Search
Find a vulnerability
Search criteria
72 vulnerabilities found for Cisco Unified Contact Center Express by Cisco
CVE-2026-20117 (GCVE-0-2026-20117)
Vulnerability from nvd ā Published: 2026-03-11 16:31 ā Updated: 2026-03-11 17:20
VLAI
Title
Multiple Cisco Contact Center Products Cross-Site Scripting Vulnerabilities
Summary
A vulnerability in the web-based management interface of Cisco Unified Contact Center Express (Unified CCX) could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface.
This vulnerability exists because the web-based management interface of an affected system does not sufficiently validate user-supplied input. An attacker could exploit this vulnerability by injecting malicious code into specific pages of the interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information.
Severity
6.1 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Cisco | Cisco Unified Contact Center Express |
Affected:
10.5(1)SU1
Affected: 10.6(1) Affected: 11.6(1) Affected: 10.6(1)SU1 Affected: 10.6(1)SU3 Affected: 11.6(2) Affected: 12.0(1) Affected: 11.0(1)SU1 Affected: 11.5(1)SU1 Affected: 10.5(1) Affected: 12.5(1) Affected: 12.5(1)SU1 Affected: 12.5(1)SU2 Affected: 12.5(1)SU3 Affected: 12.5(1)_SU03_ES01 Affected: 12.5(1)_SU03_ES02 Affected: 12.5(1)_SU02_ES03 Affected: 12.5(1)_SU02_ES04 Affected: 12.5(1)_SU02_ES02 Affected: 12.5(1)_SU01_ES02 Affected: 12.5(1)_SU01_ES03 Affected: 12.5(1)_SU02_ES01 Affected: 11.6(2)ES07 Affected: 11.6(2)ES08 Affected: 12.5(1)_SU01_ES01 Affected: 12.0(1)ES04 Affected: 12.5(1)ES02 Affected: 12.5(1)ES03 Affected: 11.6(2)ES06 Affected: 12.5(1)ES01 Affected: 12.0(1)ES03 Affected: 12.0(1)ES01 Affected: 11.6(2)ES05 Affected: 12.0(1)ES02 Affected: 11.6(2)ES04 Affected: 11.6(2)ES03 Affected: 11.6(2)ES02 Affected: 11.6(2)ES01 Affected: 10.6(1)SU3ES03 Affected: 11.0(1)SU1ES03 Affected: 10.6(1)SU3ES01 Affected: 10.5(1)SU1ES10 Affected: 11.5(1)SU1ES03 Affected: 11.6(1)ES02 Affected: 11.5(1)ES01 Affected: 10.6(1)SU2 Affected: 10.6(1)SU2ES04 Affected: 11.6(1)ES01 Affected: 10.6(1)SU3ES02 Affected: 11.5(1)SU1ES02 Affected: 11.5(1)SU1ES01 Affected: 11.0(1)SU1ES02 Affected: 12.5(1)_SU03_ES03 Affected: 12.5(1)_SU03_ES04 Affected: 12.5(1)_SU03_ES05 Affected: UCCX 15.0.1 Affected: 12.5(1)_SU03_ES06 Affected: 12.5(1)_SU03_ES07 Affected: 15.0(1) Affected: 15.0(1)ES01 Affected: 15.0(1)ES-MSOauth Affected: 1501_ES01_CSCws06843 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-20117",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-11T17:05:14.798354Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-03-11T17:20:21.169Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Cisco Unified Contact Center Express",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "10.5(1)SU1"
},
{
"status": "affected",
"version": "10.6(1)"
},
{
"status": "affected",
"version": "11.6(1)"
},
{
"status": "affected",
"version": "10.6(1)SU1"
},
{
"status": "affected",
"version": "10.6(1)SU3"
},
{
"status": "affected",
"version": "11.6(2)"
},
{
"status": "affected",
"version": "12.0(1)"
},
{
"status": "affected",
"version": "11.0(1)SU1"
},
{
"status": "affected",
"version": "11.5(1)SU1"
},
{
"status": "affected",
"version": "10.5(1)"
},
{
"status": "affected",
"version": "12.5(1)"
},
{
"status": "affected",
"version": "12.5(1)SU1"
},
{
"status": "affected",
"version": "12.5(1)SU2"
},
{
"status": "affected",
"version": "12.5(1)SU3"
},
{
"status": "affected",
"version": "12.5(1)_SU03_ES01"
},
{
"status": "affected",
"version": "12.5(1)_SU03_ES02"
},
{
"status": "affected",
"version": "12.5(1)_SU02_ES03"
},
{
"status": "affected",
"version": "12.5(1)_SU02_ES04"
},
{
"status": "affected",
"version": "12.5(1)_SU02_ES02"
},
{
"status": "affected",
"version": "12.5(1)_SU01_ES02"
},
{
"status": "affected",
"version": "12.5(1)_SU01_ES03"
},
{
"status": "affected",
"version": "12.5(1)_SU02_ES01"
},
{
"status": "affected",
"version": "11.6(2)ES07"
},
{
"status": "affected",
"version": "11.6(2)ES08"
},
{
"status": "affected",
"version": "12.5(1)_SU01_ES01"
},
{
"status": "affected",
"version": "12.0(1)ES04"
},
{
"status": "affected",
"version": "12.5(1)ES02"
},
{
"status": "affected",
"version": "12.5(1)ES03"
},
{
"status": "affected",
"version": "11.6(2)ES06"
},
{
"status": "affected",
"version": "12.5(1)ES01"
},
{
"status": "affected",
"version": "12.0(1)ES03"
},
{
"status": "affected",
"version": "12.0(1)ES01"
},
{
"status": "affected",
"version": "11.6(2)ES05"
},
{
"status": "affected",
"version": "12.0(1)ES02"
},
{
"status": "affected",
"version": "11.6(2)ES04"
},
{
"status": "affected",
"version": "11.6(2)ES03"
},
{
"status": "affected",
"version": "11.6(2)ES02"
},
{
"status": "affected",
"version": "11.6(2)ES01"
},
{
"status": "affected",
"version": "10.6(1)SU3ES03"
},
{
"status": "affected",
"version": "11.0(1)SU1ES03"
},
{
"status": "affected",
"version": "10.6(1)SU3ES01"
},
{
"status": "affected",
"version": "10.5(1)SU1ES10"
},
{
"status": "affected",
"version": "11.5(1)SU1ES03"
},
{
"status": "affected",
"version": "11.6(1)ES02"
},
{
"status": "affected",
"version": "11.5(1)ES01"
},
{
"status": "affected",
"version": "10.6(1)SU2"
},
{
"status": "affected",
"version": "10.6(1)SU2ES04"
},
{
"status": "affected",
"version": "11.6(1)ES01"
},
{
"status": "affected",
"version": "10.6(1)SU3ES02"
},
{
"status": "affected",
"version": "11.5(1)SU1ES02"
},
{
"status": "affected",
"version": "11.5(1)SU1ES01"
},
{
"status": "affected",
"version": "11.0(1)SU1ES02"
},
{
"status": "affected",
"version": "12.5(1)_SU03_ES03"
},
{
"status": "affected",
"version": "12.5(1)_SU03_ES04"
},
{
"status": "affected",
"version": "12.5(1)_SU03_ES05"
},
{
"status": "affected",
"version": "UCCX 15.0.1"
},
{
"status": "affected",
"version": "12.5(1)_SU03_ES06"
},
{
"status": "affected",
"version": "12.5(1)_SU03_ES07"
},
{
"status": "affected",
"version": "15.0(1)"
},
{
"status": "affected",
"version": "15.0(1)ES01"
},
{
"status": "affected",
"version": "15.0(1)ES-MSOauth"
},
{
"status": "affected",
"version": "1501_ES01_CSCws06843"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based management interface of Cisco Unified Contact Center Express (Unified CCX) could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface.\r\n\r\nThis vulnerability exists because the web-based management interface of an affected system does not sufficiently validate user-supplied input. An attacker could exploit this vulnerability by injecting malicious code into specific pages of the interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-11T16:31:26.560Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-cc-xss-MrNAH5Jh",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cc-xss-MrNAH5Jh"
}
],
"source": {
"advisory": "cisco-sa-cc-xss-MrNAH5Jh",
"defects": [
"CSCwq46126"
],
"discovery": "EXTERNAL"
},
"title": "Multiple Cisco Contact Center Products Cross-Site Scripting Vulnerabilities"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2026-20117",
"datePublished": "2026-03-11T16:31:26.560Z",
"dateReserved": "2025-10-08T11:59:15.376Z",
"dateUpdated": "2026-03-11T17:20:21.169Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-20116 (GCVE-0-2026-20116)
Vulnerability from nvd ā Published: 2026-03-11 16:31 ā Updated: 2026-03-11 17:20
VLAI
Title
Multiple Cisco Contact Center Products Cross-Site Scripting Vulnerabilities
Summary
A vulnerability in the web-based management interface of Cisco Finesse, Cisco Packaged Contact Center Enterprise (Packaged CCE), Cisco Unified Contact Center Enterprise (Unified CCE), Cisco Unified Contact Center Express (Unified CCX), and Cisco Unified Intelligence Center could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface.
This vulnerability exists because the web-based management interface of an affected system does not sufficiently validate user-supplied input. An attacker could exploit this vulnerability by injecting malicious code into specific pages of the interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information.
Severity
6.1 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Cisco | Cisco Unified Contact Center Express |
Affected:
10.5(1)SU1
Affected: 10.6(1) Affected: 11.6(1) Affected: 10.6(1)SU1 Affected: 10.6(1)SU3 Affected: 11.6(2) Affected: 12.0(1) Affected: 11.0(1)SU1 Affected: 11.5(1)SU1 Affected: 10.5(1) Affected: 12.5(1) Affected: 12.5(1)SU1 Affected: 12.5(1)SU2 Affected: 12.5(1)SU3 Affected: 12.5(1)_SU03_ES01 Affected: 12.5(1)_SU03_ES02 Affected: 12.5(1)_SU02_ES03 Affected: 12.5(1)_SU02_ES04 Affected: 12.5(1)_SU02_ES02 Affected: 12.5(1)_SU01_ES02 Affected: 12.5(1)_SU01_ES03 Affected: 12.5(1)_SU02_ES01 Affected: 11.6(2)ES07 Affected: 11.6(2)ES08 Affected: 12.5(1)_SU01_ES01 Affected: 12.0(1)ES04 Affected: 12.5(1)ES02 Affected: 12.5(1)ES03 Affected: 11.6(2)ES06 Affected: 12.5(1)ES01 Affected: 12.0(1)ES03 Affected: 12.0(1)ES01 Affected: 11.6(2)ES05 Affected: 12.0(1)ES02 Affected: 11.6(2)ES04 Affected: 11.6(2)ES03 Affected: 11.6(2)ES02 Affected: 11.6(2)ES01 Affected: 10.6(1)SU3ES03 Affected: 11.0(1)SU1ES03 Affected: 10.6(1)SU3ES01 Affected: 10.5(1)SU1ES10 Affected: 11.5(1)SU1ES03 Affected: 11.6(1)ES02 Affected: 11.5(1)ES01 Affected: 10.6(1)SU2 Affected: 10.6(1)SU2ES04 Affected: 11.6(1)ES01 Affected: 10.6(1)SU3ES02 Affected: 11.5(1)SU1ES02 Affected: 11.5(1)SU1ES01 Affected: 11.0(1)SU1ES02 Affected: 12.5(1)_SU03_ES03 Affected: 12.5(1)_SU03_ES04 Affected: 12.5(1)_SU03_ES05 Affected: UCCX 15.0.1 Affected: 12.5(1)_SU03_ES06 Affected: 12.5(1)_SU03_ES07 Affected: 15.0(1) Affected: 15.0(1)ES01 Affected: 15.0(1)ES-MSOauth Affected: 1501_ES01_CSCws06843 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-20116",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-11T17:05:00.232053Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-03-11T17:20:21.361Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Cisco Unified Contact Center Express",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "10.5(1)SU1"
},
{
"status": "affected",
"version": "10.6(1)"
},
{
"status": "affected",
"version": "11.6(1)"
},
{
"status": "affected",
"version": "10.6(1)SU1"
},
{
"status": "affected",
"version": "10.6(1)SU3"
},
{
"status": "affected",
"version": "11.6(2)"
},
{
"status": "affected",
"version": "12.0(1)"
},
{
"status": "affected",
"version": "11.0(1)SU1"
},
{
"status": "affected",
"version": "11.5(1)SU1"
},
{
"status": "affected",
"version": "10.5(1)"
},
{
"status": "affected",
"version": "12.5(1)"
},
{
"status": "affected",
"version": "12.5(1)SU1"
},
{
"status": "affected",
"version": "12.5(1)SU2"
},
{
"status": "affected",
"version": "12.5(1)SU3"
},
{
"status": "affected",
"version": "12.5(1)_SU03_ES01"
},
{
"status": "affected",
"version": "12.5(1)_SU03_ES02"
},
{
"status": "affected",
"version": "12.5(1)_SU02_ES03"
},
{
"status": "affected",
"version": "12.5(1)_SU02_ES04"
},
{
"status": "affected",
"version": "12.5(1)_SU02_ES02"
},
{
"status": "affected",
"version": "12.5(1)_SU01_ES02"
},
{
"status": "affected",
"version": "12.5(1)_SU01_ES03"
},
{
"status": "affected",
"version": "12.5(1)_SU02_ES01"
},
{
"status": "affected",
"version": "11.6(2)ES07"
},
{
"status": "affected",
"version": "11.6(2)ES08"
},
{
"status": "affected",
"version": "12.5(1)_SU01_ES01"
},
{
"status": "affected",
"version": "12.0(1)ES04"
},
{
"status": "affected",
"version": "12.5(1)ES02"
},
{
"status": "affected",
"version": "12.5(1)ES03"
},
{
"status": "affected",
"version": "11.6(2)ES06"
},
{
"status": "affected",
"version": "12.5(1)ES01"
},
{
"status": "affected",
"version": "12.0(1)ES03"
},
{
"status": "affected",
"version": "12.0(1)ES01"
},
{
"status": "affected",
"version": "11.6(2)ES05"
},
{
"status": "affected",
"version": "12.0(1)ES02"
},
{
"status": "affected",
"version": "11.6(2)ES04"
},
{
"status": "affected",
"version": "11.6(2)ES03"
},
{
"status": "affected",
"version": "11.6(2)ES02"
},
{
"status": "affected",
"version": "11.6(2)ES01"
},
{
"status": "affected",
"version": "10.6(1)SU3ES03"
},
{
"status": "affected",
"version": "11.0(1)SU1ES03"
},
{
"status": "affected",
"version": "10.6(1)SU3ES01"
},
{
"status": "affected",
"version": "10.5(1)SU1ES10"
},
{
"status": "affected",
"version": "11.5(1)SU1ES03"
},
{
"status": "affected",
"version": "11.6(1)ES02"
},
{
"status": "affected",
"version": "11.5(1)ES01"
},
{
"status": "affected",
"version": "10.6(1)SU2"
},
{
"status": "affected",
"version": "10.6(1)SU2ES04"
},
{
"status": "affected",
"version": "11.6(1)ES01"
},
{
"status": "affected",
"version": "10.6(1)SU3ES02"
},
{
"status": "affected",
"version": "11.5(1)SU1ES02"
},
{
"status": "affected",
"version": "11.5(1)SU1ES01"
},
{
"status": "affected",
"version": "11.0(1)SU1ES02"
},
{
"status": "affected",
"version": "12.5(1)_SU03_ES03"
},
{
"status": "affected",
"version": "12.5(1)_SU03_ES04"
},
{
"status": "affected",
"version": "12.5(1)_SU03_ES05"
},
{
"status": "affected",
"version": "UCCX 15.0.1"
},
{
"status": "affected",
"version": "12.5(1)_SU03_ES06"
},
{
"status": "affected",
"version": "12.5(1)_SU03_ES07"
},
{
"status": "affected",
"version": "15.0(1)"
},
{
"status": "affected",
"version": "15.0(1)ES01"
},
{
"status": "affected",
"version": "15.0(1)ES-MSOauth"
},
{
"status": "affected",
"version": "1501_ES01_CSCws06843"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based management interface of\u0026nbsp; Cisco Finesse, Cisco Packaged Contact Center Enterprise (Packaged CCE), Cisco Unified Contact Center Enterprise (Unified CCE), Cisco Unified Contact Center Express (Unified CCX), and Cisco Unified Intelligence Center could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface.\r\n\r\nThis vulnerability exists because the web-based management interface of an affected system does not sufficiently validate user-supplied input. An attacker could exploit this vulnerability by injecting malicious code into specific pages of the interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-11T16:31:23.070Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-cc-xss-MrNAH5Jh",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cc-xss-MrNAH5Jh"
}
],
"source": {
"advisory": "cisco-sa-cc-xss-MrNAH5Jh",
"defects": [
"CSCwq36593"
],
"discovery": "EXTERNAL"
},
"title": "Multiple Cisco Contact Center Products Cross-Site Scripting Vulnerabilities"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2026-20116",
"datePublished": "2026-03-11T16:31:23.070Z",
"dateReserved": "2025-10-08T11:59:15.376Z",
"dateUpdated": "2026-03-11T17:20:21.361Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-20377 (GCVE-0-2025-20377)
Vulnerability from nvd ā Published: 2025-11-05 16:31 ā Updated: 2025-11-21 14:23
VLAI
Title
Cisco Unified Intelligence Center API Information Disclosure Vulnerability
Summary
A vulnerability in the API subsystem of Cisco Unified Intelligence Center could allow an authenticated, remote attacker to obtain sensitive information from an affected system.
This vulnerability is due to improper validation of requests to certain API endpoints. An attacker could exploit this vulnerability by sending a valid request to a specific API endpoint within the affected system. A successful exploit could allow a low-privileged user to view sensitive information on the affected system that should be restricted. To exploit this vulnerability, the attacker must have valid user credentials on the affected system.
Severity
4.3 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor
Assigner
References
1 reference
Impacted products
4 products
| Vendor | Product | Version | |
|---|---|---|---|
| Cisco | Cisco Packaged Contact Center Enterprise |
Affected:
12.5(1)
Affected: 11.0(1) Affected: 12.0(1) Affected: 11.0(2) Affected: 11.5(1) Affected: 10.5(1) Affected: 10.5(2) Affected: 11.6(2) Affected: 10.5(1)_ES7 Affected: 11.6(1) Affected: 10.5(2)_ES8 Affected: 12.6(1) Affected: 12.5(2) Affected: 12.6(2) Affected: 15.0(1) |
|
| Cisco | Cisco Unified Contact Center Enterprise |
Affected:
12.6(1)ES3
Affected: 12.6(1)ES1 Affected: 12.6(1) Affected: 12.6(1)ES2 Affected: 12.6(1)SecurityPatch Affected: 12.5(1)ES1 Affected: 12.5(1) Affected: 12.6(1)ES4 Affected: 11.0(1) Affected: 10.5(1) Affected: 12.0(1) Affected: 10.5 Affected: 11.0 Affected: 11.5 Affected: 12.6(2) Affected: 12.6(2)ES1 Affected: 12.6(2)ES2 Affected: 15.0(1) Affected: 12.6(2)ES3 Affected: 15.0(1)ET01 Affected: 15.0(1)_SP1 |
|
| Cisco | Cisco Unified Contact Center Express |
Affected:
10.5(1)SU1
Affected: 10.6(1) Affected: 11.6(1) Affected: 10.6(1)SU1 Affected: 10.6(1)SU3 Affected: 11.6(2) Affected: 12.0(1) Affected: 11.0(1)SU1 Affected: 11.5(1)SU1 Affected: 10.5(1) Affected: 12.5(1) Affected: 12.5(1)SU1 Affected: 12.5(1)SU2 Affected: 12.5(1)SU3 Affected: 12.5(1)_SU03_ES01 Affected: 12.5(1)_SU03_ES02 Affected: 12.5(1)_SU02_ES03 Affected: 12.5(1)_SU02_ES04 Affected: 12.5(1)_SU02_ES02 Affected: 12.5(1)_SU01_ES02 Affected: 12.5(1)_SU01_ES03 Affected: 12.5(1)_SU02_ES01 Affected: 11.6(2)ES07 Affected: 11.6(2)ES08 Affected: 12.5(1)_SU01_ES01 Affected: 12.0(1)ES04 Affected: 12.5(1)ES02 Affected: 12.5(1)ES03 Affected: 11.6(2)ES06 Affected: 12.5(1)ES01 Affected: 12.0(1)ES03 Affected: 12.0(1)ES01 Affected: 11.6(2)ES05 Affected: 12.0(1)ES02 Affected: 11.6(2)ES04 Affected: 11.6(2)ES03 Affected: 11.6(2)ES02 Affected: 11.6(2)ES01 Affected: 10.6(1)SU3ES03 Affected: 11.0(1)SU1ES03 Affected: 10.6(1)SU3ES01 Affected: 10.5(1)SU1ES10 Affected: 11.5(1)SU1ES03 Affected: 11.6(1)ES02 Affected: 11.5(1)ES01 Affected: 10.6(1)SU2 Affected: 10.6(1)SU2ES04 Affected: 11.6(1)ES01 Affected: 10.6(1)SU3ES02 Affected: 11.5(1)SU1ES02 Affected: 11.5(1)SU1ES01 Affected: 11.0(1)SU1ES02 Affected: 12.5(1)_SU03_ES03 Affected: 12.5(1)_SU03_ES04 Affected: 12.5(1)_SU03_ES05 Affected: UCCX 15.0.1 Affected: 12.5(1)_SU03_ES06 |
|
| Cisco | Cisco Unified Intelligence Center |
Affected:
11.6(1)
Affected: 10.5(1) Affected: 11.0(1) Affected: 11.5(1) Affected: 12.0(1) Affected: 12.5(1) Affected: 11.0(2) Affected: 12.6(1) Affected: 12.5(1)SU Affected: 12.6(1)_ET Affected: 12.6(1)_ES05_ET Affected: 11.0(3) Affected: 12.6(2) Affected: 12.6(2)_504_Issue_ET Affected: 12.6.1_ExcelIssue_ET Affected: 12.6(2)_Permalink_ET Affected: 12.6.2_CSCwk19536_ET Affected: 12.6.2_CSCwm96922_ET Affected: 12.6.2_Amq_OOS_ET Affected: 12.5(2)ET_CSCwi79933 Affected: 12.6(2)_ET Affected: 12.6.2_CSCwn48501_ET Affected: 15.0(1) Affected: 12.6.2_CSCwp61293_ET Affected: 12.6.2_CSCwp92614_ET |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-20377",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-11-05T20:13:55.442333Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-11-05T20:14:05.911Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Cisco Packaged Contact Center Enterprise",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "12.5(1)"
},
{
"status": "affected",
"version": "11.0(1)"
},
{
"status": "affected",
"version": "12.0(1)"
},
{
"status": "affected",
"version": "11.0(2)"
},
{
"status": "affected",
"version": "11.5(1)"
},
{
"status": "affected",
"version": "10.5(1)"
},
{
"status": "affected",
"version": "10.5(2)"
},
{
"status": "affected",
"version": "11.6(2)"
},
{
"status": "affected",
"version": "10.5(1)_ES7"
},
{
"status": "affected",
"version": "11.6(1)"
},
{
"status": "affected",
"version": "10.5(2)_ES8"
},
{
"status": "affected",
"version": "12.6(1)"
},
{
"status": "affected",
"version": "12.5(2)"
},
{
"status": "affected",
"version": "12.6(2)"
},
{
"status": "affected",
"version": "15.0(1)"
}
]
},
{
"defaultStatus": "unknown",
"product": "Cisco Unified Contact Center Enterprise",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "12.6(1)ES3"
},
{
"status": "affected",
"version": "12.6(1)ES1"
},
{
"status": "affected",
"version": "12.6(1)"
},
{
"status": "affected",
"version": "12.6(1)ES2"
},
{
"status": "affected",
"version": "12.6(1)SecurityPatch"
},
{
"status": "affected",
"version": "12.5(1)ES1"
},
{
"status": "affected",
"version": "12.5(1)"
},
{
"status": "affected",
"version": "12.6(1)ES4"
},
{
"status": "affected",
"version": "11.0(1)"
},
{
"status": "affected",
"version": "10.5(1)"
},
{
"status": "affected",
"version": "12.0(1)"
},
{
"status": "affected",
"version": "10.5"
},
{
"status": "affected",
"version": "11.0"
},
{
"status": "affected",
"version": "11.5"
},
{
"status": "affected",
"version": "12.6(2)"
},
{
"status": "affected",
"version": "12.6(2)ES1"
},
{
"status": "affected",
"version": "12.6(2)ES2"
},
{
"status": "affected",
"version": "15.0(1)"
},
{
"status": "affected",
"version": "12.6(2)ES3"
},
{
"status": "affected",
"version": "15.0(1)ET01"
},
{
"status": "affected",
"version": "15.0(1)_SP1"
}
]
},
{
"defaultStatus": "unknown",
"product": "Cisco Unified Contact Center Express",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "10.5(1)SU1"
},
{
"status": "affected",
"version": "10.6(1)"
},
{
"status": "affected",
"version": "11.6(1)"
},
{
"status": "affected",
"version": "10.6(1)SU1"
},
{
"status": "affected",
"version": "10.6(1)SU3"
},
{
"status": "affected",
"version": "11.6(2)"
},
{
"status": "affected",
"version": "12.0(1)"
},
{
"status": "affected",
"version": "11.0(1)SU1"
},
{
"status": "affected",
"version": "11.5(1)SU1"
},
{
"status": "affected",
"version": "10.5(1)"
},
{
"status": "affected",
"version": "12.5(1)"
},
{
"status": "affected",
"version": "12.5(1)SU1"
},
{
"status": "affected",
"version": "12.5(1)SU2"
},
{
"status": "affected",
"version": "12.5(1)SU3"
},
{
"status": "affected",
"version": "12.5(1)_SU03_ES01"
},
{
"status": "affected",
"version": "12.5(1)_SU03_ES02"
},
{
"status": "affected",
"version": "12.5(1)_SU02_ES03"
},
{
"status": "affected",
"version": "12.5(1)_SU02_ES04"
},
{
"status": "affected",
"version": "12.5(1)_SU02_ES02"
},
{
"status": "affected",
"version": "12.5(1)_SU01_ES02"
},
{
"status": "affected",
"version": "12.5(1)_SU01_ES03"
},
{
"status": "affected",
"version": "12.5(1)_SU02_ES01"
},
{
"status": "affected",
"version": "11.6(2)ES07"
},
{
"status": "affected",
"version": "11.6(2)ES08"
},
{
"status": "affected",
"version": "12.5(1)_SU01_ES01"
},
{
"status": "affected",
"version": "12.0(1)ES04"
},
{
"status": "affected",
"version": "12.5(1)ES02"
},
{
"status": "affected",
"version": "12.5(1)ES03"
},
{
"status": "affected",
"version": "11.6(2)ES06"
},
{
"status": "affected",
"version": "12.5(1)ES01"
},
{
"status": "affected",
"version": "12.0(1)ES03"
},
{
"status": "affected",
"version": "12.0(1)ES01"
},
{
"status": "affected",
"version": "11.6(2)ES05"
},
{
"status": "affected",
"version": "12.0(1)ES02"
},
{
"status": "affected",
"version": "11.6(2)ES04"
},
{
"status": "affected",
"version": "11.6(2)ES03"
},
{
"status": "affected",
"version": "11.6(2)ES02"
},
{
"status": "affected",
"version": "11.6(2)ES01"
},
{
"status": "affected",
"version": "10.6(1)SU3ES03"
},
{
"status": "affected",
"version": "11.0(1)SU1ES03"
},
{
"status": "affected",
"version": "10.6(1)SU3ES01"
},
{
"status": "affected",
"version": "10.5(1)SU1ES10"
},
{
"status": "affected",
"version": "11.5(1)SU1ES03"
},
{
"status": "affected",
"version": "11.6(1)ES02"
},
{
"status": "affected",
"version": "11.5(1)ES01"
},
{
"status": "affected",
"version": "10.6(1)SU2"
},
{
"status": "affected",
"version": "10.6(1)SU2ES04"
},
{
"status": "affected",
"version": "11.6(1)ES01"
},
{
"status": "affected",
"version": "10.6(1)SU3ES02"
},
{
"status": "affected",
"version": "11.5(1)SU1ES02"
},
{
"status": "affected",
"version": "11.5(1)SU1ES01"
},
{
"status": "affected",
"version": "11.0(1)SU1ES02"
},
{
"status": "affected",
"version": "12.5(1)_SU03_ES03"
},
{
"status": "affected",
"version": "12.5(1)_SU03_ES04"
},
{
"status": "affected",
"version": "12.5(1)_SU03_ES05"
},
{
"status": "affected",
"version": "UCCX 15.0.1"
},
{
"status": "affected",
"version": "12.5(1)_SU03_ES06"
}
]
},
{
"defaultStatus": "unknown",
"product": "Cisco Unified Intelligence Center",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "11.6(1)"
},
{
"status": "affected",
"version": "10.5(1)"
},
{
"status": "affected",
"version": "11.0(1)"
},
{
"status": "affected",
"version": "11.5(1)"
},
{
"status": "affected",
"version": "12.0(1)"
},
{
"status": "affected",
"version": "12.5(1)"
},
{
"status": "affected",
"version": "11.0(2)"
},
{
"status": "affected",
"version": "12.6(1)"
},
{
"status": "affected",
"version": "12.5(1)SU"
},
{
"status": "affected",
"version": "12.6(1)_ET"
},
{
"status": "affected",
"version": "12.6(1)_ES05_ET"
},
{
"status": "affected",
"version": "11.0(3)"
},
{
"status": "affected",
"version": "12.6(2)"
},
{
"status": "affected",
"version": "12.6(2)_504_Issue_ET"
},
{
"status": "affected",
"version": "12.6.1_ExcelIssue_ET"
},
{
"status": "affected",
"version": "12.6(2)_Permalink_ET"
},
{
"status": "affected",
"version": "12.6.2_CSCwk19536_ET"
},
{
"status": "affected",
"version": "12.6.2_CSCwm96922_ET"
},
{
"status": "affected",
"version": "12.6.2_Amq_OOS_ET"
},
{
"status": "affected",
"version": "12.5(2)ET_CSCwi79933"
},
{
"status": "affected",
"version": "12.6(2)_ET"
},
{
"status": "affected",
"version": "12.6.2_CSCwn48501_ET"
},
{
"status": "affected",
"version": "15.0(1)"
},
{
"status": "affected",
"version": "12.6.2_CSCwp61293_ET"
},
{
"status": "affected",
"version": "12.6.2_CSCwp92614_ET"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the API subsystem of Cisco Unified Intelligence Center could allow an authenticated, remote attacker to obtain sensitive information from an affected system.\r\n\r\nThis vulnerability is due to improper validation of requests to certain API endpoints. An attacker could exploit this vulnerability by sending a valid request to a specific API endpoint within the affected system. A successful exploit could allow a low-privileged user to view sensitive information on the affected system that should be restricted. To exploit this vulnerability, the attacker must have valid user credentials on the affected system."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "Exposure of Sensitive Information to an Unauthorized Actor",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-21T14:23:13.993Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-cc-mult-vuln-gK4TFXSn",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cc-mult-vuln-gK4TFXSn"
}
],
"source": {
"advisory": "cisco-sa-cc-mult-vuln-gK4TFXSn",
"defects": [
"CSCwo38545"
],
"discovery": "EXTERNAL"
},
"title": "Cisco Unified Intelligence Center API Information Disclosure Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2025-20377",
"datePublished": "2025-11-05T16:31:52.595Z",
"dateReserved": "2024-10-10T19:15:13.263Z",
"dateUpdated": "2025-11-21T14:23:13.993Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-20376 (GCVE-0-2025-20376)
Vulnerability from nvd ā Published: 2025-11-05 16:31 ā Updated: 2026-02-26 17:47
VLAI
Title
Cisco Unified Contact Center Express Remote Code Execution Vulnerability
Summary
A vulnerability in the web UI of Cisco Unified CCX could allow an authenticated, remote attacker to upload and execute arbitrary files.
This vulnerability is due to an insufficient input validation associated to file upload mechanisms. An attacker could exploit this vulnerability by uploading a malicious file to the web UI and executing it. A successful exploit could allow the attacker to execute arbitrary commands on the underlying system and elevate privileges to root. To exploit this vulnerability, the attacker must have valid administrative credentials.
Severity
6.5 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-434 - Unrestricted Upload of File with Dangerous Type
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Cisco | Cisco Unified Contact Center Express |
Affected:
10.5(1)SU1
Affected: 10.6(1) Affected: 11.6(1) Affected: 10.6(1)SU1 Affected: 10.6(1)SU3 Affected: 11.6(2) Affected: 12.0(1) Affected: 11.0(1)SU1 Affected: 11.5(1)SU1 Affected: 10.5(1) Affected: 12.5(1) Affected: 12.5(1)SU1 Affected: 12.5(1)SU2 Affected: 12.5(1)SU3 Affected: 12.5(1)_SU03_ES01 Affected: 12.5(1)_SU03_ES02 Affected: 12.5(1)_SU02_ES03 Affected: 12.5(1)_SU02_ES04 Affected: 12.5(1)_SU02_ES02 Affected: 12.5(1)_SU01_ES02 Affected: 12.5(1)_SU01_ES03 Affected: 12.5(1)_SU02_ES01 Affected: 11.6(2)ES07 Affected: 11.6(2)ES08 Affected: 12.5(1)_SU01_ES01 Affected: 12.0(1)ES04 Affected: 12.5(1)ES02 Affected: 12.5(1)ES03 Affected: 11.6(2)ES06 Affected: 12.5(1)ES01 Affected: 12.0(1)ES03 Affected: 12.0(1)ES01 Affected: 11.6(2)ES05 Affected: 12.0(1)ES02 Affected: 11.6(2)ES04 Affected: 11.6(2)ES03 Affected: 11.6(2)ES02 Affected: 11.6(2)ES01 Affected: 10.6(1)SU3ES03 Affected: 11.0(1)SU1ES03 Affected: 10.6(1)SU3ES01 Affected: 10.5(1)SU1ES10 Affected: 11.5(1)SU1ES03 Affected: 11.6(1)ES02 Affected: 11.5(1)ES01 Affected: 10.6(1)SU2 Affected: 10.6(1)SU2ES04 Affected: 11.6(1)ES01 Affected: 10.6(1)SU3ES02 Affected: 11.5(1)SU1ES02 Affected: 11.5(1)SU1ES01 Affected: 11.0(1)SU1ES02 Affected: 12.5(1)_SU03_ES03 Affected: 12.5(1)_SU03_ES04 Affected: 12.5(1)_SU03_ES05 Affected: UCCX 15.0.1 Affected: 12.5(1)_SU03_ES06 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-20376",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-11-06T04:55:45.488528Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-26T17:47:14.572Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Cisco Unified Contact Center Express",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "10.5(1)SU1"
},
{
"status": "affected",
"version": "10.6(1)"
},
{
"status": "affected",
"version": "11.6(1)"
},
{
"status": "affected",
"version": "10.6(1)SU1"
},
{
"status": "affected",
"version": "10.6(1)SU3"
},
{
"status": "affected",
"version": "11.6(2)"
},
{
"status": "affected",
"version": "12.0(1)"
},
{
"status": "affected",
"version": "11.0(1)SU1"
},
{
"status": "affected",
"version": "11.5(1)SU1"
},
{
"status": "affected",
"version": "10.5(1)"
},
{
"status": "affected",
"version": "12.5(1)"
},
{
"status": "affected",
"version": "12.5(1)SU1"
},
{
"status": "affected",
"version": "12.5(1)SU2"
},
{
"status": "affected",
"version": "12.5(1)SU3"
},
{
"status": "affected",
"version": "12.5(1)_SU03_ES01"
},
{
"status": "affected",
"version": "12.5(1)_SU03_ES02"
},
{
"status": "affected",
"version": "12.5(1)_SU02_ES03"
},
{
"status": "affected",
"version": "12.5(1)_SU02_ES04"
},
{
"status": "affected",
"version": "12.5(1)_SU02_ES02"
},
{
"status": "affected",
"version": "12.5(1)_SU01_ES02"
},
{
"status": "affected",
"version": "12.5(1)_SU01_ES03"
},
{
"status": "affected",
"version": "12.5(1)_SU02_ES01"
},
{
"status": "affected",
"version": "11.6(2)ES07"
},
{
"status": "affected",
"version": "11.6(2)ES08"
},
{
"status": "affected",
"version": "12.5(1)_SU01_ES01"
},
{
"status": "affected",
"version": "12.0(1)ES04"
},
{
"status": "affected",
"version": "12.5(1)ES02"
},
{
"status": "affected",
"version": "12.5(1)ES03"
},
{
"status": "affected",
"version": "11.6(2)ES06"
},
{
"status": "affected",
"version": "12.5(1)ES01"
},
{
"status": "affected",
"version": "12.0(1)ES03"
},
{
"status": "affected",
"version": "12.0(1)ES01"
},
{
"status": "affected",
"version": "11.6(2)ES05"
},
{
"status": "affected",
"version": "12.0(1)ES02"
},
{
"status": "affected",
"version": "11.6(2)ES04"
},
{
"status": "affected",
"version": "11.6(2)ES03"
},
{
"status": "affected",
"version": "11.6(2)ES02"
},
{
"status": "affected",
"version": "11.6(2)ES01"
},
{
"status": "affected",
"version": "10.6(1)SU3ES03"
},
{
"status": "affected",
"version": "11.0(1)SU1ES03"
},
{
"status": "affected",
"version": "10.6(1)SU3ES01"
},
{
"status": "affected",
"version": "10.5(1)SU1ES10"
},
{
"status": "affected",
"version": "11.5(1)SU1ES03"
},
{
"status": "affected",
"version": "11.6(1)ES02"
},
{
"status": "affected",
"version": "11.5(1)ES01"
},
{
"status": "affected",
"version": "10.6(1)SU2"
},
{
"status": "affected",
"version": "10.6(1)SU2ES04"
},
{
"status": "affected",
"version": "11.6(1)ES01"
},
{
"status": "affected",
"version": "10.6(1)SU3ES02"
},
{
"status": "affected",
"version": "11.5(1)SU1ES02"
},
{
"status": "affected",
"version": "11.5(1)SU1ES01"
},
{
"status": "affected",
"version": "11.0(1)SU1ES02"
},
{
"status": "affected",
"version": "12.5(1)_SU03_ES03"
},
{
"status": "affected",
"version": "12.5(1)_SU03_ES04"
},
{
"status": "affected",
"version": "12.5(1)_SU03_ES05"
},
{
"status": "affected",
"version": "UCCX 15.0.1"
},
{
"status": "affected",
"version": "12.5(1)_SU03_ES06"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web UI of Cisco Unified CCX could allow an authenticated, remote attacker to upload and execute arbitrary files.\r\n\r\nThis vulnerability is due to an insufficient input validation associated to file upload mechanisms. An attacker could exploit this vulnerability by uploading a malicious file to the web UI and executing it. A successful exploit could allow the attacker to execute arbitrary commands on the underlying system and elevate privileges to root. To exploit this vulnerability, the attacker must have valid administrative credentials."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-434",
"description": "Unrestricted Upload of File with Dangerous Type",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-05T16:31:38.793Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-cc-mult-vuln-gK4TFXSn",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cc-mult-vuln-gK4TFXSn"
}
],
"source": {
"advisory": "cisco-sa-cc-mult-vuln-gK4TFXSn",
"defects": [
"CSCwq36567"
],
"discovery": "EXTERNAL"
},
"title": "Cisco Unified Contact Center Express Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2025-20376",
"datePublished": "2025-11-05T16:31:38.793Z",
"dateReserved": "2024-10-10T19:15:13.262Z",
"dateUpdated": "2026-02-26T17:47:14.572Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-20375 (GCVE-0-2025-20375)
Vulnerability from nvd ā Published: 2025-11-05 16:31 ā Updated: 2026-02-26 17:47
VLAI
Title
Cisco Unified Contact Center Express Arbitrary File Upload Vulnerability
Summary
A vulnerability in the web UI of Cisco Unified CCX could allow an authenticated, remote attacker to upload and execute arbitrary files.
This vulnerability is due to an insufficient input validation associated to specific UI features. An attacker could exploit this vulnerability by uploading a crafted file to the web UI. A successful exploit could allow the attacker to upload arbitrary files to a vulnerable system and execute them, gaining access to the underlying operating system. To exploit this vulnerability, the attacker must have valid administrative credentials.
Severity
6.5 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-434 - Unrestricted Upload of File with Dangerous Type
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Cisco | Cisco Unified Contact Center Express |
Affected:
10.5(1)SU1
Affected: 10.6(1) Affected: 11.6(1) Affected: 10.6(1)SU1 Affected: 10.6(1)SU3 Affected: 11.6(2) Affected: 12.0(1) Affected: 11.0(1)SU1 Affected: 11.5(1)SU1 Affected: 10.5(1) Affected: 12.5(1) Affected: 12.5(1)SU1 Affected: 12.5(1)SU2 Affected: 12.5(1)SU3 Affected: 12.5(1)_SU03_ES01 Affected: 12.5(1)_SU03_ES02 Affected: 12.5(1)_SU02_ES03 Affected: 12.5(1)_SU02_ES04 Affected: 12.5(1)_SU02_ES02 Affected: 12.5(1)_SU01_ES02 Affected: 12.5(1)_SU01_ES03 Affected: 12.5(1)_SU02_ES01 Affected: 11.6(2)ES07 Affected: 11.6(2)ES08 Affected: 12.5(1)_SU01_ES01 Affected: 12.0(1)ES04 Affected: 12.5(1)ES02 Affected: 12.5(1)ES03 Affected: 11.6(2)ES06 Affected: 12.5(1)ES01 Affected: 12.0(1)ES03 Affected: 12.0(1)ES01 Affected: 11.6(2)ES05 Affected: 12.0(1)ES02 Affected: 11.6(2)ES04 Affected: 11.6(2)ES03 Affected: 11.6(2)ES02 Affected: 11.6(2)ES01 Affected: 10.6(1)SU3ES03 Affected: 11.0(1)SU1ES03 Affected: 10.6(1)SU3ES01 Affected: 10.5(1)SU1ES10 Affected: 11.5(1)SU1ES03 Affected: 11.6(1)ES02 Affected: 11.5(1)ES01 Affected: 10.6(1)SU2 Affected: 10.6(1)SU2ES04 Affected: 11.6(1)ES01 Affected: 10.6(1)SU3ES02 Affected: 11.5(1)SU1ES02 Affected: 11.5(1)SU1ES01 Affected: 11.0(1)SU1ES02 Affected: 12.5(1)_SU03_ES03 Affected: 12.5(1)_SU03_ES04 Affected: 12.5(1)_SU03_ES05 Affected: UCCX 15.0.1 Affected: 12.5(1)_SU03_ES06 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-20375",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-11-06T04:55:46.573406Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-26T17:47:14.139Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Cisco Unified Contact Center Express",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "10.5(1)SU1"
},
{
"status": "affected",
"version": "10.6(1)"
},
{
"status": "affected",
"version": "11.6(1)"
},
{
"status": "affected",
"version": "10.6(1)SU1"
},
{
"status": "affected",
"version": "10.6(1)SU3"
},
{
"status": "affected",
"version": "11.6(2)"
},
{
"status": "affected",
"version": "12.0(1)"
},
{
"status": "affected",
"version": "11.0(1)SU1"
},
{
"status": "affected",
"version": "11.5(1)SU1"
},
{
"status": "affected",
"version": "10.5(1)"
},
{
"status": "affected",
"version": "12.5(1)"
},
{
"status": "affected",
"version": "12.5(1)SU1"
},
{
"status": "affected",
"version": "12.5(1)SU2"
},
{
"status": "affected",
"version": "12.5(1)SU3"
},
{
"status": "affected",
"version": "12.5(1)_SU03_ES01"
},
{
"status": "affected",
"version": "12.5(1)_SU03_ES02"
},
{
"status": "affected",
"version": "12.5(1)_SU02_ES03"
},
{
"status": "affected",
"version": "12.5(1)_SU02_ES04"
},
{
"status": "affected",
"version": "12.5(1)_SU02_ES02"
},
{
"status": "affected",
"version": "12.5(1)_SU01_ES02"
},
{
"status": "affected",
"version": "12.5(1)_SU01_ES03"
},
{
"status": "affected",
"version": "12.5(1)_SU02_ES01"
},
{
"status": "affected",
"version": "11.6(2)ES07"
},
{
"status": "affected",
"version": "11.6(2)ES08"
},
{
"status": "affected",
"version": "12.5(1)_SU01_ES01"
},
{
"status": "affected",
"version": "12.0(1)ES04"
},
{
"status": "affected",
"version": "12.5(1)ES02"
},
{
"status": "affected",
"version": "12.5(1)ES03"
},
{
"status": "affected",
"version": "11.6(2)ES06"
},
{
"status": "affected",
"version": "12.5(1)ES01"
},
{
"status": "affected",
"version": "12.0(1)ES03"
},
{
"status": "affected",
"version": "12.0(1)ES01"
},
{
"status": "affected",
"version": "11.6(2)ES05"
},
{
"status": "affected",
"version": "12.0(1)ES02"
},
{
"status": "affected",
"version": "11.6(2)ES04"
},
{
"status": "affected",
"version": "11.6(2)ES03"
},
{
"status": "affected",
"version": "11.6(2)ES02"
},
{
"status": "affected",
"version": "11.6(2)ES01"
},
{
"status": "affected",
"version": "10.6(1)SU3ES03"
},
{
"status": "affected",
"version": "11.0(1)SU1ES03"
},
{
"status": "affected",
"version": "10.6(1)SU3ES01"
},
{
"status": "affected",
"version": "10.5(1)SU1ES10"
},
{
"status": "affected",
"version": "11.5(1)SU1ES03"
},
{
"status": "affected",
"version": "11.6(1)ES02"
},
{
"status": "affected",
"version": "11.5(1)ES01"
},
{
"status": "affected",
"version": "10.6(1)SU2"
},
{
"status": "affected",
"version": "10.6(1)SU2ES04"
},
{
"status": "affected",
"version": "11.6(1)ES01"
},
{
"status": "affected",
"version": "10.6(1)SU3ES02"
},
{
"status": "affected",
"version": "11.5(1)SU1ES02"
},
{
"status": "affected",
"version": "11.5(1)SU1ES01"
},
{
"status": "affected",
"version": "11.0(1)SU1ES02"
},
{
"status": "affected",
"version": "12.5(1)_SU03_ES03"
},
{
"status": "affected",
"version": "12.5(1)_SU03_ES04"
},
{
"status": "affected",
"version": "12.5(1)_SU03_ES05"
},
{
"status": "affected",
"version": "UCCX 15.0.1"
},
{
"status": "affected",
"version": "12.5(1)_SU03_ES06"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web UI of Cisco Unified CCX could allow an authenticated, remote attacker to upload and execute arbitrary files.\r\n\r\nThis vulnerability is due to an insufficient input validation associated to specific UI features. An attacker could exploit this vulnerability by uploading a crafted file to the web UI. A successful exploit could allow the attacker to upload arbitrary files to a vulnerable system and execute them, gaining access to the underlying operating system. To exploit this vulnerability, the attacker must have valid administrative credentials."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-434",
"description": "Unrestricted Upload of File with Dangerous Type",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-05T16:31:43.035Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-cc-mult-vuln-gK4TFXSn",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cc-mult-vuln-gK4TFXSn"
}
],
"source": {
"advisory": "cisco-sa-cc-mult-vuln-gK4TFXSn",
"defects": [
"CSCwq36645"
],
"discovery": "EXTERNAL"
},
"title": "Cisco Unified Contact Center Express Arbitrary File Upload Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2025-20375",
"datePublished": "2025-11-05T16:31:43.035Z",
"dateReserved": "2024-10-10T19:15:13.262Z",
"dateUpdated": "2026-02-26T17:47:14.139Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-20374 (GCVE-0-2025-20374)
Vulnerability from nvd ā Published: 2025-11-05 16:31 ā Updated: 2025-11-05 20:11
VLAI
Title
Cisco Unified Contact Center Express Arbitrary File Download Vulnerability
Summary
A vulnerability in the web UI of Cisco Unified CCX could allow an authenticated, remote attacker to perform a directory traversal and access arbitrary resources.
This vulnerability is due to an insufficient input validation associated to specific UI features. An attacker could exploit this vulnerability by sending a crafted request to the web UI. A successful exploit could allow the attacker to gain read access to arbitrary files on the underlying operating system. To exploit this vulnerability, the attacker must have valid administrative credentials.
Severity
4.9 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Cisco | Cisco Unified Contact Center Express |
Affected:
10.5(1)SU1
Affected: 10.6(1) Affected: 11.6(1) Affected: 10.6(1)SU1 Affected: 10.6(1)SU3 Affected: 11.6(2) Affected: 12.0(1) Affected: 11.0(1)SU1 Affected: 11.5(1)SU1 Affected: 10.5(1) Affected: 12.5(1) Affected: 12.5(1)SU1 Affected: 12.5(1)SU2 Affected: 12.5(1)SU3 Affected: 12.5(1)_SU03_ES01 Affected: 12.5(1)_SU03_ES02 Affected: 12.5(1)_SU02_ES03 Affected: 12.5(1)_SU02_ES04 Affected: 12.5(1)_SU02_ES02 Affected: 12.5(1)_SU01_ES02 Affected: 12.5(1)_SU01_ES03 Affected: 12.5(1)_SU02_ES01 Affected: 11.6(2)ES07 Affected: 11.6(2)ES08 Affected: 12.5(1)_SU01_ES01 Affected: 12.0(1)ES04 Affected: 12.5(1)ES02 Affected: 12.5(1)ES03 Affected: 11.6(2)ES06 Affected: 12.5(1)ES01 Affected: 12.0(1)ES03 Affected: 12.0(1)ES01 Affected: 11.6(2)ES05 Affected: 12.0(1)ES02 Affected: 11.6(2)ES04 Affected: 11.6(2)ES03 Affected: 11.6(2)ES02 Affected: 11.6(2)ES01 Affected: 10.6(1)SU3ES03 Affected: 11.0(1)SU1ES03 Affected: 10.6(1)SU3ES01 Affected: 10.5(1)SU1ES10 Affected: 11.5(1)SU1ES03 Affected: 11.6(1)ES02 Affected: 11.5(1)ES01 Affected: 10.6(1)SU2 Affected: 10.6(1)SU2ES04 Affected: 11.6(1)ES01 Affected: 10.6(1)SU3ES02 Affected: 11.5(1)SU1ES02 Affected: 11.5(1)SU1ES01 Affected: 11.0(1)SU1ES02 Affected: 12.5(1)_SU03_ES03 Affected: 12.5(1)_SU03_ES04 Affected: 12.5(1)_SU03_ES05 Affected: UCCX 15.0.1 Affected: 12.5(1)_SU03_ES06 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-20374",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-11-05T20:10:38.672178Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-11-05T20:11:12.630Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Cisco Unified Contact Center Express",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "10.5(1)SU1"
},
{
"status": "affected",
"version": "10.6(1)"
},
{
"status": "affected",
"version": "11.6(1)"
},
{
"status": "affected",
"version": "10.6(1)SU1"
},
{
"status": "affected",
"version": "10.6(1)SU3"
},
{
"status": "affected",
"version": "11.6(2)"
},
{
"status": "affected",
"version": "12.0(1)"
},
{
"status": "affected",
"version": "11.0(1)SU1"
},
{
"status": "affected",
"version": "11.5(1)SU1"
},
{
"status": "affected",
"version": "10.5(1)"
},
{
"status": "affected",
"version": "12.5(1)"
},
{
"status": "affected",
"version": "12.5(1)SU1"
},
{
"status": "affected",
"version": "12.5(1)SU2"
},
{
"status": "affected",
"version": "12.5(1)SU3"
},
{
"status": "affected",
"version": "12.5(1)_SU03_ES01"
},
{
"status": "affected",
"version": "12.5(1)_SU03_ES02"
},
{
"status": "affected",
"version": "12.5(1)_SU02_ES03"
},
{
"status": "affected",
"version": "12.5(1)_SU02_ES04"
},
{
"status": "affected",
"version": "12.5(1)_SU02_ES02"
},
{
"status": "affected",
"version": "12.5(1)_SU01_ES02"
},
{
"status": "affected",
"version": "12.5(1)_SU01_ES03"
},
{
"status": "affected",
"version": "12.5(1)_SU02_ES01"
},
{
"status": "affected",
"version": "11.6(2)ES07"
},
{
"status": "affected",
"version": "11.6(2)ES08"
},
{
"status": "affected",
"version": "12.5(1)_SU01_ES01"
},
{
"status": "affected",
"version": "12.0(1)ES04"
},
{
"status": "affected",
"version": "12.5(1)ES02"
},
{
"status": "affected",
"version": "12.5(1)ES03"
},
{
"status": "affected",
"version": "11.6(2)ES06"
},
{
"status": "affected",
"version": "12.5(1)ES01"
},
{
"status": "affected",
"version": "12.0(1)ES03"
},
{
"status": "affected",
"version": "12.0(1)ES01"
},
{
"status": "affected",
"version": "11.6(2)ES05"
},
{
"status": "affected",
"version": "12.0(1)ES02"
},
{
"status": "affected",
"version": "11.6(2)ES04"
},
{
"status": "affected",
"version": "11.6(2)ES03"
},
{
"status": "affected",
"version": "11.6(2)ES02"
},
{
"status": "affected",
"version": "11.6(2)ES01"
},
{
"status": "affected",
"version": "10.6(1)SU3ES03"
},
{
"status": "affected",
"version": "11.0(1)SU1ES03"
},
{
"status": "affected",
"version": "10.6(1)SU3ES01"
},
{
"status": "affected",
"version": "10.5(1)SU1ES10"
},
{
"status": "affected",
"version": "11.5(1)SU1ES03"
},
{
"status": "affected",
"version": "11.6(1)ES02"
},
{
"status": "affected",
"version": "11.5(1)ES01"
},
{
"status": "affected",
"version": "10.6(1)SU2"
},
{
"status": "affected",
"version": "10.6(1)SU2ES04"
},
{
"status": "affected",
"version": "11.6(1)ES01"
},
{
"status": "affected",
"version": "10.6(1)SU3ES02"
},
{
"status": "affected",
"version": "11.5(1)SU1ES02"
},
{
"status": "affected",
"version": "11.5(1)SU1ES01"
},
{
"status": "affected",
"version": "11.0(1)SU1ES02"
},
{
"status": "affected",
"version": "12.5(1)_SU03_ES03"
},
{
"status": "affected",
"version": "12.5(1)_SU03_ES04"
},
{
"status": "affected",
"version": "12.5(1)_SU03_ES05"
},
{
"status": "affected",
"version": "UCCX 15.0.1"
},
{
"status": "affected",
"version": "12.5(1)_SU03_ES06"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web UI of Cisco Unified CCX could allow an authenticated, remote attacker to perform a directory traversal and access arbitrary resources.\r\n\r\nThis vulnerability is due to an insufficient input validation associated to specific UI features. An attacker could exploit this vulnerability by sending a crafted request to the web UI. A successful exploit could allow the attacker to gain read access to arbitrary files on the underlying operating system.\u0026nbsp;To exploit this vulnerability, the attacker must have valid administrative credentials."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-05T16:31:23.862Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-cc-mult-vuln-gK4TFXSn",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cc-mult-vuln-gK4TFXSn"
}
],
"source": {
"advisory": "cisco-sa-cc-mult-vuln-gK4TFXSn",
"defects": [
"CSCwq36596"
],
"discovery": "EXTERNAL"
},
"title": "Cisco Unified Contact Center Express Arbitrary File Download Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2025-20374",
"datePublished": "2025-11-05T16:31:23.862Z",
"dateReserved": "2024-10-10T19:15:13.262Z",
"dateUpdated": "2025-11-05T20:11:12.630Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-20358 (GCVE-0-2025-20358)
Vulnerability from nvd ā Published: 2025-11-05 16:31 ā Updated: 2026-02-26 17:47
VLAI
Title
Cisco Unified Contact Center Express Editor Authentication Bypass Vulnerability
Summary
A vulnerability in the Contact Center Express (CCX) Editor application of Cisco Unified CCX could allow an unauthenticated, remote attacker to bypass authentication and obtain administrative permissions pertaining to script creation and execution.
This vulnerability is due to improper authentication mechanisms in the communication between the CCX Editor and an affected Unified CCX server. An attacker could exploit this vulnerability by redirecting the authentication flow to a malicious server and tricking the CCX Editor into believing the authentication was successful. A successful exploit could allow the attacker to create and execute arbitrary scripts on the underlying operating system of an affected Unified CCX server, as an internal non-root user account.
Severity
9.4 (Critical)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-306 - Missing Authentication for Critical Function
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Cisco | Cisco Unified Contact Center Express |
Affected:
10.5(1)SU1
Affected: 10.6(1) Affected: 11.6(1) Affected: 10.6(1)SU1 Affected: 10.6(1)SU3 Affected: 11.6(2) Affected: 12.0(1) Affected: 11.0(1)SU1 Affected: 11.5(1)SU1 Affected: 10.5(1) Affected: 12.5(1) Affected: 12.5(1)SU1 Affected: 12.5(1)SU2 Affected: 12.5(1)SU3 Affected: 12.5(1)_SU03_ES01 Affected: 12.5(1)_SU03_ES02 Affected: 12.5(1)_SU02_ES03 Affected: 12.5(1)_SU02_ES04 Affected: 12.5(1)_SU02_ES02 Affected: 12.5(1)_SU01_ES02 Affected: 12.5(1)_SU01_ES03 Affected: 12.5(1)_SU02_ES01 Affected: 11.6(2)ES07 Affected: 11.6(2)ES08 Affected: 12.5(1)_SU01_ES01 Affected: 12.0(1)ES04 Affected: 12.5(1)ES02 Affected: 12.5(1)ES03 Affected: 11.6(2)ES06 Affected: 12.5(1)ES01 Affected: 12.0(1)ES03 Affected: 12.0(1)ES01 Affected: 11.6(2)ES05 Affected: 12.0(1)ES02 Affected: 11.6(2)ES04 Affected: 11.6(2)ES03 Affected: 11.6(2)ES02 Affected: 11.6(2)ES01 Affected: 10.6(1)SU3ES03 Affected: 11.0(1)SU1ES03 Affected: 10.6(1)SU3ES01 Affected: 10.5(1)SU1ES10 Affected: 11.5(1)SU1ES03 Affected: 11.6(1)ES02 Affected: 11.5(1)ES01 Affected: 10.6(1)SU2 Affected: 10.6(1)SU2ES04 Affected: 11.6(1)ES01 Affected: 10.6(1)SU3ES02 Affected: 11.5(1)SU1ES02 Affected: 11.5(1)SU1ES01 Affected: 11.0(1)SU1ES02 Affected: 12.5(1)_SU03_ES03 Affected: 12.5(1)_SU03_ES04 Affected: 12.5(1)_SU03_ES05 Affected: UCCX 15.0.1 Affected: 12.5(1)_SU03_ES06 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-20358",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-11-06T04:55:44.323949Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-26T17:47:14.895Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Cisco Unified Contact Center Express",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "10.5(1)SU1"
},
{
"status": "affected",
"version": "10.6(1)"
},
{
"status": "affected",
"version": "11.6(1)"
},
{
"status": "affected",
"version": "10.6(1)SU1"
},
{
"status": "affected",
"version": "10.6(1)SU3"
},
{
"status": "affected",
"version": "11.6(2)"
},
{
"status": "affected",
"version": "12.0(1)"
},
{
"status": "affected",
"version": "11.0(1)SU1"
},
{
"status": "affected",
"version": "11.5(1)SU1"
},
{
"status": "affected",
"version": "10.5(1)"
},
{
"status": "affected",
"version": "12.5(1)"
},
{
"status": "affected",
"version": "12.5(1)SU1"
},
{
"status": "affected",
"version": "12.5(1)SU2"
},
{
"status": "affected",
"version": "12.5(1)SU3"
},
{
"status": "affected",
"version": "12.5(1)_SU03_ES01"
},
{
"status": "affected",
"version": "12.5(1)_SU03_ES02"
},
{
"status": "affected",
"version": "12.5(1)_SU02_ES03"
},
{
"status": "affected",
"version": "12.5(1)_SU02_ES04"
},
{
"status": "affected",
"version": "12.5(1)_SU02_ES02"
},
{
"status": "affected",
"version": "12.5(1)_SU01_ES02"
},
{
"status": "affected",
"version": "12.5(1)_SU01_ES03"
},
{
"status": "affected",
"version": "12.5(1)_SU02_ES01"
},
{
"status": "affected",
"version": "11.6(2)ES07"
},
{
"status": "affected",
"version": "11.6(2)ES08"
},
{
"status": "affected",
"version": "12.5(1)_SU01_ES01"
},
{
"status": "affected",
"version": "12.0(1)ES04"
},
{
"status": "affected",
"version": "12.5(1)ES02"
},
{
"status": "affected",
"version": "12.5(1)ES03"
},
{
"status": "affected",
"version": "11.6(2)ES06"
},
{
"status": "affected",
"version": "12.5(1)ES01"
},
{
"status": "affected",
"version": "12.0(1)ES03"
},
{
"status": "affected",
"version": "12.0(1)ES01"
},
{
"status": "affected",
"version": "11.6(2)ES05"
},
{
"status": "affected",
"version": "12.0(1)ES02"
},
{
"status": "affected",
"version": "11.6(2)ES04"
},
{
"status": "affected",
"version": "11.6(2)ES03"
},
{
"status": "affected",
"version": "11.6(2)ES02"
},
{
"status": "affected",
"version": "11.6(2)ES01"
},
{
"status": "affected",
"version": "10.6(1)SU3ES03"
},
{
"status": "affected",
"version": "11.0(1)SU1ES03"
},
{
"status": "affected",
"version": "10.6(1)SU3ES01"
},
{
"status": "affected",
"version": "10.5(1)SU1ES10"
},
{
"status": "affected",
"version": "11.5(1)SU1ES03"
},
{
"status": "affected",
"version": "11.6(1)ES02"
},
{
"status": "affected",
"version": "11.5(1)ES01"
},
{
"status": "affected",
"version": "10.6(1)SU2"
},
{
"status": "affected",
"version": "10.6(1)SU2ES04"
},
{
"status": "affected",
"version": "11.6(1)ES01"
},
{
"status": "affected",
"version": "10.6(1)SU3ES02"
},
{
"status": "affected",
"version": "11.5(1)SU1ES02"
},
{
"status": "affected",
"version": "11.5(1)SU1ES01"
},
{
"status": "affected",
"version": "11.0(1)SU1ES02"
},
{
"status": "affected",
"version": "12.5(1)_SU03_ES03"
},
{
"status": "affected",
"version": "12.5(1)_SU03_ES04"
},
{
"status": "affected",
"version": "12.5(1)_SU03_ES05"
},
{
"status": "affected",
"version": "UCCX 15.0.1"
},
{
"status": "affected",
"version": "12.5(1)_SU03_ES06"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the Contact Center Express (CCX) Editor application of Cisco Unified CCX could allow an unauthenticated, remote attacker to bypass authentication and obtain administrative permissions pertaining to script creation and execution.\r\n\r\nThis vulnerability is due to improper authentication mechanisms in the communication between the CCX Editor and an affected Unified CCX server. An attacker could exploit this vulnerability by redirecting the authentication flow to a malicious server and tricking the CCX Editor into believing the authentication was successful. A successful exploit could allow the attacker to create and execute arbitrary scripts on the underlying operating system of an affected Unified CCX server, as an internal non-root user account."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 9.4,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-306",
"description": "Missing Authentication for Critical Function",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-05T16:31:23.210Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-cc-unauth-rce-QeN8h7mQ",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cc-unauth-rce-QeN8h7mQ"
}
],
"source": {
"advisory": "cisco-sa-cc-unauth-rce-QeN8h7mQ",
"defects": [
"CSCwq36573"
],
"discovery": "EXTERNAL"
},
"title": "Cisco Unified Contact Center Express Editor Authentication Bypass Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2025-20358",
"datePublished": "2025-11-05T16:31:23.210Z",
"dateReserved": "2024-10-10T19:15:13.257Z",
"dateUpdated": "2026-02-26T17:47:14.895Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-20354 (GCVE-0-2025-20354)
Vulnerability from nvd ā Published: 2025-11-05 16:31 ā Updated: 2026-02-26 17:47
VLAI
Title
Cisco Unified Contact Center Express Remