET_CSCwk83135"
                },
                {
                  "status": "affected",
                  "version": "12.6.2_ET_CX_ALAW"
                },
                {
                  "status": "affected",
                  "version": "12.6.2-ET01-SSL"
                },
                {
                  "status": "affected",
                  "version": "12.6(2)_ES06"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability in the CLI of multiple Cisco Unified Communications products could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system of an affected device as the root user.\r\n\r\nThis vulnerability is due to improper validation of user-supplied command arguments. An attacker could exploit this vulnerability by executing crafted commands on the CLI of an affected device. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system of an affected device as the root user. To exploit this vulnerability, the attacker must have valid administrative credentials."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "NONE",
                "baseScore": 6,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N",
                "version": "3.1"
              },
              "format": "cvssV3_1"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-77",
                  "description": "Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)",
                  "lang": "en",
                  "type": "cwe"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-06-04T16:18:20.661Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "cisco-sa-vos-command-inject-65s2UCYy",
              "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-vos-command-inject-65s2UCYy"
            }
          ],
          "source": {
            "advisory": "cisco-sa-vos-command-inject-65s2UCYy",
            "defects": [
              "CSCwk24029"
            ],
            "discovery": "EXTERNAL"
          },
          "title": "Cisco Unified Communications Products Command Injection Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2025-20278",
        "datePublished": "2025-06-04T16:18:20.661Z",
        "dateReserved": "2024-10-10T19:15:13.246Z",
        "dateUpdated": "2026-02-26T17:51:08.371Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-20112 (GCVE-0-2025-20112)

    Vulnerability from nvd – Published: 2025-05-21 16:19 – Updated: 2026-02-26 18:28
    VLAI
    Title
    Cisco Unified Communications Products Privilege Escalation Vulnerability
    Summary
    A vulnerability in multiple Cisco Unified Communications and Contact Center Solutions products could allow an authenticated, local attacker to elevate privileges to root on an affected device. This vulnerability is due to excessive permissions that have been assigned to system commands. An attacker could exploit this vulnerability by executing crafted commands on the underlying operating system. A successful exploit could allow the attacker to escape the restricted shell and gain root privileges on the underlying operating system of an affected device. To successfully exploit this vulnerability, an attacker would need administrative access to the ESXi hypervisor.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    Cisco Cisco Emergency Responder Affected: 12.5(1a)
    Affected: 12.5(1)SU1
    Affected: 12.5(1)
    Affected: 12.5(1)SU2
    Affected: 12.5(1)SU3
    Affected: 12.5(1)SU4
    Affected: 14
    Affected: 12.5(1)SU5
    Affected: 14SU1
    Affected: 12.5(1)SU6
    Affected: 14SU2
    Affected: 12.5(1)SU7
    Affected: 14SU3
    Affected: 12.5(1)SU8
    Affected: 12.5(1)SU8a
    Affected: 12.5(1)SU8b
    Affected: 14SU3a
    Affected: 15
    Affected: 15SU1
    Affected: 15SU1a
    Affected: 14SU4
    Affected: 12.5(1)SU9
    Create a notification for this product.
    Cisco Cisco Finesse Affected: 11.0(1)ES_Rollback
    Affected: 10.5(1)ES4
    Affected: 11.6(1)ES3
    Affected: 11.0(1)ES2
    Affected: 12.0(1)ES2
    Affected: 10.5(1)ES3
    Affected: 11.0(1)
    Affected: 11.6(1)FIPS
    Affected: 11.6(1)ES4
    Affected: 11.0(1)ES3
    Affected: 10.5(1)ES6
    Affected: 11.0(1)ES7
    Affected: 11.5(1)ES4
    Affected: 10.5(1)ES8
    Affected: 11.5(1)
    Affected: 11.6(1)
    Affected: 10.5(1)ES10
    Affected: 11.6(1)ES2
    Affected: 11.6(1)ES
    Affected: 11.0(1)ES6
    Affected: 11.0(1)ES4
    Affected: 12.0(1)
    Affected: 11.6(1)ES7
    Affected: 10.5(1)ES7
    Affected: 11.6(1)ES8
    Affected: 11.5(1)ES1
    Affected: 11.6(1)ES1
    Affected: 11.5(1)ES5
    Affected: 11.0(1)ES1
    Affected: 10.5(1)
    Affected: 11.6(1)ES6
    Affected: 10.5(1)ES2
    Affected: 12.0(1)ES1
    Affected: 11.0(1)ES5
    Affected: 10.5(1)ES5
    Affected: 11.5(1)ES3
    Affected: 11.5(1)ES2
    Affected: 10.5(1)ES9
    Affected: 11.6(1)ES5
    Affected: 11.6(1)ES9
    Affected: 11.5(1)ES6
    Affected: 10.5(1)ES1
    Affected: 12.5(1)
    Affected: 12.0(1)ES3
    Affected: 11.6(1)ES10
    Affected: 12.5(1)ES1
    Affected: 12.5(1)ES2
    Affected: 12.0(1)ES4
    Affected: 12.5(1)ES3
    Affected: 12.0(1)ES5
    Affected: 12.5(1)ES4
    Affected: 12.0(1)ES6
    Affected: 12.5(1)ES5
    Affected: 12.5(1)ES6
    Affected: 12.0(1)ES7
    Affected: 12.6(1)
    Affected: 12.5(1)ES7
    Affected: 11.6(1)ES11
    Affected: 12.6(1)ES1
    Affected: 12.0(1)ES8
    Affected: 12.5(1)ES8
    Affected: 12.6(1)ES2
    Affected: 12.6(1)ES3
    Affected: 12.6(1)ES4
    Affected: 12.6(1)ES5
    Affected: 12.5(2)
    Affected: 12.5(1)_SU
    Affected: 12.5(1)SU
    Affected: 12.6(1)ES6
    Affected: 12.5(1)SU ES1
    Affected: 12.6(1)ES7
    Affected: 12.6(1)ES7_ET
    Affected: 12.6(2)
    Affected: 12.6(1)ES8
    Affected: 12.6(1)ES9
    Affected: 12.6(2)ES1
    Affected: 12.6(1)ES10
    Affected: 12.5(1)SU ES2
    Affected: 12.6(1)ES11
    Affected: 12.6(2)ES2
    Affected: 12.6(2)ES3
    Affected: 12.5(1)SU ES3
    Affected: 12.6(2)ES4
    Affected: 12.6(2)ES6
    Create a notification for this product.
    Cisco Cisco Prime Collaboration Deployment Affected: 11.5(1)
    Affected: 11.0(1a)
    Affected: 11.5(1)SU1
    Affected: 10.5(3)
    Affected: 12.6(1)
    Affected: 11.0(1)
    Affected: 11.6(2)
    Affected: 12.1(1)
    Affected: 12.0(1a)
    Affected: 11.5(3)
    Affected: 10.5(1)
    Affected: 12.5(1)
    Affected: 11.5(2)
    Affected: 11.6(1)
    Affected: 10.5(2)
    Affected: 10.5(3)SU1
    Affected: 14
    Affected: 14SU1
    Affected: 14SU2
    Affected: 14SU3
    Affected: 15
    Affected: 15SU1
    Affected: 14SU4
    Create a notification for this product.
    Cisco Cisco SocialMiner Affected: 12.5(1)ES01
    Affected: 10.5(1)
    Affected: 11.6(1)
    Affected: 10.6(1)
    Affected: 12.0(1)ES04
    Affected: 10.6(2)
    Affected: 12.5(1)
    Affected: 11.6(2)
    Affected: 12.0(1)
    Affected: 12.0(1)ES02
    Affected: 11.0(1)
    Affected: 11.5(1)
    Affected: 11.5(1)SU1
    Affected: 12.0(1)ES03
    Affected: 12.5(1)SU3
    Affected: 12.5(1)SU1
    Affected: 12.5(1)SU2
    Create a notification for this product.
    Cisco Cisco Unified Communications Manager Affected: 12.5(1)SU2
    Affected: 12.5(1)SU1
    Affected: 12.5(1)
    Affected: 12.5(1)SU3
    Affected: 12.5(1)SU4
    Affected: 14
    Affected: 12.5(1)SU5
    Affected: 14SU1
    Affected: 12.5(1)SU6
    Affected: 14SU2
    Affected: 12.5(1)SU7
    Affected: 12.5(1)SU7a
    Affected: 14SU3
    Affected: 12.5(1)SU8
    Affected: 12.5(1)SU8a
    Affected: 15
    Affected: 15SU1
    Affected: 14SU4
    Affected: 14SU4a
    Affected: 15SU1a
    Affected: 12.5(1)SU9
    Create a notification for this product.
    Cisco Cisco Unified Communications Manager IM and Presence Service Affected: 12.5(1)
    Affected: 12.5(1)SU1
    Affected: 12.5(1)SU2
    Affected: 12.5(1)SU3
    Affected: 12.5(1)SU4
    Affected: 14
    Affected: 12.5(1)SU5
    Affected: 14SU1
    Affected: 12.5(1)SU6
    Affected: 14SU2
    Affected: 14SU2a
    Affected: 12.5(1)SU7
    Affected: 14SU3
    Affected: 12.5(1)SU8
    Affected: 15
    Affected: 15SU1
    Affected: 14SU4
    Affected: 12.5(1)SU9
    Create a notification for this product.
    Cisco Cisco Unified Contact Center Express Affected: 10.5(1)SU1
    Affected: 10.6(1)
    Affected: 11.6(1)
    Affected: 10.6(1)SU1
    Affected: 10.6(1)SU3
    Affected: 11.6(2)
    Affected: 12.0(1)
    Affected: 10.0(1)SU1
    Affected: 11.0(1)SU1
    Affected: 11.5(1)SU1
    Affected: 10.5(1)
    Affected: 12.5(1)
    Affected: 12.5(1)SU1
    Affected: 12.5(1)SU2
    Affected: 12.5(1)SU3
    Affected: 12.5(1)_SU03_ES01
    Affected: 12.5(1)_SU03_ES02
    Affected: 12.5(1)_SU02_ES03
    Affected: 12.5(1)_SU02_ES04
    Affected: 12.5(1)_SU02_ES02
    Affected: 12.5(1)_SU01_ES02
    Affected: 12.5(1)_SU01_ES03
    Affected: 12.5(1)_SU02_ES01
    Affected: 11.6(2)ES07
    Affected: 11.6(2)ES08
    Affected: 12.5(1)_SU01_ES01
    Affected: 12.0(1)ES04
    Affected: 12.5(1)ES02
    Affected: 12.5(1)ES03
    Affected: 11.6(2)ES06
    Affected: 12.5(1)ES01
    Affected: 12.0(1)ES03
    Affected: 12.0(1)ES01
    Affected: 11.6(2)ES05
    Affected: 12.0(1)ES02
    Affected: 11.6(2)ES04
    Affected: 11.6(2)ES03
    Affected: 11.6(2)ES02
    Affected: 11.6(2)ES01
    Affected: 10.6(1)SU3ES03
    Affected: 11.0(1)SU1ES03
    Affected: 10.6(1)SU3ES01
    Affected: 10.5(1)SU1ES10
    Affected: 10.0(1)SU1ES04
    Affected: 11.5(1)SU1ES03
    Affected: 11.6(1)ES02
    Affected: 11.5(1)ES01
    Affected: 9.0(2)SU3ES04
    Affected: 10.6(1)SU2
    Affected: 10.6(1)SU2ES04
    Affected: 11.6(1)ES01
    Affected: 10.6(1)SU3ES02
    Affected: 11.5(1)SU1ES02
    Affected: 11.5(1)SU1ES01
    Affected: 8.5(1)SU4ES09
    Affected: 8.5(1)
    Affected: 11.0(1)SU1ES02
    Affected: 12.5(1)_SU03_ES03
    Affected: 12.5(1)_SU03_ES04
    Affected: 12.5(1)_SU03_ES05
    Affected: 12.5(1)_SU03_ES06
    Create a notification for this product.
    Cisco Cisco Unified Intelligence Center Affected: 11.6(1)
    Affected: 10.5(1)
    Affected: 11.0(1)
    Affected: 11.5(1)
    Affected: 12.0(1)
    Affected: 12.5(1)
    Affected: 11.0(2)
    Affected: 12.6(1)
    Affected: 12.5(1)SU
    Affected: 12.6(1)_ET
    Affected: 12.6(1)_ES05_ET
    Affected: 11.0(3)
    Affected: 12.6(2)
    Affected: 12.6(2)_504_Issue_ET
    Affected: 12.6.1_ExcelIssue_ET
    Affected: 12.6(2)_Permalink_ET
    Affected: 12.6.2_CSCwk19536_ET
    Affected: 12.6.2_CSCwm96922_ET
    Affected: 12.6.2_Amq_OOS_ET
    Affected: 12.5(2)ET_CSCwi79933
    Affected: 12.6(2)_ET
    Affected: 12.6.2_CSCwn48501_ET
    Create a notification for this product.
    Cisco Cisco Unity Connection Affected: 12.5(1)
    Affected: 12.5(1)SU1
    Affected: 12.5(1)SU2
    Affected: 12.5(1)SU3
    Affected: 12.5(1)SU4
    Affected: 14
    Affected: 12.5(1)SU5
    Affected: 14SU1
    Affected: 12.5(1)SU6
    Affected: 14SU2
    Affected: 12.5(1)SU7
    Affected: 14SU3
    Affected: 12.5(1)SU8
    Affected: 14SU3a
    Affected: 12.5(1)SU8a
    Affected: 15
    Affected: 15SU1
    Affected: 14SU4
    Affected: 12.5(1)SU9
    Create a notification for this product.
    Cisco Cisco Virtualized Voice Browser Affected: 11.0(1)
    Affected: 11.6(1)_ES84
    Affected: 11.5(1)_ES54
    Affected: 11.5(1)_ES27
    Affected: 11.5(1)
    Affected: 11.5(1)ES36
    Affected: 12.0(1)_ES01
    Affected: 11.6(1)_ES85
    Affected: 12.5(1)_ES05
    Affected: 11.5(1)_ES32
    Affected: 11.6(1)_ES83
    Affected: 11.5(1)_ES29
    Affected: 12.0(1)_ES06
    Affected: 12.5(1)
    Affected: 12.0(1)_ES07
    Affected: 11.6(1)_ES80
    Affected: 12.0(1)_ES05
    Affected: 11.5(1)_ES36
    Affected: 11.5(1)_ES53
    Affected: 12.5(1)_ES08
    Affected: 11.5(1)ES43
    Affected: 12.0(1)_ES03
    Affected: 11.6(1)_ES86
    Affected: 12.0(1)_ES04
    Affected: 11.5(1)ES27
    Affected: 12.5(1)_ES03
    Affected: 11.6(1)_ES88
    Affected: 12.5(1)_ES06
    Affected: 11.6(1)_ES82
    Affected: 11.6(1)
    Affected: 11.5(1)ES29
    Affected: 12.5(1)_ES04
    Affected: 12.5(1)_ES07
    Affected: 11.6(1)_ES87
    Affected: 11.6(1)_ES81
    Affected: 12.0(1)
    Affected: 11.6(1)_ES22
    Affected: 11.5(1)_ES43
    Affected: 11.5(1)ES32
    Affected: 12.0(1)_ES02
    Affected: 12.5(1)_ES02
    Affected: 12.6(1)
    Affected: 12.5(1)_ES09
    Affected: 12.6(1)_ES01
    Affected: 12.0(1)_ES08
    Affected: 12.5(1)_ES10
    Affected: 12.6(1)_ES02
    Affected: 12.5(1)_ES11
    Affected: 12.5(1)_ES12
    Affected: 12.6(1)_ES03
    Affected: 12.5(1)_ES13
    Affected: 12.5(1)_ES14
    Affected: 12.6(1)_ES04
    Affected: 12.6(1)_ES05
    Affected: 12.5(1)_ES15
    Affected: 12.6(1)_ES06
    Affected: 12.6(1)_ET
    Affected: 12.5(1)_ES16
    Affected: 12.5(1)SU
    Affected: 12.5(1)_SU
    Affected: 12.5(1)_SU_ES01
    Affected: 12.6(1)_ES07
    Affected: 12.6(2)
    Affected: 12.5(1)_ES17
    Affected: 12.6(1)_ES08
    Affected: 12.6(1)_ES09
    Affected: 12.6(1)_ES10
    Affected: 12.5(1)_SU_ES02
    Affected: 12.6(2)_ES01
    Affected: 12.6(2)_ET01
    Affected: 12.5(2)_ET
    Affected: 12.6(2)_ES02
    Affected: 12.6(2)_ET_Streaming
    Affected: 12.6(2)ET_Transcribe
    Affected: 12.6(2)_ES03
    Affected: 12.6(2)ET_NuanceMix
    Affected: 12.6(2)ET_FileUpload
    Affected: 12.6(2)_ET02
    Affected: 12.6(2)_ES04
    Affected: 12.6.2ET_RTPfallback
    Affected: 12.6.2ET_CSCwf55306
    Affected: 12.6.2_ET_CSCwj36712
    Affected: 12.5.2 ET-CSCwj33374
    Affected: 12.5(1) SU ET
    Affected: 12.6(2)ET_CSCwj87296
    Affected: 12.6(2)_ES05
    Affected: 12.5.2_ET_CSCvz27014
    Affected: 12.6(2)_ET
    Affected: 12.6.2-ET
    Affected: 12.6(2)ET_CSCwk83135
    Affected: 12.6.2_ET_CX_ALAW
    Affected: 12.6.2-ET01-SSL
    Affected: 12.6(2)_ES06
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-20112",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-05-22T03:55:23.838603Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-02-26T18:28:03.732Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unknown",
              "product": "Cisco Emergency Responder",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "12.5(1a)"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)SU1"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)SU2"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)SU3"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)SU4"
                },
                {
                  "status": "affected",
                  "version": "14"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)SU5"
                },
                {
                  "status": "affected",
                  "version": "14SU1"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)SU6"
                },
                {
                  "status": "affected",
                  "version": "14SU2"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)SU7"
                },
                {
                  "status": "affected",
                  "version": "14SU3"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)SU8"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)SU8a"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)SU8b"
                },
                {
                  "status": "affected",
                  "version": "14SU3a"
                },
                {
                  "status": "affected",
                  "version": "15"
                },
                {
                  "status": "affected",
                  "version": "15SU1"
                },
                {
                  "status": "affected",
                  "version": "15SU1a"
                },
                {
                  "status": "affected",
                  "version": "14SU4"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)SU9"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Cisco Finesse",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "11.0(1)ES_Rollback"
                },
                {
                  "status": "affected",
                  "version": "10.5(1)ES4"
                },
                {
                  "status": "affected",
                  "version": "11.6(1)ES3"
                },
                {
                  "status": "affected",
                  "version": "11.0(1)ES2"
                },
                {
                  "status": "affected",
                  "version": "12.0(1)ES2"
                },
                {
                  "status": "affected",
                  "version": "10.5(1)ES3"
                },
                {
                  "status": "affected",
                  "version": "11.0(1)"
                },
                {
                  "status": "affected",
                  "version": "11.6(1)FIPS"
                },
                {
                  "status": "affected",
                  "version": "11.6(1)ES4"
                },
                {
                  "status": "affected",
                  "version": "11.0(1)ES3"
                },
                {
                  "status": "affected",
                  "version": "10.5(1)ES6"
                },
                {
                  "status": "affected",
                  "version": "11.0(1)ES7"
                },
                {
                  "status": "affected",
                  "version": "11.5(1)ES4"
                },
                {
                  "status": "affected",
                  "version": "10.5(1)ES8"
                },
                {
                  "status": "affected",
                  "version": "11.5(1)"
                },
                {
                  "status": "affected",
                  "version": "11.6(1)"
                },
                {
                  "status": "affected",
                  "version": "10.5(1)ES10"
                },
                {
                  "status": "affected",
                  "version": "11.6(1)ES2"
                },
                {
                  "status": "affected",
                  "version": "11.6(1)ES"
                },
                {
                  "status": "affected",
                  "version": "11.0(1)ES6"
                },
                {
                  "status": "affected",
                  "version": "11.0(1)ES4"
                },
                {
                  "status": "affected",
                  "version": "12.0(1)"
                },
                {
                  "status": "affected",
                  "version": "11.6(1)ES7"
                },
                {
                  "status": "affected",
                  "version": "10.5(1)ES7"
                },
                {
                  "status": "affected",
                  "version": "11.6(1)ES8"
                },
                {
                  "status": "affected",
                  "version": "11.5(1)ES1"
                },
                {
                  "status": "affected",
                  "version": "11.6(1)ES1"
                },
                {
                  "status": "affected",
                  "version": "11.5(1)ES5"
                },
                {
                  "status": "affected",
                  "version": "11.0(1)ES1"
                },
                {
                  "status": "affected",
                  "version": "10.5(1)"
                },
                {
                  "status": "affected",
                  "version": "11.6(1)ES6"
                },
                {
                  "status": "affected",
                  "version": "10.5(1)ES2"
                },
                {
                  "status": "affected",
                  "version": "12.0(1)ES1"
                },
                {
                  "status": "affected",
                  "version": "11.0(1)ES5"
                },
                {
                  "status": "affected",
                  "version": "10.5(1)ES5"
                },
                {
                  "status": "affected",
                  "version": "11.5(1)ES3"
                },
                {
                  "status": "affected",
                  "version": "11.5(1)ES2"
                },
                {
                  "status": "affected",
                  "version": "10.5(1)ES9"
                },
                {
                  "status": "affected",
                  "version": "11.6(1)ES5"
                },
                {
                  "status": "affected",
                  "version": "11.6(1)ES9"
                },
                {
                  "status": "affected",
                  "version": "11.5(1)ES6"
                },
                {
                  "status": "affected",
                  "version": "10.5(1)ES1"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)"
                },
                {
                  "status": "affected",
                  "version": "12.0(1)ES3"
                },
                {
                  "status": "affected",
                  "version": "11.6(1)ES10"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)ES1"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)ES2"
                },
                {
                  "status": "affected",
                  "version": "12.0(1)ES4"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)ES3"
                },
                {
                  "status": "affected",
                  "version": "12.0(1)ES5"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)ES4"
                },
                {
                  "status": "affected",
                  "version": "12.0(1)ES6"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)ES5"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)ES6"
                },
                {
                  "status": "affected",
                  "version": "12.0(1)ES7"
                },
                {
                  "status": "affected",
                  "version": "12.6(1)"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)ES7"
                },
                {
                  "status": "affected",
                  "version": "11.6(1)ES11"
                },
                {
                  "status": "affected",
                  "version": "12.6(1)ES1"
                },
                {
                  "status": "affected",
                  "version": "12.0(1)ES8"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)ES8"
                },
                {
                  "status": "affected",
                  "version": "12.6(1)ES2"
                },
                {
                  "status": "affected",
                  "version": "12.6(1)ES3"
                },
                {
                  "status": "affected",
                  "version": "12.6(1)ES4"
                },
                {
                  "status": "affected",
                  "version": "12.6(1)ES5"
                },
                {
                  "status": "affected",
                  "version": "12.5(2)"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)_SU"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)SU"
                },
                {
                  "status": "affected",
                  "version": "12.6(1)ES6"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)SU ES1"
                },
                {
                  "status": "affected",
                  "version": "12.6(1)ES7"
                },
                {
                  "status": "affected",
                  "version": "12.6(1)ES7_ET"
                },
                {
                  "status": "affected",
                  "version": "12.6(2)"
                },
                {
                  "status": "affected",
                  "version": "12.6(1)ES8"
                },
                {
                  "status": "affected",
                  "version": "12.6(1)ES9"
                },
                {
                  "status": "affected",
                  "version": "12.6(2)ES1"
                },
                {
                  "status": "affected",
                  "version": "12.6(1)ES10"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)SU ES2"
                },
                {
                  "status": "affected",
                  "version": "12.6(1)ES11"
                },
                {
                  "status": "affected",
                  "version": "12.6(2)ES2"
                },
                {
                  "status": "affected",
                  "version": "12.6(2)ES3"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)SU ES3"
                },
                {
                  "status": "affected",
                  "version": "12.6(2)ES4"
                },
                {
                  "status": "affected",
                  "version": "12.6(2)ES6"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Cisco Prime Collaboration Deployment",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "11.5(1)"
                },
                {
                  "status": "affected",
                  "version": "11.0(1a)"
                },
                {
                  "status": "affected",
                  "version": "11.5(1)SU1"
                },
                {
                  "status": "affected",
                  "version": "10.5(3)"
                },
                {
                  "status": "affected",
                  "version": "12.6(1)"
                },
                {
                  "status": "affected",
                  "version": "11.0(1)"
                },
                {
                  "status": "affected",
                  "version": "11.6(2)"
                },
                {
                  "status": "affected",
                  "version": "12.1(1)"
                },
                {
                  "status": "affected",
                  "version": "12.0(1a)"
                },
                {
                  "status": "affected",
                  "version": "11.5(3)"
                },
                {
                  "status": "affected",
                  "version": "10.5(1)"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)"
                },
                {
                  "status": "affected",
                  "version": "11.5(2)"
                },
                {
                  "status": "affected",
                  "version": "11.6(1)"
                },
                {
                  "status": "affected",
                  "version": "10.5(2)"
                },
                {
                  "status": "affected",
                  "version": "10.5(3)SU1"
                },
                {
                  "status": "affected",
                  "version": "14"
                },
                {
                  "status": "affected",
                  "version": "14SU1"
                },
                {
                  "status": "affected",
                  "version": "14SU2"
                },
                {
                  "status": "affected",
                  "version": "14SU3"
                },
                {
                  "status": "affected",
                  "version": "15"
                },
                {
                  "status": "affected",
                  "version": "15SU1"
                },
                {
                  "status": "affected",
                  "version": "14SU4"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Cisco SocialMiner",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "12.5(1)ES01"
                },
                {
                  "status": "affected",
                  "version": "10.5(1)"
                },
                {
                  "status": "affected",
                  "version": "11.6(1)"
                },
                {
                  "status": "affected",
                  "version": "10.6(1)"
                },
                {
                  "status": "affected",
                  "version": "12.0(1)ES04"
                },
                {
                  "status": "affected",
                  "version": "10.6(2)"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)"
                },
                {
                  "status": "affected",
                  "version": "11.6(2)"
                },
                {
                  "status": "affected",
                  "version": "12.0(1)"
                },
                {
                  "status": "affected",
                  "version": "12.0(1)ES02"
                },
                {
                  "status": "affected",
                  "version": "11.0(1)"
                },
                {
                  "status": "affected",
                  "version": "11.5(1)"
                },
                {
                  "status": "affected",
                  "version": "11.5(1)SU1"
                },
                {
                  "status": "affected",
                  "version": "12.0(1)ES03"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)SU3"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)SU1"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)SU2"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Cisco Unified Communications Manager",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "12.5(1)SU2"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)SU1"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)SU3"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)SU4"
                },
                {
                  "status": "affected",
                  "version": "14"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)SU5"
                },
                {
                  "status": "affected",
                  "version": "14SU1"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)SU6"
                },
                {
                  "status": "affected",
                  "version": "14SU2"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)SU7"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)SU7a"
                },
                {
                  "status": "affected",
                  "version": "14SU3"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)SU8"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)SU8a"
                },
                {
                  "status": "affected",
                  "version": "15"
                },
                {
                  "status": "affected",
                  "version": "15SU1"
                },
                {
                  "status": "affected",
                  "version": "14SU4"
                },
                {
                  "status": "affected",
                  "version": "14SU4a"
                },
                {
                  "status": "affected",
                  "version": "15SU1a"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)SU9"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Cisco Unified Communications Manager IM and Presence Service",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "12.5(1)"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)SU1"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)SU2"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)SU3"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)SU4"
                },
                {
                  "status": "affected",
                  "version": "14"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)SU5"
                },
                {
                  "status": "affected",
                  "version": "14SU1"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)SU6"
                },
                {
                  "status": "affected",
                  "version": "14SU2"
                },
                {
                  "status": "affected",
                  "version": "14SU2a"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)SU7"
                },
                {
                  "status": "affected",
                  "version": "14SU3"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)SU8"
                },
                {
                  "status": "affected",
                  "version": "15"
                },
                {
                  "status": "affected",
                  "version": "15SU1"
                },
                {
                  "status": "affected",
                  "version": "14SU4"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)SU9"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Cisco Unified Contact Center Express",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "10.5(1)SU1"
                },
                {
                  "status": "affected",
                  "version": "10.6(1)"
                },
                {
                  "status": "affected",
                  "version": "11.6(1)"
                },
                {
                  "status": "affected",
                  "version": "10.6(1)SU1"
                },
                {
                  "status": "affected",
                  "version": "10.6(1)SU3"
                },
                {
                  "status": "affected",
                  "version": "11.6(2)"
                },
                {
                  "status": "affected",
                  "version": "12.0(1)"
                },
                {
                  "status": "affected",
                  "version": "10.0(1)SU1"
                },
                {
                  "status": "affected",
                  "version": "11.0(1)SU1"
                },
                {
                  "status": "affected",
                  "version": "11.5(1)SU1"
                },
                {
                  "status": "affected",
                  "version": "10.5(1)"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)SU1"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)SU2"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)SU3"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)_SU03_ES01"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)_SU03_ES02"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)_SU02_ES03"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)_SU02_ES04"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)_SU02_ES02"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)_SU01_ES02"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)_SU01_ES03"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)_SU02_ES01"
                },
                {
                  "status": "affected",
                  "version": "11.6(2)ES07"
                },
                {
                  "status": "affected",
                  "version": "11.6(2)ES08"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)_SU01_ES01"
                },
                {
                  "status": "affected",
                  "version": "12.0(1)ES04"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)ES02"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)ES03"
                },
                {
                  "status": "affected",
                  "version": "11.6(2)ES06"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)ES01"
                },
                {
                  "status": "affected",
                  "version": "12.0(1)ES03"
                },
                {
                  "status": "affected",
                  "version": "12.0(1)ES01"
                },
                {
                  "status": "affected",
                  "version": "11.6(2)ES05"
                },
                {
                  "status": "affected",
                  "version": "12.0(1)ES02"
                },
                {
                  "status": "affected",
                  "version": "11.6(2)ES04"
                },
                {
                  "status": "affected",
                  "version": "11.6(2)ES03"
                },
                {
                  "status": "affected",
                  "version": "11.6(2)ES02"
                },
                {
                  "status": "affected",
                  "version": "11.6(2)ES01"
                },
                {
                  "status": "affected",
                  "version": "10.6(1)SU3ES03"
                },
                {
                  "status": "affected",
                  "version": "11.0(1)SU1ES03"
                },
                {
                  "status": "affected",
                  "version": "10.6(1)SU3ES01"
                },
                {
                  "status": "affected",
                  "version": "10.5(1)SU1ES10"
                },
                {
                  "status": "affected",
                  "version": "10.0(1)SU1ES04"
                },
                {
                  "status": "affected",
                  "version": "11.5(1)SU1ES03"
                },
                {
                  "status": "affected",
                  "version": "11.6(1)ES02"
                },
                {
                  "status": "affected",
                  "version": "11.5(1)ES01"
                },
                {
                  "status": "affected",
                  "version": "9.0(2)SU3ES04"
                },
                {
                  "status": "affected",
                  "version": "10.6(1)SU2"
                },
                {
                  "status": "affected",
                  "version": "10.6(1)SU2ES04"
                },
                {
                  "status": "affected",
                  "version": "11.6(1)ES01"
                },
                {
                  "status": "affected",
                  "version": "10.6(1)SU3ES02"
                },
                {
                  "status": "affected",
                  "version": "11.5(1)SU1ES02"
                },
                {
                  "status": "affected",
                  "version": "11.5(1)SU1ES01"
                },
                {
                  "status": "affected",
                  "version": "8.5(1)SU4ES09"
                },
                {
                  "status": "affected",
                  "version": "8.5(1)"
                },
                {
                  "status": "affected",
                  "version": "11.0(1)SU1ES02"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)_SU03_ES03"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)_SU03_ES04"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)_SU03_ES05"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)_SU03_ES06"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Cisco Unified Intelligence Center",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "11.6(1)"
                },
                {
                  "status": "affected",
                  "version": "10.5(1)"
                },
                {
                  "status": "affected",
                  "version": "11.0(1)"
                },
                {
                  "status": "affected",
                  "version": "11.5(1)"
                },
                {
                  "status": "affected",
                  "version": "12.0(1)"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)"
                },
                {
                  "status": "affected",
                  "version": "11.0(2)"
                },
                {
                  "status": "affected",
                  "version": "12.6(1)"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)SU"
                },
                {
                  "status": "affected",
                  "version": "12.6(1)_ET"
                },
                {
                  "status": "affected",
                  "version": "12.6(1)_ES05_ET"
                },
                {
                  "status": "affected",
                  "version": "11.0(3)"
                },
                {
                  "status": "affected",
                  "version": "12.6(2)"
                },
                {
                  "status": "affected",
                  "version": "12.6(2)_504_Issue_ET"
                },
                {
                  "status": "affected",
                  "version": "12.6.1_ExcelIssue_ET"
                },
                {
                  "status": "affected",
                  "version": "12.6(2)_Permalink_ET"
                },
                {
                  "status": "affected",
                  "version": "12.6.2_CSCwk19536_ET"
                },
                {
                  "status": "affected",
                  "version": "12.6.2_CSCwm96922_ET"
                },
                {
                  "status": "affected",
                  "version": "12.6.2_Amq_OOS_ET"
                },
                {
                  "status": "affected",
                  "version": "12.5(2)ET_CSCwi79933"
                },
                {
                  "status": "affected",
                  "version": "12.6(2)_ET"
                },
                {
                  "status": "affected",
                  "version": "12.6.2_CSCwn48501_ET"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Cisco Unity Connection",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "12.5(1)"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)SU1"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)SU2"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)SU3"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)SU4"
                },
                {
                  "status": "affected",
                  "version": "14"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)SU5"
                },
                {
                  "status": "affected",
                  "version": "14SU1"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)SU6"
                },
                {
                  "status": "affected",
                  "version": "14SU2"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)SU7"
                },
                {
                  "status": "affected",
                  "version": "14SU3"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)SU8"
                },
                {
                  "status": "affected",
                  "version": "14SU3a"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)SU8a"
                },
                {
                  "status": "affected",
                  "version": "15"
                },
                {
                  "status": "affected",
                  "version": "15SU1"
                },
                {
                  "status": "affected",
                  "version": "14SU4"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)SU9"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Cisco Virtualized Voice Browser",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "11.0(1)"
                },
                {
                  "status": "affected",
                  "version": "11.6(1)_ES84"
                },
                {
                  "status": "affected",
                  "version": "11.5(1)_ES54"
                },
                {
                  "status": "affected",
                  "version": "11.5(1)_ES27"
                },
                {
                  "status": "affected",
                  "version": "11.5(1)"
                },
                {
                  "status": "affected",
                  "version": "11.5(1)ES36"
                },
                {
                  "status": "affected",
                  "version": "12.0(1)_ES01"
                },
                {
                  "status": "affected",
                  "version": "11.6(1)_ES85"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)_ES05"
                },
                {
                  "status": "affected",
                  "version": "11.5(1)_ES32"
                },
                {
                  "status": "affected",
                  "version": "11.6(1)_ES83"
                },
                {
                  "status": "affected",
                  "version": "11.5(1)_ES29"
                },
                {
                  "status": "affected",
                  "version": "12.0(1)_ES06"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)"
                },
                {
                  "status": "affected",
                  "version": "12.0(1)_ES07"
                },
                {
                  "status": "affected",
                  "version": "11.6(1)_ES80"
                },
                {
                  "status": "affected",
                  "version": "12.0(1)_ES05"
                },
                {
                  "status": "affected",
                  "version": "11.5(1)_ES36"
                },
                {
                  "status": "affected",
                  "version": "11.5(1)_ES53"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)_ES08"
                },
                {
                  "status": "affected",
                  "version": "11.5(1)ES43"
                },
                {
                  "status": "affected",
                  "version": "12.0(1)_ES03"
                },
                {
                  "status": "affected",
                  "version": "11.6(1)_ES86"
                },
                {
                  "status": "affected",
                  "version": "12.0(1)_ES04"
                },
                {
                  "status": "affected",
                  "version": "11.5(1)ES27"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)_ES03"
                },
                {
                  "status": "affected",
                  "version": "11.6(1)_ES88"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)_ES06"
                },
                {
                  "status": "affected",
                  "version": "11.6(1)_ES82"
                },
                {
                  "status": "affected",
                  "version": "11.6(1)"
                },
                {
                  "status": "affected",
                  "version": "11.5(1)ES29"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)_ES04"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)_ES07"
                },
                {
                  "status": "affected",
                  "version": "11.6(1)_ES87"
                },
                {
                  "status": "affected",
                  "version": "11.6(1)_ES81"
                },
                {
                  "status": "affected",
                  "version": "12.0(1)"
                },
                {
                  "status": "affected",
                  "version": "11.6(1)_ES22"
                },
                {
                  "status": "affected",
                  "version": "11.5(1)_ES43"
                },
                {
                  "status": "affected",
                  "version": "11.5(1)ES32"
                },
                {
                  "status": "affected",
                  "version": "12.0(1)_ES02"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)_ES02"
                },
                {
                  "status": "affected",
                  "version": "12.6(1)"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)_ES09"
                },
                {
                  "status": "affected",
                  "version": "12.6(1)_ES01"
                },
                {
                  "status": "affected",
                  "version": "12.0(1)_ES08"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)_ES10"
                },
                {
                  "status": "affected",
                  "version": "12.6(1)_ES02"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)_ES11"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)_ES12"
                },
                {
                  "status": "affected",
                  "version": "12.6(1)_ES03"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)_ES13"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)_ES14"
                },
                {
                  "status": "affected",
                  "version": "12.6(1)_ES04"
                },
                {
                  "status": "affected",
                  "version": "12.6(1)_ES05"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)_ES15"
                },
                {
                  "status": "affected",
                  "version": "12.6(1)_ES06"
                },
                {
                  "status": "affected",
                  "version": "12.6(1)_ET"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)_ES16"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)SU"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)_SU"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)_SU_ES01"
                },
                {
                  "status": "affected",
                  "version": "12.6(1)_ES07"
                },
                {
                  "status": "affected",
                  "version": "12.6(2)"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)_ES17"
                },
                {
                  "status": "affected",
                  "version": "12.6(1)_ES08"
                },
                {
                  "status": "affected",
                  "version": "12.6(1)_ES09"
                },
                {
                  "status": "affected",
                  "version": "12.6(1)_ES10"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)_SU_ES02"
                },
                {
                  "status": "affected",
                  "version": "12.6(2)_ES01"
                },
                {
                  "status": "affected",
                  "version": "12.6(2)_ET01"
                },
                {
                  "status": "affected",
                  "version": "12.5(2)_ET"
                },
                {
                  "status": "affected",
                  "version": "12.6(2)_ES02"
                },
                {
                  "status": "affected",
                  "version": "12.6(2)_ET_Streaming"
                },
                {
                  "status": "affected",
                  "version": "12.6(2)ET_Transcribe"
                },
                {
                  "status": "affected",
                  "version": "12.6(2)_ES03"
                },
                {
                  "status": "affected",
                  "version": "12.6(2)ET_NuanceMix"
                },
                {
                  "status": "affected",
                  "version": "12.6(2)ET_FileUpload"
                },
                {
                  "status": "affected",
                  "version": "12.6(2)_ET02"
                },
                {
                  "status": "affected",
                  "version": "12.6(2)_ES04"
                },
                {
                  "status": "affected",
                  "version": "12.6.2ET_RTPfallback"
                },
                {
                  "status": "affected",
                  "version": "12.6.2ET_CSCwf55306"
                },
                {
                  "status": "affected",
                  "version": "12.6.2_ET_CSCwj36712"
                },
                {
                  "status": "affected",
                  "version": "12.5.2 ET-CSCwj33374"
                },
                {
                  "status": "affected",
                  "version": "12.5(1) SU ET"
                },
                {
                  "status": "affected",
                  "version": "12.6(2)ET_CSCwj87296"
                },
                {
                  "status": "affected",
                  "version": "12.6(2)_ES05"
                },
                {
                  "status": "affected",
                  "version": "12.5.2_ET_CSCvz27014"
                },
                {
                  "status": "affected",
                  "version": "12.6(2)_ET"
                },
                {
                  "status": "affected",
                  "version": "12.6.2-ET"
                },
                {
                  "status": "affected",
                  "version": "12.6(2)ET_CSCwk83135"
                },
                {
                  "status": "affected",
                  "version": "12.6.2_ET_CX_ALAW"
                },
                {
                  "status": "affected",
                  "version": "12.6.2-ET01-SSL"
                },
                {
                  "status": "affected",
                  "version": "12.6(2)_ES06"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability in multiple Cisco Unified Communications and Contact Center Solutions products could allow an authenticated, local attacker to elevate privileges to root on an affected device.\r\n\r\nThis vulnerability is due to excessive permissions that have been assigned to system commands.\u0026nbsp;An attacker could exploit this vulnerability by executing crafted commands on the underlying operating system. A successful exploit could allow the attacker to escape the restricted shell and gain root privileges on the underlying operating system of an affected device. To successfully exploit this vulnerability, an attacker would need administrative access to the ESXi hypervisor."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "NONE",
                "baseScore": 5.1,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:H/A:N",
                "version": "3.1"
              },
              "format": "cvssV3_1"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-268",
                  "description": "Privilege Chaining",
                  "lang": "en",
                  "type": "cwe"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-05-21T16:19:24.562Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "cisco-sa-cucm-kkhZbHR5",
              "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cucm-kkhZbHR5"
            }
          ],
          "source": {
            "advisory": "cisco-sa-cucm-kkhZbHR5",
            "defects": [
              "CSCwi52980"
            ],
            "discovery": "EXTERNAL"
          },
          "title": "Cisco Unified Communications Products Privilege Escalation Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2025-20112",
        "datePublished": "2025-05-21T16:19:24.562Z",
        "dateReserved": "2024-10-10T19:15:13.210Z",
        "dateUpdated": "2026-02-26T18:28:03.732Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2024-20405 (GCVE-0-2024-20405)

    Vulnerability from nvd – Published: 2024-06-05 16:15 – Updated: 2024-08-01 21:59
    VLAI
    Summary
    A vulnerability in the web-based management interface of Cisco Finesse could allow an unauthenticated, remote attacker to conduct a stored XSS attack by exploiting an RFI vulnerability. This vulnerability is due to insufficient validation of user-supplied input for specific HTTP requests that are sent to an affected device. An attacker could exploit this vulnerability by persuading a user to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive information on the affected device.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-20 - Improper Input Validation
    Assigner
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-20405",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-06-07T17:17:33.480316Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-06-07T17:17:41.695Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-01T21:59:42.434Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "cisco-sa-finesse-ssrf-rfi-Um7wT8Ew",
                "tags": [
                  "x_transferred"
                ],
                "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-finesse-ssrf-rfi-Um7wT8Ew"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Cisco Unified Contact Center Enterprise",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "N/A"
                }
              ]
            },
            {
              "product": "Cisco Unified Contact Center Express",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "N/A"
                }
              ]
            },
            {
              "product": "Cisco Finesse",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "12.6(2)"
                },
                {
                  "status": "affected",
                  "version": "12.6(2)ES1"
                },
                {
                  "status": "affected",
                  "version": "12.6(2)ES2"
                }
              ]
            },
            {
              "product": "Cisco Packaged Contact Center Enterprise",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "N/A"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability in the web-based management interface of Cisco Finesse could allow an unauthenticated, remote attacker to conduct a stored XSS attack by exploiting an RFI vulnerability. \r\n\r This vulnerability is due to insufficient validation of user-supplied input for specific HTTP requests that are sent to an affected device. An attacker could exploit this vulnerability by persuading a user to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive information on the affected device."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 4.8,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "LOW",
                "privilegesRequired": "HIGH",
                "scope": "CHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
                "version": "3.1"
              },
              "format": "cvssV3_1"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-20",
                  "description": "Improper Input Validation",
                  "lang": "en",
                  "type": "cwe"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-06-05T16:15:22.185Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "cisco-sa-finesse-ssrf-rfi-Um7wT8Ew",
              "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-finesse-ssrf-rfi-Um7wT8Ew"
            }
          ],
          "source": {
            "advisory": "cisco-sa-finesse-ssrf-rfi-Um7wT8Ew",
            "defects": [
              "CSCwh95276"
            ],
            "discovery": "EXTERNAL"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2024-20405",
        "datePublished": "2024-06-05T16:15:22.185Z",
        "dateReserved": "2023-11-08T15:08:07.661Z",
        "dateUpdated": "2024-08-01T21:59:42.434Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-20404 (GCVE-0-2024-20404)

    Vulnerability from nvd – Published: 2024-06-05 16:14 – Updated: 2024-08-01 21:59
    Summary
    A vulnerability in the web-based management interface of Cisco Finesse could allow an unauthenticated, remote attacker to conduct an SSRF attack on an affected system. This vulnerability is due to insufficient validation of user-supplied input for specific HTTP requests that are sent to an affected system. An attacker could exploit this vulnerability by sending a crafted HTTP request to the affected device. A successful exploit could allow the attacker to obtain limited sensitive information for services that are associated to the affected device.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-918 - Server-Side Request Forgery (SSRF)
    Assigner
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-20404",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-06-05T18:11:49.476249Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-06-05T18:12:02.959Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-01T21:59:42.723Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "cisco-sa-finesse-ssrf-rfi-Um7wT8Ew",
                "tags": [
                  "x_transferred"
                ],
                "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-finesse-ssrf-rfi-Um7wT8Ew"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Cisco Unified Contact Center Enterprise",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "N/A"
                }
              ]
            },
            {
              "product": "Cisco Unified Contact Center Express",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "N/A"
                }
              ]
            },
            {
              "product": "Cisco Finesse",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "12.6(2)"
                },
                {
                  "status": "affected",
                  "version": "12.6(2)ES1"
                },
                {
                  "status": "affected",
                  "version": "12.6(2)ES2"
                }
              ]
            },
            {
              "product": "Cisco Packaged Contact Center Enterprise",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "N/A"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability in the web-based management interface of Cisco Finesse could allow an unauthenticated, remote attacker to conduct an SSRF attack on an affected system.\r\n\r This vulnerability is due to insufficient validation of user-supplied input for specific HTTP requests that are sent to an affected system. An attacker could exploit this vulnerability by sending a crafted HTTP request to the affected device. A successful exploit could allow the attacker to obtain limited sensitive information for services that are associated to the affected device."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 7.2,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "LOW",
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N",
                "version": "3.1"
              },
              "format": "cvssV3_1"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-918",
                  "description": "Server-Side Request Forgery (SSRF)",
                  "lang": "en",
                  "type": "cwe"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-06-05T16:14:23.637Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "cisco-sa-finesse-ssrf-rfi-Um7wT8Ew",
              "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-finesse-ssrf-rfi-Um7wT8Ew"
            }
          ],
          "source": {
            "advisory": "cisco-sa-finesse-ssrf-rfi-Um7wT8Ew",
            "defects": [
              "CSCwh95292"
            ],
            "discovery": "EXTERNAL"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2024-20404",
        "datePublished": "2024-06-05T16:14:23.637Z",
        "dateReserved": "2023-11-08T15:08:07.661Z",
        "dateUpdated": "2024-08-01T21:59:42.723Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2020-3159 (GCVE-0-2020-3159)

    Vulnerability from nvd – Published: 2020-02-19 19:15 – Updated: 2024-11-15 17:41
    VLAI
    Title
    Cisco Finesse Web-Based Management Interface Cross-Site Scripting Vulnerability
    Summary
    A vulnerability in the web-based management interface of Cisco Finesse could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of the affected software. The vulnerability is due to insufficient validation of user-supplied input by the web-based management interface of the affected software. An attacker could exploit this vulnerability by persuading a user to click a malicious link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    References
    URL Tags
    https://tools.cisco.com/security/center/content/C… vendor-advisoryx_refsource_CISCO
    Impacted products
    Vendor Product Version
    Cisco Cisco Finesse Affected: unspecified , < n/a (custom)
    Create a notification for this product.
    Date Public
    2020-02-19 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T07:24:00.673Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "20200219 Cisco Finesse Web-Based Management Interface Cross-Site Scripting Vulnerability",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_CISCO",
                  "x_transferred"
                ],
                "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-finesse-xss-6OgfQkUT"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2020-3159",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-11-15T16:29:24.836499Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-11-15T17:41:05.357Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Cisco Finesse",
              "vendor": "Cisco",
              "versions": [
                {
                  "lessThan": "n/a",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "datePublic": "2020-02-19T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability in the web-based management interface of Cisco Finesse could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of the affected software. The vulnerability is due to insufficient validation of user-supplied input by the web-based management interface of the affected software. An attacker could exploit this vulnerability by persuading a user to click a malicious link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 6.1,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "scope": "CHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
                "version": "3.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-79",
                  "description": "CWE-79",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2020-02-19T19:15:33.000Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "20200219 Cisco Finesse Web-Based Management Interface Cross-Site Scripting Vulnerability",
              "tags": [
                "vendor-advisory",
                "x_refsource_CISCO"
              ],
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-finesse-xss-6OgfQkUT"
            }
          ],
          "source": {
            "advisory": "cisco-sa-finesse-xss-6OgfQkUT",
            "defect": [
              [
                "CSCvp73107"
              ]
            ],
            "discovery": "INTERNAL"
          },
          "title": "Cisco Finesse Web-Based Management Interface Cross-Site Scripting Vulnerability",
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@cisco.com",
              "DATE_PUBLIC": "2020-02-19T16:00:00-0800",
              "ID": "CVE-2020-3159",
              "STATE": "PUBLIC",
              "TITLE": "Cisco Finesse Web-Based Management Interface Cross-Site Scripting Vulnerability"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Cisco Finesse",
                          "version": {
                            "version_data": [
                              {
                                "affected": "\u003c",
                                "version_affected": "\u003c",
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Cisco"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "A vulnerability in the web-based management interface of Cisco Finesse could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of the affected software. The vulnerability is due to insufficient validation of user-supplied input by the web-based management interface of the affected software. An attacker could exploit this vulnerability by persuading a user to click a malicious link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information."
                }
              ]
            },
            "exploit": [
              {
                "lang": "en",
                "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
              }
            ],
            "impact": {
              "cvss": {
                "baseScore": "6.1",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
                "version": "3.0"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-79"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "20200219 Cisco Finesse Web-Based Management Interface Cross-Site Scripting Vulnerability",
                  "refsource": "CISCO",
                  "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-finesse-xss-6OgfQkUT"
                }
              ]
            },
            "source": {
              "advisory": "cisco-sa-finesse-xss-6OgfQkUT",
              "defect": [
                [
                  "CSCvp73107"
                ]
              ],
              "discovery": "INTERNAL"
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2020-3159",
        "datePublished": "2020-02-19T19:15:33.192Z",
        "dateReserved": "2019-12-12T00:00:00.000Z",
        "dateUpdated": "2024-11-15T17:41:05.357Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2019-15278 (GCVE-0-2019-15278)

    Vulnerability from nvd – Published: 2020-01-26 04:50 – Updated: 2024-11-15 17:43
    VLAI
    Title
    Cisco Finesse Cross-Site Scripting Vulnerability
    Summary
    A vulnerability in the web-based management interface of Cisco Finesse could allow an unauthenticated, remote attacker to bypass authorization and access sensitive information related to the device. The vulnerability exists because the software fails to sanitize URLs before it handles requests. An attacker could exploit this vulnerability by submitting a crafted URL. A successful exploit could allow the attacker to gain unauthorized access to sensitive information.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    References
    URL Tags
    https://tools.cisco.com/security/center/content/C… vendor-advisoryx_refsource_CISCO
    Impacted products
    Vendor Product Version
    Cisco Cisco Finesse Affected: unspecified , < n/a (custom)
    Create a notification for this product.
    Date Public
    2020-01-08 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T00:42:03.999Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "20200108 Cisco Finesse Cross-Site Scripting Vulnerability",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_CISCO",
                  "x_transferred"
                ],
                "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200108-finesse-xss"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2019-15278",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-11-15T16:29:37.761306Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-11-15T17:43:47.348Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Cisco Finesse",
              "vendor": "Cisco",
              "versions": [
                {
                  "lessThan": "n/a",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "datePublic": "2020-01-08T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability in the web-based management interface of Cisco Finesse could allow an unauthenticated, remote attacker to bypass authorization and access sensitive information related to the device. The vulnerability exists because the software fails to sanitize URLs before it handles requests. An attacker could exploit this vulnerability by submitting a crafted URL. A successful exploit could allow the attacker to gain unauthorized access to sensitive information."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 6.1,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "scope": "CHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
                "version": "3.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-79",
                  "description": "CWE-79",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2020-01-26T04:50:14.000Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "20200108 Cisco Finesse Cross-Site Scripting Vulnerability",
              "tags": [
                "vendor-advisory",
                "x_refsource_CISCO"
              ],
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200108-finesse-xss"
            }
          ],
          "source": {
            "advisory": "cisco-sa-20200108-finesse-xss",
            "defect": [
              [
                "CSCvr19591",
                "CSCvr33151"
              ]
            ],
            "discovery": "INTERNAL"
          },
          "title": "Cisco Finesse Cross-Site Scripting Vulnerability",
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@cisco.com",
              "DATE_PUBLIC": "2020-01-08T16:00:00-0800",
              "ID": "CVE-2019-15278",
              "STATE": "PUBLIC",
              "TITLE": "Cisco Finesse Cross-Site Scripting Vulnerability"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Cisco Finesse",
                          "version": {
                            "version_data": [
                              {
                                "affected": "\u003c",
                                "version_affected": "\u003c",
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Cisco"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "A vulnerability in the web-based management interface of Cisco Finesse could allow an unauthenticated, remote attacker to bypass authorization and access sensitive information related to the device. The vulnerability exists because the software fails to sanitize URLs before it handles requests. An attacker could exploit this vulnerability by submitting a crafted URL. A successful exploit could allow the attacker to gain unauthorized access to sensitive information."
                }
              ]
            },
            "exploit": [
              {
                "lang": "en",
                "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
              }
            ],
            "impact": {
              "cvss": {
                "baseScore": "6.1",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
                "version": "3.0"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-79"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "20200108 Cisco Finesse Cross-Site Scripting Vulnerability",
                  "refsource": "CISCO",
                  "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200108-finesse-xss"
                }
              ]
            },
            "source": {
              "advisory": "cisco-sa-20200108-finesse-xss",
              "defect": [
                [
                  "CSCvr19591",
                  "CSCvr33151"
                ]
              ],
              "discovery": "INTERNAL"
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2019-15278",
        "datePublished": "2020-01-26T04:50:14.717Z",
        "dateReserved": "2019-08-20T00:00:00.000Z",
        "dateUpdated": "2024-11-15T17:43:47.348Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2019-12632 (GCVE-0-2019-12632)

    Vulnerability from nvd – Published: 2019-09-05 01:15 – Updated: 2024-11-19 18:57
    VLAI
    Title
    Cisco Finesse Request Processing Server-Side Request Forgery Vulnerability
    Summary
    A vulnerability in Cisco Finesse could allow an unauthenticated, remote attacker to bypass access controls and conduct a server-side request forgery (SSRF) attack on an affected system. The vulnerability exists because the affected system does not properly validate user-supplied input. An attacker could exploit this vulnerability by sending a crafted request to a user of the web application. A successful exploit could allow the attacker to access the system and perform unauthorized actions.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    References
    URL Tags
    https://tools.cisco.com/security/center/content/C… vendor-advisoryx_refsource_CISCO
    Impacted products
    Vendor Product Version
    Cisco Cisco Finesse Affected: unspecified , < 12.0(1)ES01 (custom)
    Create a notification for this product.
    Date Public
    2019-09-04 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T23:24:39.208Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "20190904 Cisco Finesse Request Processing Server-Side Request Forgery Vulnerability",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_CISCO",
                  "x_transferred"
                ],
                "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190904-finesse-ssrf"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2019-12632",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-11-19T17:23:12.181887Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-11-19T18:57:28.338Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Cisco Finesse",
              "vendor": "Cisco",
              "versions": [
                {
                  "lessThan": "12.0(1)ES01",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "datePublic": "2019-09-04T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability in Cisco Finesse could allow an unauthenticated, remote attacker to bypass access controls and conduct a server-side request forgery (SSRF) attack on an affected system. The vulnerability exists because the affected system does not properly validate user-supplied input. An attacker could exploit this vulnerability by sending a crafted request to a user of the web application. A successful exploit could allow the attacker to access the system and perform unauthorized actions."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 5.3,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
                "version": "3.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-20",
                  "description": "CWE-20",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2019-09-05T01:15:16.000Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "20190904 Cisco Finesse Request Processing Server-Side Request Forgery Vulnerability",
              "tags": [
                "vendor-advisory",
                "x_refsource_CISCO"
              ],
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190904-finesse-ssrf"
            }
          ],
          "source": {
            "advisory": "cisco-sa-20190904-finesse-ssrf",
            "defect": [
              [
                "CSCvo92074"
              ]
            ],
            "discovery": "INTERNAL"
          },
          "title": "Cisco Finesse Request Processing Server-Side Request Forgery Vulnerability",
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@cisco.com",
              "DATE_PUBLIC": "2019-09-04T16:00:00-0700",
              "ID": "CVE-2019-12632",
              "STATE": "PUBLIC",
              "TITLE": "Cisco Finesse Request Processing Server-Side Request Forgery Vulnerability"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Cisco Finesse",
                          "version": {
                            "version_data": [
                              {
                                "affected": "\u003c",
                                "version_affected": "\u003c",
                                "version_value": "12.0(1)ES01"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Cisco"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "A vulnerability in Cisco Finesse could allow an unauthenticated, remote attacker to bypass access controls and conduct a server-side request forgery (SSRF) attack on an affected system. The vulnerability exists because the affected system does not properly validate user-supplied input. An attacker could exploit this vulnerability by sending a crafted request to a user of the web application. A successful exploit could allow the attacker to access the system and perform unauthorized actions."
                }
              ]
            },
            "exploit": [
              {
                "lang": "en",
                "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
              }
            ],
            "impact": {
              "cvss": {
                "baseScore": "5.3",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
                "version": "3.0"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-20"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "20190904 Cisco Finesse Request Processing Server-Side Request Forgery Vulnerability",
                  "refsource": "CISCO",
                  "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190904-finesse-ssrf"
                }
              ]
            },
            "source": {
              "advisory": "cisco-sa-20190904-finesse-ssrf",
              "defect": [
                [
                  "CSCvo92074"
                ]
              ],
              "discovery": "INTERNAL"
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2019-12632",
        "datePublished": "2019-09-05T01:15:16.226Z",
        "dateReserved": "2019-06-04T00:00:00.000Z",
        "dateUpdated": "2024-11-19T18:57:28.338Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2026-20175 (GCVE-0-2026-20175)

    Vulnerability from cvelistv5 – Published: 2026-06-03 16:06 – Updated: 2026-06-03 17:46
    VLAI
    Title
    Cisco Finesse File Inclusion Vulnerability
    Summary
    A vulnerability in Cisco Finesse could allow an unauthenticated, remote attacker to load arbitrary files from remote locations into an active user session on an affected device, possibly leading to browser-based attacks. This vulnerability is due to insufficient validation of user-supplied input for HTTP requests that are sent to an affected device. An attacker who has knowledge of the address of the affected device could exploit this vulnerability by persuading a user to click a crafted link that contains the affected device address. A successful exploit could allow the attacker to conduct browser-based attacks and execute arbitrary script code in the context of the affected interface or access sensitive information on the affected device.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-73 - External Control of File Name or Path
    Assigner
    Impacted products
    Vendor Product Version
    Cisco Cisco Finesse Affected: 11.0(1)ES_Rollback
    Affected: 10.5(1)ES4
    Affected: 11.6(1)ES3
    Affected: 11.0(1)ES2
    Affected: 12.0(1)ES2
    Affected: 10.5(1)ES3
    Affected: 11.0(1)
    Affected: 11.6(1)FIPS
    Affected: 11.6(1)ES4
    Affected: 11.0(1)ES3
    Affected: 10.5(1)ES6
    Affected: 11.0(1)ES7
    Affected: 11.5(1)ES4
    Affected: 10.5(1)ES8
    Affected: 11.5(1)
    Affected: 11.6(1)
    Affected: 10.5(1)ES10
    Affected: 11.6(1)ES2
    Affected: 11.6(1)ES
    Affected: 11.0(1)ES6
    Affected: 11.0(1)ES4
    Affected: 12.0(1)
    Affected: 11.6(1)ES7
    Affected: 10.5(1)ES7
    Affected: 11.6(1)ES8
    Affected: 11.5(1)ES1
    Affected: 11.6(1)ES1
    Affected: 11.5(1)ES5
    Affected: 11.0(1)ES1
    Affected: 10.5(1)
    Affected: 11.6(1)ES6
    Affected: 10.5(1)ES2
    Affected: 12.0(1)ES1
    Affected: 11.0(1)ES5
    Affected: 10.5(1)ES5
    Affected: 11.5(1)ES3
    Affected: 11.5(1)ES2
    Affected: 10.5(1)ES9
    Affected: 11.6(1)ES5
    Affected: 11.6(1)ES9
    Affected: 11.5(1)ES6
    Affected: 10.5(1)ES1
    Affected: 12.5(1)
    Affected: 12.0(1)ES3
    Affected: 11.6(1)ES10
    Affected: 12.5(1)ES1
    Affected: 12.5(1)ES2
    Affected: 12.0(1)ES4
    Affected: 12.5(1)ES3
    Affected: 12.0(1)ES5
    Affected: 12.5(1)ES4
    Affected: 12.0(1)ES6
    Affected: 12.5(1)ES5
    Affected: 12.5(1)ES6
    Affected: 12.0(1)ES7
    Affected: 12.6(1)
    Affected: 12.5(1)ES7
    Affected: 11.6(1)ES11
    Affected: 12.6(1)ES1
    Affected: 12.0(1)ES8
    Affected: 12.5(1)ES8
    Affected: 12.6(1)ES2
    Affected: 12.6(1)ES3
    Affected: 12.6(1)ES4
    Affected: 12.6(1)ES5
    Affected: 12.5(2)
    Affected: 12.5(1)_SU
    Affected: 12.5(1)SU
    Affected: 12.6(1)ES6
    Affected: 12.5(1)SU ES1
    Affected: 12.6(1)ES7
    Affected: 12.6(1)ES7_ET
    Affected: 12.6(2)
    Affected: 12.6(1)ES8
    Affected: 12.6(1)ES9
    Affected: 12.6(2)ES1
    Affected: 12.6(1)ES10
    Affected: 12.5(1)SU ES2
    Affected: 12.6(1)ES11
    Affected: 12.6(2)ES2
    Affected: 12.6(2)ES3
    Affected: 12.5(1)SU ES3
    Affected: 12.6(2)ES4
    Affected: 12.6(2)ES5
    Affected: 15.0(1)
    Affected: 12.6(2)ES6
    Affected: 15.0(1)ES202508
    Affected: 15.0(1)ES202511
    Affected: 15.0(1)ES202602
    Affected: 15.0(1)SU1
    Affected: 12.6(2)ES7
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-20175",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-03T17:45:48.882718Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-03T17:46:00.557Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unknown",
              "product": "Cisco Finesse",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "11.0(1)ES_Rollback"
                },
                {
                  "status": "affected",
                  "version": "10.5(1)ES4"
                },
                {
                  "status": "affected",
                  "version": "11.6(1)ES3"
                },
                {
                  "status": "affected",
                  "version": "11.0(1)ES2"
                },
                {
                  "status": "affected",
                  "version": "12.0(1)ES2"
                },
                {
                  "status": "affected",
                  "version": "10.5(1)ES3"
                },
                {
                  "status": "affected",
                  "version": "11.0(1)"
                },
                {
                  "status": "affected",
                  "version": "11.6(1)FIPS"
                },
                {
                  "status": "affected",
                  "version": "11.6(1)ES4"
                },
                {
                  "status": "affected",
                  "version": "11.0(1)ES3"
                },
                {
                  "status": "affected",
                  "version": "10.5(1)ES6"
                },
                {
                  "status": "affected",
                  "version": "11.0(1)ES7"
                },
                {
                  "status": "affected",
                  "version": "11.5(1)ES4"
                },
                {
                  "status": "affected",
                  "version": "10.5(1)ES8"
                },
                {
                  "status": "affected",
                  "version": "11.5(1)"
                },
                {
                  "status": "affected",
                  "version": "11.6(1)"
                },
                {
                  "status": "affected",
                  "version": "10.5(1)ES10"
                },
                {
                  "status": "affected",
                  "version": "11.6(1)ES2"
                },
                {
                  "status": "affected",
                  "version": "11.6(1)ES"
                },
                {
                  "status": "affected",
                  "version": "11.0(1)ES6"
                },
                {
                  "status": "affected",
                  "version": "11.0(1)ES4"
                },
                {
                  "status": "affected",
                  "version": "12.0(1)"
                },
                {
                  "status": "affected",
                  "version": "11.6(1)ES7"
                },
                {
                  "status": "affected",
                  "version": "10.5(1)ES7"
                },
                {
                  "status": "affected",
                  "version": "11.6(1)ES8"
                },
                {
                  "status": "affected",
                  "version": "11.5(1)ES1"
                },
                {
                  "status": "affected",
                  "version": "11.6(1)ES1"
                },
                {
                  "status": "affected",
                  "version": "11.5(1)ES5"
                },
                {
                  "status": "affected",
                  "version": "11.0(1)ES1"
                },
                {
                  "status": "affected",
                  "version": "10.5(1)"
                },
                {
                  "status": "affected",
                  "version": "11.6(1)ES6"
                },
                {
                  "status": "affected",
                  "version": "10.5(1)ES2"
                },
                {
                  "status": "affected",
                  "version": "12.0(1)ES1"
                },
                {
                  "status": "affected",
                  "version": "11.0(1)ES5"
                },
                {
                  "status": "affected",
                  "version": "10.5(1)ES5"
                },
                {
                  "status": "affected",
                  "version": "11.5(1)ES3"
                },
                {
                  "status": "affected",
                  "version": "11.5(1)ES2"
                },
                {
                  "status": "affected",
                  "version": "10.5(1)ES9"
                },
                {
                  "status": "affected",
                  "version": "11.6(1)ES5"
                },
                {
                  "status": "affected",
                  "version": "11.6(1)ES9"
                },
                {
                  "status": "affected",
                  "version": "11.5(1)ES6"
                },
                {
                  "status": "affected",
                  "version": "10.5(1)ES1"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)"
                },
                {
                  "status": "affected",
                  "version": "12.0(1)ES3"
                },
                {
                  "status": "affected",
                  "version": "11.6(1)ES10"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)ES1"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)ES2"
                },
                {
                  "status": "affected",
                  "version": "12.0(1)ES4"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)ES3"
                },
                {
                  "status": "affected",
                  "version": "12.0(1)ES5"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)ES4"
                },
                {
                  "status": "affected",
                  "version": "12.0(1)ES6"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)ES5"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)ES6"
                },
                {
                  "status": "affected",
                  "version": "12.0(1)ES7"
                },
                {
                  "status": "affected",
                  "version": "12.6(1)"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)ES7"
                },
                {
                  "status": "affected",
                  "version": "11.6(1)ES11"
                },
                {
                  "status": "affected",
                  "version": "12.6(1)ES1"
                },
                {
                  "status": "affected",
                  "version": "12.0(1)ES8"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)ES8"
                },
                {
                  "status": "affected",
                  "version": "12.6(1)ES2"
                },
                {
                  "status": "affected",
                  "version": "12.6(1)ES3"
                },
                {
                  "status": "affected",
                  "version": "12.6(1)ES4"
                },
                {
                  "status": "affected",
                  "version": "12.6(1)ES5"
                },
                {
                  "status": "affected",
                  "version": "12.5(2)"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)_SU"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)SU"
                },
                {
                  "status": "affected",
                  "version": "12.6(1)ES6"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)SU ES1"
                },
                {
                  "status": "affected",
                  "version": "12.6(1)ES7"
                },
                {
                  "status": "affected",
                  "version": "12.6(1)ES7_ET"
                },
                {
                  "status": "affected",
                  "version": "12.6(2)"
                },
                {
                  "status": "affected",
                  "version": "12.6(1)ES8"
                },
                {
                  "status": "affected",
                  "version": "12.6(1)ES9"
                },
                {
                  "status": "affected",
                  "version": "12.6(2)ES1"
                },
                {
                  "status": "affected",
                  "version": "12.6(1)ES10"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)SU ES2"
                },
                {
                  "status": "affected",
                  "version": "12.6(1)ES11"
                },
                {
                  "status": "affected",
                  "version": "12.6(2)ES2"
                },
                {
                  "status": "affected",
                  "version": "12.6(2)ES3"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)SU ES3"
                },
                {
                  "status": "affected",
                  "version": "12.6(2)ES4"
                },
                {
                  "status": "affected",
                  "version": "12.6(2)ES5"
                },
                {
                  "status": "affected",
                  "version": "15.0(1)"
                },
                {
                  "status": "affected",
                  "version": "12.6(2)ES6"
                },
                {
                  "status": "affected",
                  "version": "15.0(1)ES202508"
                },
                {
                  "status": "affected",
                  "version": "15.0(1)ES202511"
                },
                {
                  "status": "affected",
                  "version": "15.0(1)ES202602"
                },
                {
                  "status": "affected",
                  "version": "15.0(1)SU1"
                },
                {
                  "status": "affected",
                  "version": "12.6(2)ES7"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability in Cisco Finesse could allow an unauthenticated, remote attacker to load arbitrary files from remote locations into an active user session on an affected device, possibly leading to browser-based attacks.\r\n\r\nThis vulnerability is due to insufficient validation of user-supplied input for HTTP requests that are sent to an affected device. An attacker who has knowledge of the address of the affected device could exploit this vulnerability by persuading a user to click a crafted link that contains the affected device address. A successful exploit could allow the attacker to conduct browser-based attacks and execute arbitrary script code in the context of the affected interface or access sensitive information on the affected device."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 6.1,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "scope": "CHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
                "version": "3.1"
              },
              "format": "cvssV3_1"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-73",
                  "description": "External Control of File Name or Path",
                  "lang": "en",
                  "type": "cwe"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-03T16:06:15.233Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "cisco-sa-finesse-rfi-gwpkdc89",
              "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-finesse-rfi-gwpkdc89"
            }
          ],
          "source": {
            "advisory": "cisco-sa-finesse-rfi-gwpkdc89",
            "defects": [
              "CSCws76655"
            ],
            "discovery": "EXTERNAL"
          },
          "title": "Cisco Finesse File Inclusion Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2026-20175",
        "datePublished": "2026-06-03T16:06:15.233Z",
        "dateReserved": "2025-10-08T11:59:15.392Z",
        "dateUpdated": "2026-06-03T17:46:00.557Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-20278 (GCVE-0-2025-20278)

    Vulnerability from cvelistv5 – Published: 2025-06-04 16:18 – Updated: 2026-02-26 17:51
    VLAI
    Title
    Cisco Unified Communications Products Command Injection Vulnerability
    Summary
    A vulnerability in the CLI of multiple Cisco Unified Communications products could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system of an affected device as the root user. This vulnerability is due to improper validation of user-supplied command arguments. An attacker could exploit this vulnerability by executing crafted commands on the CLI of an affected device. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system of an affected device as the root user. To exploit this vulnerability, the attacker must have valid administrative credentials.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-77 - Improper Neutralization of Special Elements used in a Command ('Command Injection')
    Assigner
    Impacted products
    Vendor Product Version
    Cisco Cisco Finesse Affected: 11.0(1)ES_Rollback
    Affected: 10.5(1)ES4
    Affected: 11.6(1)ES3
    Affected: 11.0(1)ES2
    Affected: 12.0(1)ES2
    Affected: 10.5(1)ES3
    Affected: 11.0(1)
    Affected: 11.6(1)FIPS
    Affected: 11.6(1)ES4
    Affected: 11.0(1)ES3
    Affected: 10.5(1)ES6
    Affected: 11.0(1)ES7
    Affected: 11.5(1)ES4
    Affected: 10.5(1)ES8
    Affected: 11.5(1)
    Affected: 11.6(1)
    Affected: 10.5(1)ES10
    Affected: 11.6(1)ES2
    Affected: 11.6(1)ES
    Affected: 11.0(1)ES6
    Affected: 11.0(1)ES4
    Affected: 12.0(1)
    Affected: 11.6(1)ES7
    Affected: 10.5(1)ES7
    Affected: 11.6(1)ES8
    Affected: 11.5(1)ES1
    Affected: 11.6(1)ES1
    Affected: 11.5(1)ES5
    Affected: 11.0(1)ES1
    Affected: 10.5(1)
    Affected: 11.6(1)ES6
    Affected: 10.5(1)ES2
    Affected: 12.0(1)ES1
    Affected: 11.0(1)ES5
    Affected: 10.5(1)ES5
    Affected: 11.5(1)ES3
    Affected: 11.5(1)ES2
    Affected: 10.5(1)ES9
    Affected: 11.6(1)ES5
    Affected: 11.6(1)ES9
    Affected: 11.5(1)ES6
    Affected: 10.5(1)ES1
    Affected: 12.5(1)
    Affected: 12.0(1)ES3
    Affected: 11.6(1)ES10
    Affected: 12.5(1)ES1
    Affected: 12.5(1)ES2
    Affected: 12.0(1)ES4
    Affected: 12.5(1)ES3
    Affected: 12.0(1)ES5
    Affected: 12.5(1)ES4
    Affected: 12.0(1)ES6
    Affected: 12.5(1)ES5
    Affected: 12.5(1)ES6
    Affected: 12.0(1)ES7
    Affected: 12.6(1)
    Affected: 12.5(1)ES7
    Affected: 11.6(1)ES11
    Affected: 12.6(1)ES1
    Affected: 12.0(1)ES8
    Affected: 12.5(1)ES8
    Affected: 12.6(1)ES2
    Affected: 12.6(1)ES3
    Affected: 12.6(1)ES4
    Affected: 12.6(1)ES5
    Affected: 12.5(2)
    Affected: 12.5(1)_SU
    Affected: 12.5(1)SU
    Affected: 12.6(1)ES6
    Affected: 12.5(1)SU ES1
    Affected: 12.6(1)ES7
    Affected: 12.6(1)ES7_ET
    Affected: 12.6(2)
    Affected: 12.6(1)ES8
    Affected: 12.6(1)ES9
    Affected: 12.6(2)ES1
    Affected: 12.6(1)ES10
    Affected: 12.5(1)SU ES2
    Affected: 12.6(1)ES11
    Affected: 12.6(2)ES2
    Affected: 12.6(2)ES3
    Affected: 12.5(1)SU ES3
    Affected: 12.6(2)ES4
    Affected: 12.6(2)ES5
    Create a notification for this product.
    Cisco Cisco SocialMiner Affected: 12.5(1)ES01
    Affected: 10.5(1)
    Affected: 11.6(1)
    Affected: 10.6(1)
    Affected: 12.0(1)ES04
    Affected: 10.6(2)
    Affected: 12.5(1)
    Affected: 11.6(2)
    Affected: 12.0(1)
    Affected: 12.0(1)ES02
    Affected: 11.0(1)
    Affected: 11.5(1)
    Affected: 11.5(1)SU1
    Affected: 12.0(1)ES03
    Affected: 12.5(1)SU3
    Affected: 12.5(1)SU1
    Affected: 12.5(1)SU2
    Create a notification for this product.
    Cisco Cisco Unified Communications Manager Affected: 12.5(1)SU2
    Affected: 12.5(1)SU1
    Affected: 12.5(1)
    Affected: 12.5(1)SU3
    Affected: 12.5(1)SU4
    Affected: 14
    Affected: 12.5(1)SU5
    Affected: 14SU1
    Affected: 12.5(1)SU6
    Affected: 14SU2
    Affected: 12.5(1)SU7
    Affected: 12.5(1)SU7a
    Affected: 14SU3
    Affected: 12.5(1)SU8
    Affected: 12.5(1)SU8a
    Affected: 15
    Affected: 15SU1
    Affected: 14SU4
    Affected: 14SU4a
    Affected: 15SU1a
    Affected: 12.5(1)SU9
    Create a notification for this product.
    Cisco Cisco Unified Communications Manager IM and Presence Service Affected: 12.5(1)
    Affected: 12.5(1)SU1
    Affected: 12.5(1)SU2
    Affected: 12.5(1)SU3
    Affected: 12.5(1)SU4
    Affected: 14
    Affected: 12.5(1)SU5
    Affected: 14SU1
    Affected: 12.5(1)SU6
    Affected: 14SU2
    Affected: 14SU2a
    Affected: 12.5(1)SU7
    Affected: 14SU3
    Affected: 12.5(1)SU8
    Affected: 15
    Affected: Recovery ISO
    Affected: 15SU1
    Affected: 14SU4
    Affected: 12.5(1)SU9
    Create a notification for this product.
    Cisco Cisco Unified Contact Center Express Affected: 10.6(1)
    Affected: 10.5(1)SU1
    Affected: 10.6(1)SU3
    Affected: 12.0(1)
    Affected: 10.0(1)SU1
    Affected: 10.6(1)SU1
    Affected: 11.0(1)SU1
    Affected: 11.5(1)SU1
    Affected: 10.5(1)
    Affected: 11.6(1)
    Affected: 11.6(2)
    Affected: 12.5(1)
    Affected: 12.5(1)SU1
    Affected: 12.5(1)SU2
    Affected: 12.5(1)SU3
    Affected: 12.5(1)_SU03_ES01
    Affected: 12.5(1)_SU03_ES02
    Affected: 12.5(1)_SU02_ES03
    Affected: 12.5(1)_SU02_ES04
    Affected: 12.5(1)_SU02_ES02
    Affected: 12.5(1)_SU01_ES02
    Affected: 12.5(1)_SU01_ES03
    Affected: 12.5(1)_SU02_ES01
    Affected: 11.6(2)ES07
    Affected: 11.6(2)ES08
    Affected: 12.5(1)_SU01_ES01
    Affected: 12.0(1)ES04
    Affected: 12.5(1)ES02
    Affected: 12.5(1)ES03
    Affected: 11.6(2)ES06
    Affected: 12.5(1)ES01
    Affected: 12.0(1)ES03
    Affected: 12.0(1)ES01
    Affected: 11.6(2)ES05
    Affected: 12.0(1)ES02
    Affected: 11.6(2)ES04
    Affected: 11.6(2)ES03
    Affected: 11.6(2)ES02
    Affected: 11.6(2)ES01
    Affected: 10.6(1)SU3ES03
    Affected: 11.0(1)SU1ES03
    Affected: 10.6(1)SU3ES01
    Affected: 10.5(1)SU1ES10
    Affected: 10.0(1)SU1ES04
    Affected: 11.5(1)SU1ES03
    Affected: 11.6(1)ES02
    Affected: 11.5(1)ES01
    Affected: 9.0(2)SU3ES04
    Affected: 10.6(1)SU2
    Affected: 10.6(1)SU2ES04
    Affected: 11.6(1)ES01
    Affected: 10.6(1)SU3ES02
    Affected: 11.5(1)SU1ES02
    Affected: 11.5(1)SU1ES01
    Affected: 8.5(1)
    Affected: 11.0(1)SU1ES02
    Affected: 12.5(1)_SU03_ES03
    Affected: 12.5(1)_SU03_ES04
    Affected: 12.5(1)_SU03_ES05
    Affected: 12.5(1)_SU03_ES06
    Create a notification for this product.
    Cisco Cisco Unified Intelligence Center Affected: 11.6(1)
    Affected: 10.5(1)
    Affected: 11.0(1)
    Affected: 11.5(1)
    Affected: 12.0(1)
    Affected: 12.5(1)
    Affected: 11.0(2)
    Affected: 12.6(1)
    Affected: 12.5(1)SU
    Affected: 12.6(1)_ET
    Affected: 12.6(1)_ES05_ET
    Affected: 11.0(3)
    Affected: 12.6(2)
    Affected: 12.6(2)_504_Issue_ET
    Affected: 12.6.1_ExcelIssue_ET
    Affected: 12.6(2)_Permalink_ET
    Affected: 12.6.2_CSCwk19536_ET
    Affected: 12.6.2_CSCwm96922_ET
    Affected: 12.6.2_Amq_OOS_ET
    Affected: 12.5(2)ET_CSCwi79933
    Affected: 12.6(2)_ET
    Affected: 12.6.2_CSCwn48501_ET
    Create a notification for this product.
    Cisco Cisco Unity Connection Affected: 12.5(1)
    Affected: 12.5(1)SU1
    Affected: 12.5(1)SU2
    Affected: 12.5(1)SU3
    Affected: 12.5(1)SU4
    Affected: 14
    Affected: 12.5(1)SU5
    Affected: 14SU1
    Affected: 12.5(1)SU6
    Affected: 14SU2
    Affected: 12.5(1)SU7
    Affected: 14SU3
    Affected: 12.5(1)SU8
    Affected: 14SU3a
    Affected: 12.5(1)SU8a
    Affected: 15
    Affected: 15SU1
    Affected: 14SU4
    Affected: 12.5(1)SU9
    Create a notification for this product.
    Cisco Cisco Virtualized Voice Browser Affected: 11.0(1)
    Affected: 11.6(1)_ES84
    Affected: 11.5(1)_ES54
    Affected: 11.5(1)_ES27
    Affected: 11.5(1)
    Affected: 11.5(1)ES36
    Affected: 12.0(1)_ES01
    Affected: 11.6(1)_ES85
    Affected: 12.5(1)_ES05
    Affected: 11.5(1)_ES32
    Affected: 11.6(1)_ES83
    Affected: 11.5(1)_ES29
    Affected: 12.0(1)_ES06
    Affected: 12.5(1)
    Affected: 12.0(1)_ES07
    Affected: 11.6(1)_ES80
    Affected: 12.0(1)_ES05
    Affected: 11.5(1)_ES36
    Affected: 11.5(1)_ES53
    Affected: 12.5(1)_ES08
    Affected: 11.5(1)ES43
    Affected: 12.0(1)_ES03
    Affected: 11.6(1)_ES86
    Affected: 12.0(1)_ES04
    Affected: 11.5(1)ES27
    Affected: 12.5(1)_ES03
    Affected: 11.6(1)_ES88
    Affected: 12.5(1)_ES06
    Affected: 11.6(1)_ES82
    Affected: 11.6(1)
    Affected: 11.5(1)ES29
    Affected: 12.5(1)_ES04
    Affected: 12.5(1)_ES07
    Affected: 11.6(1)_ES87
    Affected: 11.6(1)_ES81
    Affected: 12.0(1)
    Affected: 11.6(1)_ES22
    Affected: 11.5(1)_ES43
    Affected: 11.5(1)ES32
    Affected: 12.0(1)_ES02
    Affected: 12.5(1)_ES02
    Affected: 12.6(1)
    Affected: 12.5(1)_ES09
    Affected: 12.6(1)_ES01
    Affected: 12.0(1)_ES08
    Affected: 12.5(1)_ES10
    Affected: 12.6(1)_ES02
    Affected: 12.5(1)_ES11
    Affected: 12.5(1)_ES12
    Affected: 12.6(1)_ES03
    Affected: 12.5(1)_ES13
    Affected: 12.5(1)_ES14
    Affected: 12.6(1)_ES04
    Affected: 12.6(1)_ES05
    Affected: 12.5(1)_ES15
    Affected: 12.6(1)_ES06
    Affected: 12.6(1)_ET
    Affected: 12.5(1)_ES16
    Affected: 12.5(1)SU
    Affected: 12.5(1)_SU
    Affected: 12.5(1)_SU_ES01
    Affected: 12.6(1)_ES07
    Affected: 12.6(2)
    Affected: 12.5(1)_ES17
    Affected: 12.6(1)_ES08
    Affected: 12.6(1)_ES09
    Affected: 12.6(1)_ES10
    Affected: 12.5(1)_SU_ES02
    Affected: 12.6(2)_ES01
    Affected: 12.6(2)_ET01
    Affected: 12.5(2)_ET
    Affected: 12.6(2)_ES02
    Affected: 12.6(2)_ET_Streaming
    Affected: 12.6(2)ET_Transcribe
    Affected: 12.6(2)_ES03
    Affected: 12.6(2)ET_NuanceMix
    Affected: 12.6(2)ET_FileUpload
    Affected: 12.6(2)_ET02
    Affected: 12.6(2)_ES04
    Affected: 12.6.2ET_RTPfallback
    Affected: 12.6.2ET_CSCwf55306
    Affected: 12.6.2_ET_CSCwj36712
    Affected: 12.5.2 ET-CSCwj33374
    Affected: 12.5(1) SU ET
    Affected: 12.6(2)ET_CSCwj87296
    Affected: 12.6(2)_ES05
    Affected: 12.5.2_ET_CSCvz27014
    Affected: 12.6(2)_ET
    Affected: 12.6.2-ET
    Affected: 12.6(2)ET_CSCwk83135
    Affected: 12.6.2_ET_CX_ALAW
    Affected: 12.6.2-ET01-SSL
    Affected: 12.6(2)_ES06
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-20278",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-06-06T03:55:33.465322Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-02-26T17:51:08.371Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unknown",
              "product": "Cisco Finesse",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "11.0(1)ES_Rollback"
                },
                {
                  "status": "affected",
                  "version": "10.5(1)ES4"
                },
                {
                  "status": "affected",
                  "version": "11.6(1)ES3"
                },
                {
                  "status": "affected",
                  "version": "11.0(1)ES2"
                },
                {
                  "status": "affected",
                  "version": "12.0(1)ES2"
                },
                {
                  "status": "affected",
                  "version": "10.5(1)ES3"
                },
                {
                  "status": "affected",
                  "version": "11.0(1)"
                },
                {
                  "status": "affected",
                  "version": "11.6(1)FIPS"
                },
                {
                  "status": "affected",
                  "version": "11.6(1)ES4"
                },
                {
                  "status": "affected",
                  "version": "11.0(1)ES3"
                },
                {
                  "status": "affected",
                  "version": "10.5(1)ES6"
                },
                {
                  "status": "affected",
                  "version": "11.0(1)ES7"
                },
                {
                  "status": "affected",
                  "version": "11.5(1)ES4"
                },
                {
                  "status": "affected",
                  "version": "10.5(1)ES8"
                },
                {
                  "status": "affected",
                  "version": "11.5(1)"
                },
                {
                  "status": "affected",
                  "version": "11.6(1)"
                },
                {
                  "status": "affected",
                  "version": "10.5(1)ES10"
                },
                {
                  "status": "affected",
                  "version": "11.6(1)ES2"
                },
                {
                  "status": "affected",
                  "version": "11.6(1)ES"
                },
                {
                  "status": "affected",
                  "version": "11.0(1)ES6"
                },
                {
                  "status": "affected",
                  "version": "11.0(1)ES4"
                },
                {
                  "status": "affected",
                  "version": "12.0(1)"
                },
                {
                  "status": "affected",
                  "version": "11.6(1)ES7"
                },
                {
                  "status": "affected",
                  "version": "10.5(1)ES7"
                },
                {
                  "status": "affected",
                  "version": "11.6(1)ES8"
                },
                {
                  "status": "affected",
                  "version": "11.5(1)ES1"
                },
                {
                  "status": "affected",
                  "version": "11.6(1)ES1"
                },
                {
                  "status": "affected",
                  "version": "11.5(1)ES5"
                },
                {
                  "status": "affected",
                  "version": "11.0(1)ES1"
                },
                {
                  "status": "affected",
                  "version": "10.5(1)"
                },
                {
                  "status": "affected",
                  "version": "11.6(1)ES6"
                },
                {
                  "status": "affected",
                  "version": "10.5(1)ES2"
                },
                {
                  "status": "affected",
                  "version": "12.0(1)ES1"
                },
                {
                  "status": "affected",
                  "version": "11.0(1)ES5"
                },
                {
                  "status": "affected",
                  "version": "10.5(1)ES5"
                },
                {
                  "status": "affected",
                  "version": "11.5(1)ES3"
                },
                {
                  "status": "affected",
                  "version": "11.5(1)ES2"
                },
                {
                  "status": "affected",
                  "version": "10.5(1)ES9"
                },
                {
                  "status": "affected",
                  "version": "11.6(1)ES5"
                },
                {
                  "status": "affected",
                  "version": "11.6(1)ES9"
                },
                {
                  "status": "affected",
                  "version": "11.5(1)ES6"
                },
                {
                  "status": "affected",
                  "version": "10.5(1)ES1"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)"
                },
                {
                  "status": "affected",
                  "version": "12.0(1)ES3"
                },
                {
                  "status": "affected",
                  "version": "11.6(1)ES10"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)ES1"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)ES2"
                },
                {
                  "status": "affected",
                  "version": "12.0(1)ES4"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)ES3"
                },
                {
                  "status": "affected",
                  "version": "12.0(1)ES5"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)ES4"
                },
                {
                  "status": "affected",
                  "version": "12.0(1)ES6"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)ES5"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)ES6"
                },
                {
                  "status": "affected",
                  "version": "12.0(1)ES7"
                },
                {
                  "status": "affected",
                  "version": "12.6(1)"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)ES7"
                },
                {
                  "status": "affected",
                  "version": "11.6(1)ES11"
                },
                {
                  "status": "affected",
                  "version": "12.6(1)ES1"
                },
                {
                  "status": "affected",
                  "version": "12.0(1)ES8"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)ES8"
                },
                {
                  "status": "affected",
                  "version": "12.6(1)ES2"
                },
                {
                  "status": "affected",
                  "version": "12.6(1)ES3"
                },
                {
                  "status": "affected",
                  "version": "12.6(1)ES4"
                },
                {
                  "status": "affected",
                  "version": "12.6(1)ES5"
                },
                {
                  "status": "affected",
                  "version": "12.5(2)"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)_SU"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)SU"
                },
                {
                  "status": "affected",
                  "version": "12.6(1)ES6"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)SU ES1"
                },
                {
                  "status": "affected",
                  "version": "12.6(1)ES7"
                },
                {
                  "status": "affected",
                  "version": "12.6(1)ES7_ET"
                },
                {
                  "status": "affected",
                  "version": "12.6(2)"
                },
                {
                  "status": "affected",
                  "version": "12.6(1)ES8"
                },
                {
                  "status": "affected",
                  "version": "12.6(1)ES9"
                },
                {
                  "status": "affected",
                  "version": "12.6(2)ES1"
                },
                {
                  "status": "affected",
                  "version": "12.6(1)ES10"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)SU ES2"
                },
                {
                  "status": "affected",
                  "version": "12.6(1)ES11"
                },
                {
                  "status": "affected",
                  "version": "12.6(2)ES2"
                },
                {
                  "status": "affected",
                  "version": "12.6(2)ES3"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)SU ES3"
                },
                {
                  "status": "affected",
                  "version": "12.6(2)ES4"
                },
                {
                  "status": "affected",
                  "version": "12.6(2)ES5"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Cisco SocialMiner",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "12.5(1)ES01"
                },
                {
                  "status": "affected",
                  "version": "10.5(1)"
                },
                {
                  "status": "affected",
                  "version": "11.6(1)"
                },
                {
                  "status": "affected",
                  "version": "10.6(1)"
                },
                {
                  "status": "affected",
                  "version": "12.0(1)ES04"
                },
                {
                  "status": "affected",
                  "version": "10.6(2)"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)"
                },
                {
                  "status": "affected",
                  "version": "11.6(2)"
                },
                {
                  "status": "affected",
                  "version": "12.0(1)"
                },
                {
                  "status": "affected",
                  "version": "12.0(1)ES02"
                },
                {
                  "status": "affected",
                  "version": "11.0(1)"
                },
                {
                  "status": "affected",
                  "version": "11.5(1)"
                },
                {
                  "status": "affected",
                  "version": "11.5(1)SU1"
                },
                {
                  "status": "affected",
                  "version": "12.0(1)ES03"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)SU3"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)SU1"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)SU2"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Cisco Unified Communications Manager",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "12.5(1)SU2"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)SU1"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)SU3"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)SU4"
                },
                {
                  "status": "affected",
                  "version": "14"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)SU5"
                },
                {
                  "status": "affected",
                  "version": "14SU1"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)SU6"
                },
                {
                  "status": "affected",
                  "version": "14SU2"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)SU7"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)SU7a"
                },
                {
                  "status": "affected",
                  "version": "14SU3"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)SU8"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)SU8a"
                },
                {
                  "status": "affected",
                  "version": "15"
                },
                {
                  "status": "affected",
                  "version": "15SU1"
                },
                {
                  "status": "affected",
                  "version": "14SU4"
                },
                {
                  "status": "affected",
                  "version": "14SU4a"
                },
                {
                  "status": "affected",
                  "version": "15SU1a"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)SU9"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Cisco Unified Communications Manager IM and Presence Service",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "12.5(1)"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)SU1"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)SU2"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)SU3"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)SU4"
                },
                {
                  "status": "affected",
                  "version": "14"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)SU5"
                },
                {
                  "status": "affected",
                  "version": "14SU1"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)SU6"
                },
                {
                  "status": "affected",
                  "version": "14SU2"
                },
                {
                  "status": "affected",
                  "version": "14SU2a"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)SU7"
                },
                {
                  "status": "affected",
                  "version": "14SU3"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)SU8"
                },
                {
                  "status": "affected",
                  "version": "15"
                },
                {
                  "status": "affected",
                  "version": "Recovery ISO"
                },
                {
                  "status": "affected",
                  "version": "15SU1"
                },
                {
                  "status": "affected",
                  "version": "14SU4"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)SU9"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Cisco Unified Contact Center Express",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "10.6(1)"
                },
                {
                  "status": "affected",
                  "version": "10.5(1)SU1"
                },
                {
                  "status": "affected",
                  "version": "10.6(1)SU3"
                },
                {
                  "status": "affected",
                  "version": "12.0(1)"
                },
                {
                  "status": "affected",
                  "version": "10.0(1)SU1"
                },
                {
                  "status": "affected",
                  "version": "10.6(1)SU1"
                },
                {
                  "status": "affected",
                  "version": "11.0(1)SU1"
                },
                {
                  "status": "affected",
                  "version": "11.5(1)SU1"
                },
                {
                  "status": "affected",
                  "version": "10.5(1)"
                },
                {
                  "status": "affected",
                  "version": "11.6(1)"
                },
                {
                  "status": "affected",
                  "version": "11.6(2)"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)SU1"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)SU2"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)SU3"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)_SU03_ES01"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)_SU03_ES02"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)_SU02_ES03"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)_SU02_ES04"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)_SU02_ES02"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)_SU01_ES02"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)_SU01_ES03"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)_SU02_ES01"
                },
                {
                  "status": "affected",
                  "version": "11.6(2)ES07"
                },
                {
                  "status": "affected",
                  "version": "11.6(2)ES08"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)_SU01_ES01"
                },
                {
                  "status": "affected",
                  "version": "12.0(1)ES04"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)ES02"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)ES03"
                },
                {
                  "status": "affected",
                  "version": "11.6(2)ES06"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)ES01"
                },
                {
                  "status": "affected",
                  "version": "12.0(1)ES03"
                },
                {
                  "status": "affected",
                  "version": "12.0(1)ES01"
                },
                {
                  "status": "affected",
                  "version": "11.6(2)ES05"
                },
                {
                  "status": "affected",
                  "version": "12.0(1)ES02"
                },
                {
                  "status": "affected",
                  "version": "11.6(2)ES04"
                },
                {
                  "status": "affected",
                  "version": "11.6(2)ES03"
                },
                {
                  "status": "affected",
                  "version": "11.6(2)ES02"
                },
                {
                  "status": "affected",
                  "version": "11.6(2)ES01"
                },
                {
                  "status": "affected",
                  "version": "10.6(1)SU3ES03"
                },
                {
                  "status": "affected",
                  "version": "11.0(1)SU1ES03"
                },
                {
                  "status": "affected",
                  "version": "10.6(1)SU3ES01"
                },
                {
                  "status": "affected",
                  "version": "10.5(1)SU1ES10"
                },
                {
                  "status": "affected",
                  "version": "10.0(1)SU1ES04"
                },
                {
                  "status": "affected",
                  "version": "11.5(1)SU1ES03"
                },
                {
                  "status": "affected",
                  "version": "11.6(1)ES02"
                },
                {
                  "status": "affected",
                  "version": "11.5(1)ES01"
                },
                {
                  "status": "affected",
                  "version": "9.0(2)SU3ES04"
                },
                {
                  "status": "affected",
                  "version": "10.6(1)SU2"
                },
                {
                  "status": "affected",
                  "version": "10.6(1)SU2ES04"
                },
                {
                  "status": "affected",
                  "version": "11.6(1)ES01"
                },
                {
                  "status": "affected",
                  "version": "10.6(1)SU3ES02"
                },
                {
                  "status": "affected",
                  "version": "11.5(1)SU1ES02"
                },
                {
                  "status": "affected",
                  "version": "11.5(1)SU1ES01"
                },
                {
                  "status": "affected",
                  "version": "8.5(1)"
                },
                {
                  "status": "affected",
                  "version": "11.0(1)SU1ES02"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)_SU03_ES03"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)_SU03_ES04"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)_SU03_ES05"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)_SU03_ES06"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Cisco Unified Intelligence Center",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "11.6(1)"
                },
                {
                  "status": "affected",
                  "version": "10.5(1)"
                },
                {
                  "status": "affected",
                  "version": "11.0(1)"
                },
                {
                  "status": "affected",
                  "version": "11.5(1)"
                },
                {
                  "status": "affected",
                  "version": "12.0(1)"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)"
                },
                {
                  "status": "affected",
                  "version": "11.0(2)"
                },
                {
                  "status": "affected",
                  "version": "12.6(1)"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)SU"
                },
                {
                  "status": "affected",
                  "version": "12.6(1)_ET"
                },
                {
                  "status": "affected",
                  "version": "12.6(1)_ES05_ET"
                },
                {
                  "status": "affected",
                  "version": "11.0(3)"
                },
                {
                  "status": "affected",
                  "version": "12.6(2)"
                },
                {
                  "status": "affected",
                  "version": "12.6(2)_504_Issue_ET"
                },
                {
                  "status": "affected",
                  "version": "12.6.1_ExcelIssue_ET"
                },
                {
                  "status": "affected",
                  "version": "12.6(2)_Permalink_ET"
                },
                {
                  "status": "affected",
                  "version": "12.6.2_CSCwk19536_ET"
                },
                {
                  "status": "affected",
                  "version": "12.6.2_CSCwm96922_ET"
                },
                {
                  "status": "affected",
                  "version": "12.6.2_Amq_OOS_ET"
                },
                {
                  "status": "affected",
                  "version": "12.5(2)ET_CSCwi79933"
                },
                {
                  "status": "affected",
                  "version": "12.6(2)_ET"
                },
                {
                  "status": "affected",
                  "version": "12.6.2_CSCwn48501_ET"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Cisco Unity Connection",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "12.5(1)"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)SU1"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)SU2"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)SU3"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)SU4"
                },
                {
                  "status": "affected",
                  "version": "14"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)SU5"
                },
                {
                  "status": "affected",
                  "version": "14SU1"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)SU6"
                },
                {
                  "status": "affected",
                  "version": "14SU2"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)SU7"
                },
                {
                  "status": "affected",
                  "version": "14SU3"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)SU8"
                },
                {
                  "status": "affected",
                  "version": "14SU3a"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)SU8a"
                },
                {
                  "status": "affected",
                  "version": "15"
                },
                {
                  "status": "affected",
                  "version": "15SU1"
                },
                {
                  "status": "affected",
                  "version": "14SU4"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)SU9"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Cisco Virtualized Voice Browser",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "11.0(1)"
                },
                {
                  "status": "affected",
                  "version": "11.6(1)_ES84"
                },
                {
                  "status": "affected",
                  "version": "11.5(1)_ES54"
                },
                {
                  "status": "affected",
                  "version": "11.5(1)_ES27"
                },
                {
                  "status": "affected",
                  "version": "11.5(1)"
                },
                {
                  "status": "affected",
                  "version": "11.5(1)ES36"
                },
                {
                  "status": "affected",
                  "version": "12.0(1)_ES01"
                },
                {
                  "status": "affected",
                  "version": "11.6(1)_ES85"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)_ES05"
                },
                {
                  "status": "affected",
                  "version": "11.5(1)_ES32"
                },
                {
                  "status": "affected",
                  "version": "11.6(1)_ES83"
                },
                {
                  "status": "affected",
                  "version": "11.5(1)_ES29"
                },
                {
                  "status": "affected",
                  "version": "12.0(1)_ES06"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)"
                },
                {
                  "status": "affected",
                  "version": "12.0(1)_ES07"
                },
                {
                  "status": "affected",
                  "version": "11.6(1)_ES80"
                },
                {
                  "status": "affected",
                  "version": "12.0(1)_ES05"
                },
                {
                  "status": "affected",
                  "version": "11.5(1)_ES36"
                },
                {
                  "status": "affected",
                  "version": "11.5(1)_ES53"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)_ES08"
                },
                {
                  "status": "affected",
                  "version": "11.5(1)ES43"
                },
                {
                  "status": "affected",
                  "version": "12.0(1)_ES03"
                },
                {
                  "status": "affected",
                  "version": "11.6(1)_ES86"
                },
                {
                  "status": "affected",
                  "version": "12.0(1)_ES04"
                },
                {
                  "status": "affected",
                  "version": "11.5(1)ES27"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)_ES03"
                },
                {
                  "status": "affected",
                  "version": "11.6(1)_ES88"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)_ES06"
                },
                {
                  "status": "affected",
                  "version": "11.6(1)_ES82"
                },
                {
                  "status": "affected",
                  "version": "11.6(1)"
                },
                {
                  "status": "affected",
                  "version": "11.5(1)ES29"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)_ES04"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)_ES07"
                },
                {
                  "status": "affected",
                  "version": "11.6(1)_ES87"
                },
                {
                  "status": "affected",
                  "version": "11.6(1)_ES81"
                },
                {
                  "status": "affected",
                  "version": "12.0(1)"
                },
                {
                  "status": "affected",
                  "version": "11.6(1)_ES22"
                },
                {
                  "status": "affected",
                  "version": "11.5(1)_ES43"
                },
                {
                  "status": "affected",
                  "version": "11.5(1)ES32"
                },
                {
                  "status": "affected",
                  "version": "12.0(1)_ES02"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)_ES02"
                },
                {
                  "status": "affected",
                  "version": "12.6(1)"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)_ES09"
                },
                {
                  "status": "affected",
                  "version": "12.6(1)_ES01"
                },
                {
                  "status": "affected",
                  "version": "12.0(1)_ES08"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)_ES10"
                },
                {
                  "status": "affected",
                  "version": "12.6(1)_ES02"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)_ES11"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)_ES12"
                },
                {
                  "status": "affected",
                  "version": "12.6(1)_ES03"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)_ES13"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)_ES14"
                },
                {
                  "status": "affected",
                  "version": "12.6(1)_ES04"
                },
                {
                  "status": "affected",
                  "version": "12.6(1)_ES05"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)_ES15"
                },
                {
                  "status": "affected",
                  "version": "12.6(1)_ES06"
                },
                {
                  "status": "affected",
                  "version": "12.6(1)_ET"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)_ES16"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)SU"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)_SU"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)_SU_ES01"
                },
                {
                  "status": "affected",
                  "version": "12.6(1)_ES07"
                },
                {
                  "status": "affected",
                  "version": "12.6(2)"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)_ES17"
                },
                {
                  "status": "affected",
                  "version": "12.6(1)_ES08"
                },
                {
                  "status": "affected",
                  "version": "12.6(1)_ES09"
                },
                {
                  "status": "affected",
                  "version": "12.6(1)_ES10"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)_SU_ES02"
                },
                {
                  "status": "affected",
                  "version": "12.6(2)_ES01"
                },
                {
                  "status": "affected",
                  "version": "12.6(2)_ET01"
                },
                {
                  "status": "affected",
                  "version": "12.5(2)_ET"
                },
                {
                  "status": "affected",
                  "version": "12.6(2)_ES02"
                },
                {
                  "status": "affected",
                  "version": "12.6(2)_ET_Streaming"
                },
                {
                  "status": "affected",
                  "version": "12.6(2)ET_Transcribe"
                },
                {
                  "status": "affected",
                  "version": "12.6(2)_ES03"
                },
                {
                  "status": "affected",
                  "version": "12.6(2)ET_NuanceMix"
                },
                {
                  "status": "affected",
                  "version": "12.6(2)ET_FileUpload"
                },
                {
                  "status": "affected",
                  "version": "12.6(2)_ET02"
                },
                {
                  "status": "affected",
                  "version": "12.6(2)_ES04"
                },
                {
                  "status": "affected",
                  "version": "12.6.2ET_RTPfallback"
                },
                {
                  "status": "affected",
                  "version": "12.6.2ET_CSCwf55306"
                },
                {
                  "status": "affected",
                  "version": "12.6.2_ET_CSCwj36712"
                },
                {
                  "status": "affected",
                  "version": "12.5.2 ET-CSCwj33374"
                },
                {
                  "status": "affected",
                  "version": "12.5(1) SU ET"
                },
                {
                  "status": "affected",
                  "version": "12.6(2)ET_CSCwj87296"
                },
                {
                  "status": "affected",
                  "version": "12.6(2)_ES05"
                },
                {
                  "status": "affected",
                  "version": "12.5.2_ET_CSCvz27014"
                },
                {
                  "status": "affected",
                  "version": "12.6(2)_ET"
                },
                {
                  "status": "affected",
                  "version": "12.6.2-ET"
                },
                {
                  "status": "affected",
                  "version": "12.6(2)ET_CSCwk83135"
                },
                {
                  "status": "affected",
                  "version": "12.6.2_ET_CX_ALAW"
                },
                {
                  "status": "affected",
                  "version": "12.6.2-ET01-SSL"
                },
                {
                  "status": "affected",
                  "version": "12.6(2)_ES06"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability in the CLI of multiple Cisco Unified Communications products could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system of an affected device as the root user.\r\n\r\nThis vulnerability is due to improper validation of user-supplied command arguments. An attacker could exploit this vulnerability by executing crafted commands on the CLI of an affected device. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system of an affected device as the root user. To exploit this vulnerability, the attacker must have valid administrative credentials."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "NONE",
                "baseScore": 6,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N",
                "version": "3.1"
              },
              "format": "cvssV3_1"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-77",
                  "description": "Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)",
                  "lang": "en",
                  "type": "cwe"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-06-04T16:18:20.661Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "cisco-sa-vos-command-inject-65s2UCYy",
              "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-vos-command-inject-65s2UCYy"
            }
          ],
          "source": {
            "advisory": "cisco-sa-vos-command-inject-65s2UCYy",
            "defects": [
              "CSCwk24029"
            ],
            "discovery": "EXTERNAL"
          },
          "title": "Cisco Unified Communications Products Command Injection Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2025-20278",
        "datePublished": "2025-06-04T16:18:20.661Z",
        "dateReserved": "2024-10-10T19:15:13.246Z",
        "dateUpdated": "2026-02-26T17:51:08.371Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-20112 (GCVE-0-2025-20112)

    Vulnerability from cvelistv5 – Published: 2025-05-21 16:19 – Updated: 2026-02-26 18:28
    VLAI
    Title
    Cisco Unified Communications Products Privilege Escalation Vulnerability
    Summary
    A vulnerability in multiple Cisco Unified Communications and Contact Center Solutions products could allow an authenticated, local attacker to elevate privileges to root on an affected device. This vulnerability is due to excessive permissions that have been assigned to system commands.&nbsp;An attacker could exploit this vulnerability by executing crafted commands on the underlying operating system. A successful exploit could allow the attacker to escape the restricted shell and gain root privileges on the underlying operating system of an affected device. To successfully exploit this vulnerability, an attacker would need administrative access to the ESXi hypervisor.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    Cisco Cisco Emergency Responder Affected: 12.5(1a)
    Affected: 12.5(1)SU1
    Affected: 12.5(1)
    Affected: 12.5(1)SU2
    Affected: 12.5(1)SU3
    Affected: 12.5(1)SU4
    Affected: 14
    Affected: 12.5(1)SU5
    Affected: 14SU1
    Affected: 12.5(1)SU6
    Affected: 14SU2
    Affected: 12.5(1)SU7
    Affected: 14SU3
    Affected: 12.5(1)SU8
    Affected: 12.5(1)SU8a
    Affected: 12.5(1)SU8b
    Affected: 14SU3a
    Affected: 15
    Affected: 15SU1
    Affected: 15SU1a
    Affected: 14SU4
    Affected: 12.5(1)SU9
    Create a notification for this product.
    Cisco Cisco Finesse Affected: 11.0(1)ES_Rollback
    Affected: 10.5(1)ES4
    Affected: 11.6(1)ES3
    Affected: 11.0(1)ES2
    Affected: 12.0(1)ES2
    Affected: 10.5(1)ES3
    Affected: 11.0(1)
    Affected: 11.6(1)FIPS
    Affected: 11.6(1)ES4
    Affected: 11.0(1)ES3
    Affected: 10.5(1)ES6
    Affected: 11.0(1)ES7
    Affected: 11.5(1)ES4
    Affected: 10.5(1)ES8
    Affected: 11.5(1)
    Affected: 11.6(1)
    Affected: 10.5(1)ES10
    Affected: 11.6(1)ES2
    Affected: 11.6(1)ES
    Affected: 11.0(1)ES6
    Affected: 11.0(1)ES4
    Affected: 12.0(1)
    Affected: 11.6(1)ES7
    Affected: 10.5(1)ES7
    Affected: 11.6(1)ES8
    Affected: 11.5(1)ES1
    Affected: 11.6(1)ES1
    Affected: 11.5(1)ES5
    Affected: 11.0(1)ES1
    Affected: 10.5(1)
    Affected: 11.6(1)ES6
    Affected: 10.5(1)ES2
    Affected: 12.0(1)ES1
    Affected: 11.0(1)ES5
    Affected: 10.5(1)ES5
    Affected: 11.5(1)ES3
    Affected: 11.5(1)ES2
    Affected: 10.5(1)ES9
    Affected: 11.6(1)ES5
    Affected: 11.6(1)ES9
    Affected: 11.5(1)ES6
    Affected: 10.5(1)ES1
    Affected: 12.5(1)
    Affected: 12.0(1)ES3
    Affected: 11.6(1)ES10
    Affected: 12.5(1)ES1
    Affected: 12.5(1)ES2
    Affected: 12.0(1)ES4
    Affected: 12.5(1)ES3
    Affected: 12.0(1)ES5
    Affected: 12.5(1)ES4
    Affected: 12.0(1)ES6
    Affected: 12.5(1)ES5
    Affected: 12.5(1)ES6
    Affected: 12.0(1)ES7
    Affected: 12.6(1)
    Affected: 12.5(1)ES7
    Affected: 11.6(1)ES11
    Affected: 12.6(1)ES1
    Affected: 12.0(1)ES8
    Affected: 12.5(1)ES8
    Affected: 12.6(1)ES2
    Affected: 12.6(1)ES3
    Affected: 12.6(1)ES4
    Affected: 12.6(1)ES5
    Affected: 12.5(2)
    Affected: 12.5(1)_SU
    Affected: 12.5(1)SU
    Affected: 12.6(1)ES6
    Affected: 12.5(1)SU ES1
    Affected: 12.6(1)ES7
    Affected: 12.6(1)ES7_ET
    Affected: 12.6(2)
    Affected: 12.6(1)ES8
    Affected: 12.6(1)ES9
    Affected: 12.6(2)ES1
    Affected: 12.6(1)ES10
    Affected: 12.5(1)SU ES2
    Affected: 12.6(1)ES11
    Affected: 12.6(2)ES2
    Affected: 12.6(2)ES3
    Affected: 12.5(1)SU ES3
    Affected: 12.6(2)ES4
    Affected: 12.6(2)ES6
    Create a notification for this product.
    Cisco Cisco Prime Collaboration Deployment Affected: 11.5(1)
    Affected: 11.0(1a)
    Affected: 11.5(1)SU1
    Affected: 10.5(3)
    Affected: 12.6(1)
    Affected: 11.0(1)
    Affected: 11.6(2)
    Affected: 12.1(1)
    Affected: 12.0(1a)
    Affected: 11.5(3)
    Affected: 10.5(1)
    Affected: 12.5(1)
    Affected: 11.5(2)
    Affected: 11.6(1)
    Affected: 10.5(2)
    Affected: 10.5(3)SU1
    Affected: 14
    Affected: 14SU1
    Affected: 14SU2
    Affected: 14SU3
    Affected: 15
    Affected: 15SU1
    Affected: 14SU4
    Create a notification for this product.
    Cisco Cisco SocialMiner Affected: 12.5(1)ES01
    Affected: 10.5(1)
    Affected: 11.6(1)
    Affected: 10.6(1)
    Affected: 12.0(1)ES04
    Affected: 10.6(2)
    Affected: 12.5(1)
    Affected: 11.6(2)
    Affected: 12.0(1)
    Affected: 12.0(1)ES02
    Affected: 11.0(1)
    Affected: 11.5(1)
    Affected: 11.5(1)SU1
    Affected: 12.0(1)ES03
    Affected: 12.5(1)SU3
    Affected: 12.5(1)SU1
    Affected: 12.5(1)SU2
    Create a notification for this product.
    Cisco Cisco Unified Communications Manager Affected: 12.5(1)SU2
    Affected: 12.5(1)SU1
    Affected: 12.5(1)
    Affected: 12.5(1)SU3
    Affected: 12.5(1)SU4
    Affected: 14
    Affected: 12.5(1)SU5
    Affected: 14SU1
    Affected: 12.5(1)SU6
    Affected: 14SU2
    Affected: 12.5(1)SU7
    Affected: 12.5(1)SU7a
    Affected: 14SU3
    Affected: 12.5(1)SU8
    Affected: 12.5(1)SU8a
    Affected: 15
    Affected: 15SU1
    Affected: 14SU4
    Affected: 14SU4a
    Affected: 15SU1a
    Affected: 12.5(1)SU9
    Create a notification for this product.
    Cisco Cisco Unified Communications Manager IM and Presence Service Affected: 12.5(1)
    Affected: 12.5(1)SU1
    Affected: 12.5(1)SU2
    Affected: 12.5(1)SU3
    Affected: 12.5(1)SU4
    Affected: 14
    Affected: 12.5(1)SU5
    Affected: 14SU1
    Affected: 12.5(1)SU6
    Affected: 14SU2
    Affected: 14SU2a
    Affected: 12.5(1)SU7
    Affected: 14SU3
    Affected: 12.5(1)SU8
    Affected: 15
    Affected: 15SU1
    Affected: 14SU4
    Affected: 12.5(1)SU9
    Create a notification for this product.
    Cisco Cisco Unified Contact Center Express Affected: 10.5(1)SU1
    Affected: 10.6(1)
    Affected: 11.6(1)
    Affected: 10.6(1)SU1
    Affected: 10.6(1)SU3
    Affected: 11.6(2)
    Affected: 12.0(1)
    Affected: 10.0(1)SU1
    Affected: 11.0(1)SU1
    Affected: 11.5(1)SU1
    Affected: 10.5(1)
    Affected: 12.5(1)
    Affected: 12.5(1)SU1
    Affected: 12.5(1)SU2
    Affected: 12.5(1)SU3
    Affected: 12.5(1)_SU03_ES01
    Affected: 12.5(1)_SU03_ES02
    Affected: 12.5(1)_SU02_ES03
    Affected: 12.5(1)_SU02_ES04
    Affected: 12.5(1)_SU02_ES02
    Affected: 12.5(1)_SU01_ES02
    Affected: 12.5(1)_SU01_ES03
    Affected: 12.5(1)_SU02_ES01
    Affected: 11.6(2)ES07
    Affected: 11.6(2)ES08
    Affected: 12.5(1)_SU01_ES01
    Affected: 12.0(1)ES04
    Affected: 12.5(1)ES02
    Affected: 12.5(1)ES03
    Affected: 11.6(2)ES06
    Affected: 12.5(1)ES01
    Affected: 12.0(1)ES03
    Affected: 12.0(1)ES01
    Affected: 11.6(2)ES05
    Affected: 12.0(1)ES02
    Affected: 11.6(2)ES04
    Affected: 11.6(2)ES03
    Affected: 11.6(2)ES02
    Affected: 11.6(2)ES01
    Affected: 10.6(1)SU3ES03
    Affected: 11.0(1)SU1ES03
    Affected: 10.6(1)SU3ES01
    Affected: 10.5(1)SU1ES10
    Affected: 10.0(1)SU1ES04
    Affected: 11.5(1)SU1ES03
    Affected: 11.6(1)ES02
    Affected: 11.5(1)ES01
    Affected: 9.0(2)SU3ES04
    Affected: 10.6(1)SU2
    Affected: 10.6(1)SU2ES04
    Affected: 11.6(1)ES01
    Affected: 10.6(1)SU3ES02
    Affected: 11.5(1)SU1ES02
    Affected: 11.5(1)SU1ES01
    Affected: 8.5(1)SU4ES09
    Affected: 8.5(1)
    Affected: 11.0(1)SU1ES02
    Affected: 12.5(1)_SU03_ES03
    Affected: 12.5(1)_SU03_ES04
    Affected: 12.5(1)_SU03_ES05
    Affected: 12.5(1)_SU03_ES06
    Create a notification for this product.
    Cisco Cisco Unified Intelligence Center Affected: 11.6(1)
    Affected: 10.5(1)
    Affected: 11.0(1)
    Affected: 11.5(1)
    Affected: 12.0(1)
    Affected: 12.5(1)
    Affected: 11.0(2)
    Affected: 12.6(1)
    Affected: 12.5(1)SU
    Affected: 12.6(1)_ET
    Affected: 12.6(1)_ES05_ET
    Affected: 11.0(3)
    Affected: 12.6(2)
    Affected: 12.6(2)_504_Issue_ET
    Affected: 12.6.1_ExcelIssue_ET
    Affected: 12.6(2)_Permalink_ET
    Affected: 12.6.2_CSCwk19536_ET
    Affected: 12.6.2_CSCwm96922_ET
    Affected: 12.6.2_Amq_OOS_ET
    Affected: 12.5(2)ET_CSCwi79933
    Affected: 12.6(2)_ET
    Affected: 12.6.2_CSCwn48501_ET
    Create a notification for this product.
    Cisco Cisco Unity Connection Affected: 12.5(1)
    Affected: 12.5(1)SU1
    Affected: 12.5(1)SU2
    Affected: 12.5(1)SU3
    Affected: 12.5(1)SU4
    Affected: 14
    Affected: 12.5(1)SU5
    Affected: 14SU1
    Affected: 12.5(1)SU6
    Affected: 14SU2
    Affected: 12.5(1)SU7
    Affected: 14SU3
    Affected: 12.5(1)SU8
    Affected: 14SU3a
    Affected: 12.5(1)SU8a
    Affected: 15
    Affected: 15SU1
    Affected: 14SU4
    Affected: 12.5(1)SU9
    Create a notification for this product.
    Cisco Cisco Virtualized Voice Browser Affected: 11.0(1)
    Affected: 11.6(1)_ES84
    Affected: 11.5(1)_ES54
    Affected: 11.5(1)_ES27
    Affected: 11.5(1)
    Affected: 11.5(1)ES36
    Affected: 12.0(1)_ES01
    Affected: 11.6(1)_ES85
    Affected: 12.5(1)_ES05
    Affected: 11.5(1)_ES32
    Affected: 11.6(1)_ES83
    Affected: 11.5(1)_ES29
    Affected: 12.0(1)_ES06
    Affected: 12.5(1)
    Affected: 12.0(1)_ES07
    Affected: 11.6(1)_ES80
    Affected: 12.0(1)_ES05
    Affected: 11.5(1)_ES36
    Affected: 11.5(1)_ES53
    Affected: 12.5(1)_ES08
    Affected: 11.5(1)ES43
    Affected: 12.0(1)_ES03
    Affected: 11.6(1)_ES86
    Affected: 12.0(1)_ES04
    Affected: 11.5(1)ES27
    Affected: 12.5(1)_ES03
    Affected: 11.6(1)_ES88
    Affected: 12.5(1)_ES06
    Affected: 11.6(1)_ES82
    Affected: 11.6(1)
    Affected: 11.5(1)ES29
    Affected: 12.5(1)_ES04
    Affected: 12.5(1)_ES07
    Affected: 11.6(1)_ES87
    Affected: 11.6(1)_ES81
    Affected: 12.0(1)
    Affected: 11.6(1)_ES22
    Affected: 11.5(1)_ES43
    Affected: 11.5(1)ES32
    Affected: 12.0(1)_ES02
    Affected: 12.5(1)_ES02
    Affected: 12.6(1)
    Affected: 12.5(1)_ES09
    Affected: 12.6(1)_ES01
    Affected: 12.0(1)_ES08
    Affected: 12.5(1)_ES10
    Affected: 12.6(1)_ES02
    Affected: 12.5(1)_ES11
    Affected: 12.5(1)_ES12
    Affected: 12.6(1)_ES03
    Affected: 12.5(1)_ES13
    Affected: 12.5(1)_ES14
    Affected: 12.6(1)_ES04
    Affected: 12.6(1)_ES05
    Affected: 12.5(1)_ES15
    Affected: 12.6(1)_ES06
    Affected: 12.6(1)_ET
    Affected: 12.5(1)_ES16
    Affected: 12.5(1)SU
    Affected: 12.5(1)_SU
    Affected: 12.5(1)_SU_ES01
    Affected: 12.6(1)_ES07
    Affected: 12.6(2)
    Affected: 12.5(1)_ES17
    Affected: 12.6(1)_ES08
    Affected: 12.6(1)_ES09
    Affected: 12.6(1)_ES10
    Affected: 12.5(1)_SU_ES02
    Affected: 12.6(2)_ES01
    Affected: 12.6(2)_ET01
    Affected: 12.5(2)_ET
    Affected: 12.6(2)_ES02
    Affected: 12.6(2)_ET_Streaming
    Affected: 12.6(2)ET_Transcribe
    Affected: 12.6(2)_ES03
    Affected: 12.6(2)ET_NuanceMix
    Affected: 12.6(2)ET_FileUpload
    Affected: 12.6(2)_ET02
    Affected: 12.6(2)_ES04
    Affected: 12.6.2ET_RTPfallback
    Affected: 12.6.2ET_CSCwf55306
    Affected: 12.6.2_ET_CSCwj36712
    Affected: 12.5.2 ET-CSCwj33374
    Affected: 12.5(1) SU ET
    Affected: 12.6(2)ET_CSCwj87296
    Affected: 12.6(2)_ES05
    Affected: 12.5.2_ET_CSCvz27014
    Affected: 12.6(2)_ET
    Affected: 12.6.2-ET
    Affected: 12.6(2)ET_CSCwk83135
    Affected: 12.6.2_ET_CX_ALAW
    Affected: 12.6.2-ET01-SSL
    Affected: 12.6(2)_ES06
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-20112",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-05-22T03:55:23.838603Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-02-26T18:28:03.732Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unknown",
              "product": "Cisco Emergency Responder",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "12.5(1a)"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)SU1"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)SU2"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)SU3"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)SU4"
                },
                {
                  "status": "affected",
                  "version": "14"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)SU5"
                },
                {
                  "status": "affected",
                  "version": "14SU1"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)SU6"
                },
                {
                  "status": "affected",
                  "version": "14SU2"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)SU7"
                },
                {
                  "status": "affected",
                  "version": "14SU3"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)SU8"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)SU8a"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)SU8b"
                },
                {
                  "status": "affected",
                  "version": "14SU3a"
                },
                {
                  "status": "affected",
                  "version": "15"
                },
                {
                  "status": "affected",
                  "version": "15SU1"
                },
                {
                  "status": "affected",
                  "version": "15SU1a"
                },
                {
                  "status": "affected",
                  "version": "14SU4"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)SU9"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Cisco Finesse",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "11.0(1)ES_Rollback"
                },
                {
                  "status": "affected",
                  "version": "10.5(1)ES4"
                },
                {
                  "status": "affected",
                  "version": "11.6(1)ES3"
                },
                {
                  "status": "affected",
                  "version": "11.0(1)ES2"
                },
                {
                  "status": "affected",
                  "version": "12.0(1)ES2"
                },
                {
                  "status": "affected",
                  "version": "10.5(1)ES3"
                },
                {
                  "status": "affected",
                  "version": "11.0(1)"
                },
                {
                  "status": "affected",
                  "version": "11.6(1)FIPS"
                },
                {
                  "status": "affected",
                  "version": "11.6(1)ES4"
                },
                {
                  "status": "affected",
                  "version": "11.0(1)ES3"
                },
                {
                  "status": "affected",
                  "version": "10.5(1)ES6"
                },
                {
                  "status": "affected",
                  "version": "11.0(1)ES7"
                },
                {
                  "status": "affected",
                  "version": "11.5(1)ES4"
                },
                {
                  "status": "affected",
                  "version": "10.5(1)ES8"
                },
                {
                  "status": "affected",
                  "version": "11.5(1)"
                },
                {
                  "status": "affected",
                  "version": "11.6(1)"
                },
                {
                  "status": "affected",
                  "version": "10.5(1)ES10"
                },
                {
                  "status": "affected",
                  "version": "11.6(1)ES2"
                },
                {
                  "status": "affected",
                  "version": "11.6(1)ES"
                },
                {
                  "status": "affected",
                  "version": "11.0(1)ES6"
                },
                {
                  "status": "affected",
                  "version": "11.0(1)ES4"
                },
                {
                  "status": "affected",
                  "version": "12.0(1)"
                },
                {
                  "status": "affected",
                  "version": "11.6(1)ES7"
                },
                {
                  "status": "affected",
                  "version": "10.5(1)ES7"
                },
                {
                  "status": "affected",
                  "version": "11.6(1)ES8"
                },
                {
                  "status": "affected",
                  "version": "11.5(1)ES1"
                },
                {
                  "status": "affected",
                  "version": "11.6(1)ES1"
                },
                {
                  "status": "affected",
                  "version": "11.5(1)ES5"
                },
                {
                  "status": "affected",
                  "version": "11.0(1)ES1"
                },
                {
                  "status": "affected",
                  "version": "10.5(1)"
                },
                {
                  "status": "affected",
                  "version": "11.6(1)ES6"
                },
                {
                  "status": "affected",
                  "version": "10.5(1)ES2"
                },
                {
                  "status": "affected",
                  "version": "12.0(1)ES1"
                },
                {
                  "status": "affected",
                  "version": "11.0(1)ES5"
                },
                {
                  "status": "affected",
                  "version": "10.5(1)ES5"
                },
                {
                  "status": "affected",
                  "version": "11.5(1)ES3"
                },
                {
                  "status": "affected",
                  "version": "11.5(1)ES2"
                },
                {
                  "status": "affected",
                  "version": "10.5(1)ES9"
                },
                {
                  "status": "affected",
                  "version": "11.6(1)ES5"
                },
                {
                  "status": "affected",
                  "version": "11.6(1)ES9"
                },
                {
                  "status": "affected",
                  "version": "11.5(1)ES6"
                },
                {
                  "status": "affected",
                  "version": "10.5(1)ES1"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)"
                },
                {
                  "status": "affected",
                  "version": "12.0(1)ES3"
                },
                {
                  "status": "affected",
                  "version": "11.6(1)ES10"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)ES1"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)ES2"
                },
                {
                  "status": "affected",
                  "version": "12.0(1)ES4"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)ES3"
                },
                {
                  "status": "affected",
                  "version": "12.0(1)ES5"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)ES4"
                },
                {
                  "status": "affected",
                  "version": "12.0(1)ES6"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)ES5"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)ES6"
                },
                {
                  "status": "affected",
                  "version": "12.0(1)ES7"
                },
                {
                  "status": "affected",
                  "version": "12.6(1)"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)ES7"
                },
                {
                  "status": "affected",
                  "version": "11.6(1)ES11"
                },
                {
                  "status": "affected",
                  "version": "12.6(1)ES1"
                },
                {
                  "status": "affected",
                  "version": "12.0(1)ES8"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)ES8"
                },
                {
                  "status": "affected",
                  "version": "12.6(1)ES2"
                },
                {
                  "status": "affected",
                  "version": "12.6(1)ES3"
                },
                {
                  "status": "affected",
                  "version": "12.6(1)ES4"
                },
                {
                  "status": "affected",
                  "version": "12.6(1)ES5"
                },
                {
                  "status": "affected",
                  "version": "12.5(2)"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)_SU"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)SU"
                },
                {
                  "status": "affected",
                  "version": "12.6(1)ES6"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)SU ES1"
                },
                {
                  "status": "affected",
                  "version": "12.6(1)ES7"
                },
                {
                  "status": "affected",
                  "version": "12.6(1)ES7_ET"
                },
                {
                  "status": "affected",
                  "version": "12.6(2)"
                },
                {
                  "status": "affected",
                  "version": "12.6(1)ES8"
                },
                {
                  "status": "affected",
                  "version": "12.6(1)ES9"
                },
                {
                  "status": "affected",
                  "version": "12.6(2)ES1"
                },
                {
                  "status": "affected",
                  "version": "12.6(1)ES10"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)SU ES2"
                },
                {
                  "status": "affected",
                  "version": "12.6(1)ES11"
                },
                {
                  "status": "affected",
                  "version": "12.6(2)ES2"
                },
                {
                  "status": "affected",
                  "version": "12.6(2)ES3"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)SU ES3"
                },
                {
                  "status": "affected",
                  "version": "12.6(2)ES4"
                },
                {
                  "status": "affected",
                  "version": "12.6(2)ES6"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Cisco Prime Collaboration Deployment",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "11.5(1)"
                },
                {
                  "status": "affected",
                  "version": "11.0(1a)"
                },
                {
                  "status": "affected",
                  "version": "11.5(1)SU1"
                },
                {
                  "status": "affected",
                  "version": "10.5(3)"
                },
                {
                  "status": "affected",
                  "version": "12.6(1)"
                },
                {
                  "status": "affected",
                  "version": "11.0(1)"
                },
                {
                  "status": "affected",
                  "version": "11.6(2)"
                },
                {
                  "status": "affected",
                  "version": "12.1(1)"
                },
                {
                  "status": "affected",
                  "version": "12.0(1a)"
                },
                {
                  "status": "affected",
                  "version": "11.5(3)"
                },
                {
                  "status": "affected",
                  "version": "10.5(1)"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)"
                },
                {
                  "status": "affected",
                  "version": "11.5(2)"
                },
                {
                  "status": "affected",
                  "version": "11.6(1)"
                },
                {
                  "status": "affected",
                  "version": "10.5(2)"
                },
                {
                  "status": "affected",
                  "version": "10.5(3)SU1"
                },
                {
                  "status": "affected",
                  "version": "14"
                },
                {
                  "status": "affected",
                  "version": "14SU1"
                },
                {
                  "status": "affected",
                  "version": "14SU2"
                },
                {
                  "status": "affected",
                  "version": "14SU3"
                },
                {
                  "status": "affected",
                  "version": "15"
                },
                {
                  "status": "affected",
                  "version": "15SU1"
                },
                {
                  "status": "affected",
                  "version": "14SU4"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Cisco SocialMiner",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "12.5(1)ES01"
                },
                {
                  "status": "affected",
                  "version": "10.5(1)"
                },
                {
                  "status": "affected",
                  "version": "11.6(1)"
                },
                {
                  "status": "affected",
                  "version": "10.6(1)"
                },
                {
                  "status": "affected",
                  "version": "12.0(1)ES04"
                },
                {
                  "status": "affected",
                  "version": "10.6(2)"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)"
                },
                {
                  "status": "affected",
                  "version": "11.6(2)"
                },
                {
                  "status": "affected",
                  "version": "12.0(1)"
                },
                {
                  "status": "affected",
                  "version": "12.0(1)ES02"
                },
                {
                  "status": "affected",
                  "version": "11.0(1)"
                },
                {
                  "status": "affected",
                  "version": "11.5(1)"
                },
                {
                  "status": "affected",
                  "version": "11.5(1)SU1"
                },
                {
                  "status": "affected",
                  "version": "12.0(1)ES03"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)SU3"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)SU1"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)SU2"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Cisco Unified Communications Manager",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "12.5(1)SU2"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)SU1"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)SU3"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)SU4"
                },
                {
                  "status": "affected",
                  "version": "14"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)SU5"
                },
                {
                  "status": "affected",
                  "version": "14SU1"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)SU6"
                },
                {
                  "status": "affected",
                  "version": "14SU2"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)SU7"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)SU7a"
                },
                {
                  "status": "affected",
                  "version": "14SU3"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)SU8"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)SU8a"
                },
                {
                  "status": "affected",
                  "version": "15"
                },
                {
                  "status": "affected",
                  "version": "15SU1"
                },
                {
                  "status": "affected",
                  "version": "14SU4"
                },
                {
                  "status": "affected",
                  "version": "14SU4a"
                },
                {
                  "status": "affected",
                  "version": "15SU1a"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)SU9"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Cisco Unified Communications Manager IM and Presence Service",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "12.5(1)"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)SU1"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)SU2"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)SU3"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)SU4"
                },
                {
                  "status": "affected",
                  "version": "14"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)SU5"
                },
                {
                  "status": "affected",
                  "version": "14SU1"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)SU6"
                },
                {
                  "status": "affected",
                  "version": "14SU2"
                },
                {
                  "status": "affected",
                  "version": "14SU2a"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)SU7"
                },
                {
                  "status": "affected",
                  "version": "14SU3"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)SU8"
                },
                {
                  "status": "affected",
                  "version": "15"
                },
                {
                  "status": "affected",
                  "version": "15SU1"
                },
                {
                  "status": "affected",
                  "version": "14SU4"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)SU9"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Cisco Unified Contact Center Express",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "10.5(1)SU1"
                },
                {
                  "status": "affected",
                  "version": "10.6(1)"
                },
                {
                  "status": "affected",
                  "version": "11.6(1)"
                },
                {
                  "status": "affected",
                  "version": "10.6(1)SU1"
                },
                {
                  "status": "affected",
                  "version": "10.6(1)SU3"
                },
                {
                  "status": "affected",
                  "version": "11.6(2)"
                },
                {
                  "status": "affected",
                  "version": "12.0(1)"
                },
                {
                  "status": "affected",
                  "version": "10.0(1)SU1"
                },
                {
                  "status": "affected",
                  "version": "11.0(1)SU1"
                },
                {
                  "status": "affected",
                  "version": "11.5(1)SU1"
                },
                {
                  "status": "affected",
                  "version": "10.5(1)"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)SU1"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)SU2"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)SU3"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)_SU03_ES01"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)_SU03_ES02"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)_SU02_ES03"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)_SU02_ES04"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)_SU02_ES02"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)_SU01_ES02"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)_SU01_ES03"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)_SU02_ES01"
                },
                {
                  "status": "affected",
                  "version": "11.6(2)ES07"
                },
                {
                  "status": "affected",
                  "version": "11.6(2)ES08"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)_SU01_ES01"
                },
                {
                  "status": "affected",
                  "version": "12.0(1)ES04"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)ES02"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)ES03"
                },
                {
                  "status": "affected",
                  "version": "11.6(2)ES06"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)ES01"
                },
                {
                  "status": "affected",
                  "version": "12.0(1)ES03"
                },
                {
                  "status": "affected",
                  "version": "12.0(1)ES01"
                },
                {
                  "status": "affected",
                  "version": "11.6(2)ES05"
                },
                {
                  "status": "affected",
                  "version": "12.0(1)ES02"
                },
                {
                  "status": "affected",
                  "version": "11.6(2)ES04"
                },
                {
                  "status": "affected",
                  "version": "11.6(2)ES03"
                },
                {
                  "status": "affected",
                  "version": "11.6(2)ES02"
                },
                {
                  "status": "affected",
                  "version": "11.6(2)ES01"
                },
                {
                  "status": "affected",
                  "version": "10.6(1)SU3ES03"
                },
                {
                  "status": "affected",
                  "version": "11.0(1)SU1ES03"
                },
                {
                  "status": "affected",
                  "version": "10.6(1)SU3ES01"
                },
                {
                  "status": "affected",
                  "version": "10.5(1)SU1ES10"
                },
                {
                  "status": "affected",
                  "version": "10.0(1)SU1ES04"
                },
                {
                  "status": "affected",
                  "version": "11.5(1)SU1ES03"
                },
                {
                  "status": "affected",
                  "version": "11.6(1)ES02"
                },
                {
                  "status": "affected",
                  "version": "11.5(1)ES01"
                },
                {
                  "status": "affected",
                  "version": "9.0(2)SU3ES04"
                },
                {
                  "status": "affected",
                  "version": "10.6(1)SU2"
                },
                {
                  "status": "affected",
                  "version": "10.6(1)SU2ES04"
                },
                {
                  "status": "affected",
                  "version": "11.6(1)ES01"
                },
                {
                  "status": "affected",
                  "version": "10.6(1)SU3ES02"
                },
                {
                  "status": "affected",
                  "version": "11.5(1)SU1ES02"
                },
                {
                  "status": "affected",
                  "version": "11.5(1)SU1ES01"
                },
                {
                  "status": "affected",
                  "version": "8.5(1)SU4ES09"
                },
                {
                  "status": "affected",
                  "version": "8.5(1)"
                },
                {
                  "status": "affected",
                  "version": "11.0(1)SU1ES02"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)_SU03_ES03"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)_SU03_ES04"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)_SU03_ES05"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)_SU03_ES06"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Cisco Unified Intelligence Center",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "11.6(1)"
                },
                {
                  "status": "affected",
                  "version": "10.5(1)"
                },
                {
                  "status": "affected",
                  "version": "11.0(1)"
                },
                {
                  "status": "affected",
                  "version": "11.5(1)"
                },
                {
                  "status": "affected",
                  "version": "12.0(1)"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)"
                },
                {
                  "status": "affected",
                  "version": "11.0(2)"
                },
                {
                  "status": "affected",
                  "version": "12.6(1)"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)SU"
                },
                {
                  "status": "affected",
                  "version": "12.6(1)_ET"
                },
                {
                  "status": "affected",
                  "version": "12.6(1)_ES05_ET"
                },
                {
                  "status": "affected",
                  "version": "11.0(3)"
                },
                {
                  "status": "affected",
                  "version": "12.6(2)"
                },
                {
                  "status": "affected",
                  "version": "12.6(2)_504_Issue_ET"
                },
                {
                  "status": "affected",
                  "version": "12.6.1_ExcelIssue_ET"
                },
                {
                  "status": "affected",
                  "version": "12.6(2)_Permalink_ET"
                },
                {
                  "status": "affected",
                  "version": "12.6.2_CSCwk19536_ET"
                },
                {
                  "status": "affected",
                  "version": "12.6.2_CSCwm96922_ET"
                },
                {
                  "status": "affected",
                  "version": "12.6.2_Amq_OOS_ET"
                },
                {
                  "status": "affected",
                  "version": "12.5(2)ET_CSCwi79933"
                },
                {
                  "status": "affected",
                  "version": "12.6(2)_ET"
                },
                {
                  "status": "affected",
                  "version": "12.6.2_CSCwn48501_ET"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Cisco Unity Connection",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "12.5(1)"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)SU1"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)SU2"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)SU3"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)SU4"
                },
                {
                  "status": "affected",
                  "version": "14"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)SU5"
                },
                {
                  "status": "affected",
                  "version": "14SU1"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)SU6"
                },
                {
                  "status": "affected",
                  "version": "14SU2"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)SU7"
                },
                {
                  "status": "affected",
                  "version": "14SU3"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)SU8"
                },
                {
                  "status": "affected",
                  "version": "14SU3a"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)SU8a"
                },
                {
                  "status": "affected",
                  "version": "15"
                },
                {
                  "status": "affected",
                  "version": "15SU1"
                },
                {
                  "status": "affected",
                  "version": "14SU4"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)SU9"
                }
              ]
            },
            {
              "defaultStatus": "unknown",
              "product": "Cisco Virtualized Voice Browser",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "11.0(1)"
                },
                {
                  "status": "affected",
                  "version": "11.6(1)_ES84"
                },
                {
                  "status": "affected",
                  "version": "11.5(1)_ES54"
                },
                {
                  "status": "affected",
                  "version": "11.5(1)_ES27"
                },
                {
                  "status": "affected",
                  "version": "11.5(1)"
                },
                {
                  "status": "affected",
                  "version": "11.5(1)ES36"
                },
                {
                  "status": "affected",
                  "version": "12.0(1)_ES01"
                },
                {
                  "status": "affected",
                  "version": "11.6(1)_ES85"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)_ES05"
                },
                {
                  "status": "affected",
                  "version": "11.5(1)_ES32"
                },
                {
                  "status": "affected",
                  "version": "11.6(1)_ES83"
                },
                {
                  "status": "affected",
                  "version": "11.5(1)_ES29"
                },
                {
                  "status": "affected",
                  "version": "12.0(1)_ES06"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)"
                },
                {
                  "status": "affected",
                  "version": "12.0(1)_ES07"
                },
                {
                  "status": "affected",
                  "version": "11.6(1)_ES80"
                },
                {
                  "status": "affected",
                  "version": "12.0(1)_ES05"
                },
                {
                  "status": "affected",
                  "version": "11.5(1)_ES36"
                },
                {
                  "status": "affected",
                  "version": "11.5(1)_ES53"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)_ES08"
                },
                {
                  "status": "affected",
                  "version": "11.5(1)ES43"
                },
                {
                  "status": "affected",
                  "version": "12.0(1)_ES03"
                },
                {
                  "status": "affected",
                  "version": "11.6(1)_ES86"
                },
                {
                  "status": "affected",
                  "version": "12.0(1)_ES04"
                },
                {
                  "status": "affected",
                  "version": "11.5(1)ES27"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)_ES03"
                },
                {
                  "status": "affected",
                  "version": "11.6(1)_ES88"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)_ES06"
                },
                {
                  "status": "affected",
                  "version": "11.6(1)_ES82"
                },
                {
                  "status": "affected",
                  "version": "11.6(1)"
                },
                {
                  "status": "affected",
                  "version": "11.5(1)ES29"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)_ES04"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)_ES07"
                },
                {
                  "status": "affected",
                  "version": "11.6(1)_ES87"
                },
                {
                  "status": "affected",
                  "version": "11.6(1)_ES81"
                },
                {
                  "status": "affected",
                  "version": "12.0(1)"
                },
                {
                  "status": "affected",
                  "version": "11.6(1)_ES22"
                },
                {
                  "status": "affected",
                  "version": "11.5(1)_ES43"
                },
                {
                  "status": "affected",
                  "version": "11.5(1)ES32"
                },
                {
                  "status": "affected",
                  "version": "12.0(1)_ES02"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)_ES02"
                },
                {
                  "status": "affected",
                  "version": "12.6(1)"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)_ES09"
                },
                {
                  "status": "affected",
                  "version": "12.6(1)_ES01"
                },
                {
                  "status": "affected",
                  "version": "12.0(1)_ES08"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)_ES10"
                },
                {
                  "status": "affected",
                  "version": "12.6(1)_ES02"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)_ES11"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)_ES12"
                },
                {
                  "status": "affected",
                  "version": "12.6(1)_ES03"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)_ES13"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)_ES14"
                },
                {
                  "status": "affected",
                  "version": "12.6(1)_ES04"
                },
                {
                  "status": "affected",
                  "version": "12.6(1)_ES05"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)_ES15"
                },
                {
                  "status": "affected",
                  "version": "12.6(1)_ES06"
                },
                {
                  "status": "affected",
                  "version": "12.6(1)_ET"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)_ES16"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)SU"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)_SU"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)_SU_ES01"
                },
                {
                  "status": "affected",
                  "version": "12.6(1)_ES07"
                },
                {
                  "status": "affected",
                  "version": "12.6(2)"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)_ES17"
                },
                {
                  "status": "affected",
                  "version": "12.6(1)_ES08"
                },
                {
                  "status": "affected",
                  "version": "12.6(1)_ES09"
                },
                {
                  "status": "affected",
                  "version": "12.6(1)_ES10"
                },
                {
                  "status": "affected",
                  "version": "12.5(1)_SU_ES02"
                },
                {
                  "status": "affected",
                  "version": "12.6(2)_ES01"
                },
                {
                  "status": "affected",
                  "version": "12.6(2)_ET01"
                },
                {
                  "status": "affected",
                  "version": "12.5(2)_ET"
                },
                {
                  "status": "affected",
                  "version": "12.6(2)_ES02"
                },
                {
                  "status": "affected",
                  "version": "12.6(2)_ET_Streaming"
                },
                {
                  "status": "affected",
                  "version": "12.6(2)ET_Transcribe"
                },
                {
                  "status": "affected",
                  "version": "12.6(2)_ES03"
                },
                {
                  "status": "affected",
                  "version": "12.6(2)ET_NuanceMix"
                },
                {
                  "status": "affected",
                  "version": "12.6(2)ET_FileUpload"
                },
                {
                  "status": "affected",
                  "version": "12.6(2)_ET02"
                },
                {
                  "status": "affected",
                  "version": "12.6(2)_ES04"
                },
                {
                  "status": "affected",
                  "version": "12.6.2ET_RTPfallback"
                },
                {
                  "status": "affected",
                  "version": "12.6.2ET_CSCwf55306"
                },
                {
                  "status": "affected",
                  "version": "12.6.2_ET_CSCwj36712"
                },
                {
                  "status": "affected",
                  "version": "12.5.2 ET-CSCwj33374"
                },
                {
                  "status": "affected",
                  "version": "12.5(1) SU ET"
                },
                {
                  "status": "affected",
                  "version": "12.6(2)ET_CSCwj87296"
                },
                {
                  "status": "affected",
                  "version": "12.6(2)_ES05"
                },
                {
                  "status": "affected",
                  "version": "12.5.2_ET_CSCvz27014"
                },
                {
                  "status": "affected",
                  "version": "12.6(2)_ET"
                },
                {
                  "status": "affected",
                  "version": "12.6.2-ET"
                },
                {
                  "status": "affected",
                  "version": "12.6(2)ET_CSCwk83135"
                },
                {
                  "status": "affected",
                  "version": "12.6.2_ET_CX_ALAW"
                },
                {
                  "status": "affected",
                  "version": "12.6.2-ET01-SSL"
                },
                {
                  "status": "affected",
                  "version": "12.6(2)_ES06"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability in multiple Cisco Unified Communications and Contact Center Solutions products could allow an authenticated, local attacker to elevate privileges to root on an affected device.\r\n\r\nThis vulnerability is due to excessive permissions that have been assigned to system commands.\u0026nbsp;An attacker could exploit this vulnerability by executing crafted commands on the underlying operating system. A successful exploit could allow the attacker to escape the restricted shell and gain root privileges on the underlying operating system of an affected device. To successfully exploit this vulnerability, an attacker would need administrative access to the ESXi hypervisor."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "NONE",
                "baseScore": 5.1,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:H/A:N",
                "version": "3.1"
              },
              "format": "cvssV3_1"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-268",
                  "description": "Privilege Chaining",
                  "lang": "en",
                  "type": "cwe"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-05-21T16:19:24.562Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "cisco-sa-cucm-kkhZbHR5",
              "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cucm-kkhZbHR5"
            }
          ],
          "source": {
            "advisory": "cisco-sa-cucm-kkhZbHR5",
            "defects": [
              "CSCwi52980"
            ],
            "discovery": "EXTERNAL"
          },
          "title": "Cisco Unified Communications Products Privilege Escalation Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2025-20112",
        "datePublished": "2025-05-21T16:19:24.562Z",
        "dateReserved": "2024-10-10T19:15:13.210Z",
        "dateUpdated": "2026-02-26T18:28:03.732Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2024-20405 (GCVE-0-2024-20405)

    Vulnerability from cvelistv5 – Published: 2024-06-05 16:15 – Updated: 2024-08-01 21:59
    VLAI
    Summary
    A vulnerability in the web-based management interface of Cisco Finesse could allow an unauthenticated, remote attacker to conduct a stored XSS attack by exploiting an RFI vulnerability. This vulnerability is due to insufficient validation of user-supplied input for specific HTTP requests that are sent to an affected device. An attacker could exploit this vulnerability by persuading a user to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive information on the affected device.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-20 - Improper Input Validation
    Assigner
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-20405",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-06-07T17:17:33.480316Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-06-07T17:17:41.695Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-01T21:59:42.434Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "cisco-sa-finesse-ssrf-rfi-Um7wT8Ew",
                "tags": [
                  "x_transferred"
                ],
                "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-finesse-ssrf-rfi-Um7wT8Ew"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Cisco Unified Contact Center Enterprise",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "N/A"
                }
              ]
            },
            {
              "product": "Cisco Unified Contact Center Express",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "N/A"
                }
              ]
            },
            {
              "product": "Cisco Finesse",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "12.6(2)"
                },
                {
                  "status": "affected",
                  "version": "12.6(2)ES1"
                },
                {
                  "status": "affected",
                  "version": "12.6(2)ES2"
                }
              ]
            },
            {
              "product": "Cisco Packaged Contact Center Enterprise",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "N/A"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability in the web-based management interface of Cisco Finesse could allow an unauthenticated, remote attacker to conduct a stored XSS attack by exploiting an RFI vulnerability. \r\n\r This vulnerability is due to insufficient validation of user-supplied input for specific HTTP requests that are sent to an affected device. An attacker could exploit this vulnerability by persuading a user to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive information on the affected device."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 4.8,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "LOW",
                "privilegesRequired": "HIGH",
                "scope": "CHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
                "version": "3.1"
              },
              "format": "cvssV3_1"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-20",
                  "description": "Improper Input Validation",
                  "lang": "en",
                  "type": "cwe"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-06-05T16:15:22.185Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "cisco-sa-finesse-ssrf-rfi-Um7wT8Ew",
              "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-finesse-ssrf-rfi-Um7wT8Ew"
            }
          ],
          "source": {
            "advisory": "cisco-sa-finesse-ssrf-rfi-Um7wT8Ew",
            "defects": [
              "CSCwh95276"
            ],
            "discovery": "EXTERNAL"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2024-20405",
        "datePublished": "2024-06-05T16:15:22.185Z",
        "dateReserved": "2023-11-08T15:08:07.661Z",
        "dateUpdated": "2024-08-01T21:59:42.434Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-20404 (GCVE-0-2024-20404)

    Vulnerability from cvelistv5 – Published: 2024-06-05 16:14 – Updated: 2024-08-01 21:59
    Summary
    A vulnerability in the web-based management interface of Cisco Finesse could allow an unauthenticated, remote attacker to conduct an SSRF attack on an affected system. This vulnerability is due to insufficient validation of user-supplied input for specific HTTP requests that are sent to an affected system. An attacker could exploit this vulnerability by sending a crafted HTTP request to the affected device. A successful exploit could allow the attacker to obtain limited sensitive information for services that are associated to the affected device.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-918 - Server-Side Request Forgery (SSRF)
    Assigner
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-20404",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-06-05T18:11:49.476249Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-06-05T18:12:02.959Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-01T21:59:42.723Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "cisco-sa-finesse-ssrf-rfi-Um7wT8Ew",
                "tags": [
                  "x_transferred"
                ],
                "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-finesse-ssrf-rfi-Um7wT8Ew"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Cisco Unified Contact Center Enterprise",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "N/A"
                }
              ]
            },
            {
              "product": "Cisco Unified Contact Center Express",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "N/A"
                }
              ]
            },
            {
              "product": "Cisco Finesse",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "12.6(2)"
                },
                {
                  "status": "affected",
                  "version": "12.6(2)ES1"
                },
                {
                  "status": "affected",
                  "version": "12.6(2)ES2"
                }
              ]
            },
            {
              "product": "Cisco Packaged Contact Center Enterprise",
              "vendor": "Cisco",
              "versions": [
                {
                  "status": "affected",
                  "version": "N/A"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability in the web-based management interface of Cisco Finesse could allow an unauthenticated, remote attacker to conduct an SSRF attack on an affected system.\r\n\r This vulnerability is due to insufficient validation of user-supplied input for specific HTTP requests that are sent to an affected system. An attacker could exploit this vulnerability by sending a crafted HTTP request to the affected device. A successful exploit could allow the attacker to obtain limited sensitive information for services that are associated to the affected device."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 7.2,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "LOW",
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N",
                "version": "3.1"
              },
              "format": "cvssV3_1"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-918",
                  "description": "Server-Side Request Forgery (SSRF)",
                  "lang": "en",
                  "type": "cwe"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-06-05T16:14:23.637Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "cisco-sa-finesse-ssrf-rfi-Um7wT8Ew",
              "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-finesse-ssrf-rfi-Um7wT8Ew"
            }
          ],
          "source": {
            "advisory": "cisco-sa-finesse-ssrf-rfi-Um7wT8Ew",
            "defects": [
              "CSCwh95292"
            ],
            "discovery": "EXTERNAL"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2024-20404",
        "datePublished": "2024-06-05T16:14:23.637Z",
        "dateReserved": "2023-11-08T15:08:07.661Z",
        "dateUpdated": "2024-08-01T21:59:42.723Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2020-3159 (GCVE-0-2020-3159)

    Vulnerability from cvelistv5 – Published: 2020-02-19 19:15 – Updated: 2024-11-15 17:41
    VLAI
    Title
    Cisco Finesse Web-Based Management Interface Cross-Site Scripting Vulnerability
    Summary
    A vulnerability in the web-based management interface of Cisco Finesse could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of the affected software. The vulnerability is due to insufficient validation of user-supplied input by the web-based management interface of the affected software. An attacker could exploit this vulnerability by persuading a user to click a malicious link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    References
    URL Tags
    https://tools.cisco.com/security/center/content/C… vendor-advisoryx_refsource_CISCO
    Impacted products
    Vendor Product Version
    Cisco Cisco Finesse Affected: unspecified , < n/a (custom)
    Create a notification for this product.
    Date Public
    2020-02-19 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T07:24:00.673Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "20200219 Cisco Finesse Web-Based Management Interface Cross-Site Scripting Vulnerability",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_CISCO",
                  "x_transferred"
                ],
                "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-finesse-xss-6OgfQkUT"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2020-3159",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-11-15T16:29:24.836499Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-11-15T17:41:05.357Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Cisco Finesse",
              "vendor": "Cisco",
              "versions": [
                {
                  "lessThan": "n/a",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "datePublic": "2020-02-19T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability in the web-based management interface of Cisco Finesse could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of the affected software. The vulnerability is due to insufficient validation of user-supplied input by the web-based management interface of the affected software. An attacker could exploit this vulnerability by persuading a user to click a malicious link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 6.1,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "scope": "CHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
                "version": "3.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-79",
                  "description": "CWE-79",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2020-02-19T19:15:33.000Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "20200219 Cisco Finesse Web-Based Management Interface Cross-Site Scripting Vulnerability",
              "tags": [
                "vendor-advisory",
                "x_refsource_CISCO"
              ],
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-finesse-xss-6OgfQkUT"
            }
          ],
          "source": {
            "advisory": "cisco-sa-finesse-xss-6OgfQkUT",
            "defect": [
              [
                "CSCvp73107"
              ]
            ],
            "discovery": "INTERNAL"
          },
          "title": "Cisco Finesse Web-Based Management Interface Cross-Site Scripting Vulnerability",
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@cisco.com",
              "DATE_PUBLIC": "2020-02-19T16:00:00-0800",
              "ID": "CVE-2020-3159",
              "STATE": "PUBLIC",
              "TITLE": "Cisco Finesse Web-Based Management Interface Cross-Site Scripting Vulnerability"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Cisco Finesse",
                          "version": {
                            "version_data": [
                              {
                                "affected": "\u003c",
                                "version_affected": "\u003c",
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Cisco"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "A vulnerability in the web-based management interface of Cisco Finesse could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of the affected software. The vulnerability is due to insufficient validation of user-supplied input by the web-based management interface of the affected software. An attacker could exploit this vulnerability by persuading a user to click a malicious link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information."
                }
              ]
            },
            "exploit": [
              {
                "lang": "en",
                "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
              }
            ],
            "impact": {
              "cvss": {
                "baseScore": "6.1",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
                "version": "3.0"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-79"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "20200219 Cisco Finesse Web-Based Management Interface Cross-Site Scripting Vulnerability",
                  "refsource": "CISCO",
                  "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-finesse-xss-6OgfQkUT"
                }
              ]
            },
            "source": {
              "advisory": "cisco-sa-finesse-xss-6OgfQkUT",
              "defect": [
                [
                  "CSCvp73107"
                ]
              ],
              "discovery": "INTERNAL"
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2020-3159",
        "datePublished": "2020-02-19T19:15:33.192Z",
        "dateReserved": "2019-12-12T00:00:00.000Z",
        "dateUpdated": "2024-11-15T17:41:05.357Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2019-15278 (GCVE-0-2019-15278)

    Vulnerability from cvelistv5 – Published: 2020-01-26 04:50 – Updated: 2024-11-15 17:43
    VLAI
    Title
    Cisco Finesse Cross-Site Scripting Vulnerability
    Summary
    A vulnerability in the web-based management interface of Cisco Finesse could allow an unauthenticated, remote attacker to bypass authorization and access sensitive information related to the device. The vulnerability exists because the software fails to sanitize URLs before it handles requests. An attacker could exploit this vulnerability by submitting a crafted URL. A successful exploit could allow the attacker to gain unauthorized access to sensitive information.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    References
    URL Tags
    https://tools.cisco.com/security/center/content/C… vendor-advisoryx_refsource_CISCO
    Impacted products
    Vendor Product Version
    Cisco Cisco Finesse Affected: unspecified , < n/a (custom)
    Create a notification for this product.
    Date Public
    2020-01-08 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T00:42:03.999Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "20200108 Cisco Finesse Cross-Site Scripting Vulnerability",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_CISCO",
                  "x_transferred"
                ],
                "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200108-finesse-xss"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2019-15278",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-11-15T16:29:37.761306Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-11-15T17:43:47.348Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Cisco Finesse",
              "vendor": "Cisco",
              "versions": [
                {
                  "lessThan": "n/a",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "datePublic": "2020-01-08T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability in the web-based management interface of Cisco Finesse could allow an unauthenticated, remote attacker to bypass authorization and access sensitive information related to the device. The vulnerability exists because the software fails to sanitize URLs before it handles requests. An attacker could exploit this vulnerability by submitting a crafted URL. A successful exploit could allow the attacker to gain unauthorized access to sensitive information."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 6.1,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "scope": "CHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
                "version": "3.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-79",
                  "description": "CWE-79",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2020-01-26T04:50:14.000Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "20200108 Cisco Finesse Cross-Site Scripting Vulnerability",
              "tags": [
                "vendor-advisory",
                "x_refsource_CISCO"
              ],
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200108-finesse-xss"
            }
          ],
          "source": {
            "advisory": "cisco-sa-20200108-finesse-xss",
            "defect": [
              [
                "CSCvr19591",
                "CSCvr33151"
              ]
            ],
            "discovery": "INTERNAL"
          },
          "title": "Cisco Finesse Cross-Site Scripting Vulnerability",
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@cisco.com",
              "DATE_PUBLIC": "2020-01-08T16:00:00-0800",
              "ID": "CVE-2019-15278",
              "STATE": "PUBLIC",
              "TITLE": "Cisco Finesse Cross-Site Scripting Vulnerability"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Cisco Finesse",
                          "version": {
                            "version_data": [
                              {
                                "affected": "\u003c",
                                "version_affected": "\u003c",
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Cisco"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "A vulnerability in the web-based management interface of Cisco Finesse could allow an unauthenticated, remote attacker to bypass authorization and access sensitive information related to the device. The vulnerability exists because the software fails to sanitize URLs before it handles requests. An attacker could exploit this vulnerability by submitting a crafted URL. A successful exploit could allow the attacker to gain unauthorized access to sensitive information."
                }
              ]
            },
            "exploit": [
              {
                "lang": "en",
                "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
              }
            ],
            "impact": {
              "cvss": {
                "baseScore": "6.1",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
                "version": "3.0"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-79"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "20200108 Cisco Finesse Cross-Site Scripting Vulnerability",
                  "refsource": "CISCO",
                  "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200108-finesse-xss"
                }
              ]
            },
            "source": {
              "advisory": "cisco-sa-20200108-finesse-xss",
              "defect": [
                [
                  "CSCvr19591",
                  "CSCvr33151"
                ]
              ],
              "discovery": "INTERNAL"
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2019-15278",
        "datePublished": "2020-01-26T04:50:14.717Z",
        "dateReserved": "2019-08-20T00:00:00.000Z",
        "dateUpdated": "2024-11-15T17:43:47.348Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2019-12632 (GCVE-0-2019-12632)

    Vulnerability from cvelistv5 – Published: 2019-09-05 01:15 – Updated: 2024-11-19 18:57
    VLAI
    Title
    Cisco Finesse Request Processing Server-Side Request Forgery Vulnerability
    Summary
    A vulnerability in Cisco Finesse could allow an unauthenticated, remote attacker to bypass access controls and conduct a server-side request forgery (SSRF) attack on an affected system. The vulnerability exists because the affected system does not properly validate user-supplied input. An attacker could exploit this vulnerability by sending a crafted request to a user of the web application. A successful exploit could allow the attacker to access the system and perform unauthorized actions.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    References
    URL Tags
    https://tools.cisco.com/security/center/content/C… vendor-advisoryx_refsource_CISCO
    Impacted products
    Vendor Product Version
    Cisco Cisco Finesse Affected: unspecified , < 12.0(1)ES01 (custom)
    Create a notification for this product.
    Date Public
    2019-09-04 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T23:24:39.208Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "20190904 Cisco Finesse Request Processing Server-Side Request Forgery Vulnerability",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_CISCO",
                  "x_transferred"
                ],
                "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190904-finesse-ssrf"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2019-12632",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-11-19T17:23:12.181887Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-11-19T18:57:28.338Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Cisco Finesse",
              "vendor": "Cisco",
              "versions": [
                {
                  "lessThan": "12.0(1)ES01",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "datePublic": "2019-09-04T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability in Cisco Finesse could allow an unauthenticated, remote attacker to bypass access controls and conduct a server-side request forgery (SSRF) attack on an affected system. The vulnerability exists because the affected system does not properly validate user-supplied input. An attacker could exploit this vulnerability by sending a crafted request to a user of the web application. A successful exploit could allow the attacker to access the system and perform unauthorized actions."
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 5.3,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
                "version": "3.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-20",
                  "description": "CWE-20",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2019-09-05T01:15:16.000Z",
            "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
            "shortName": "cisco"
          },
          "references": [
            {
              "name": "20190904 Cisco Finesse Request Processing Server-Side Request Forgery Vulnerability",
              "tags": [
                "vendor-advisory",
                "x_refsource_CISCO"
              ],
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190904-finesse-ssrf"
            }
          ],
          "source": {
            "advisory": "cisco-sa-20190904-finesse-ssrf",
            "defect": [
              [
                "CSCvo92074"
              ]
            ],
            "discovery": "INTERNAL"
          },
          "title": "Cisco Finesse Request Processing Server-Side Request Forgery Vulnerability",
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@cisco.com",
              "DATE_PUBLIC": "2019-09-04T16:00:00-0700",
              "ID": "CVE-2019-12632",
              "STATE": "PUBLIC",
              "TITLE": "Cisco Finesse Request Processing Server-Side Request Forgery Vulnerability"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Cisco Finesse",
                          "version": {
                            "version_data": [
                              {
                                "affected": "\u003c",
                                "version_affected": "\u003c",
                                "version_value": "12.0(1)ES01"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Cisco"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "A vulnerability in Cisco Finesse could allow an unauthenticated, remote attacker to bypass access controls and conduct a server-side request forgery (SSRF) attack on an affected system. The vulnerability exists because the affected system does not properly validate user-supplied input. An attacker could exploit this vulnerability by sending a crafted request to a user of the web application. A successful exploit could allow the attacker to access the system and perform unauthorized actions."
                }
              ]
            },
            "exploit": [
              {
                "lang": "en",
                "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
              }
            ],
            "impact": {
              "cvss": {
                "baseScore": "5.3",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
                "version": "3.0"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-20"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "20190904 Cisco Finesse Request Processing Server-Side Request Forgery Vulnerability",
                  "refsource": "CISCO",
                  "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190904-finesse-ssrf"
                }
              ]
            },
            "source": {
              "advisory": "cisco-sa-20190904-finesse-ssrf",
              "defect": [
                [
                  "CSCvo92074"
                ]
              ],
              "discovery": "INTERNAL"
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "assignerShortName": "cisco",
        "cveId": "CVE-2019-12632",
        "datePublished": "2019-09-05T01:15:16.226Z",
        "dateReserved": "2019-06-04T00:00:00.000Z",
        "dateUpdated": "2024-11-19T18:57:28.338Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }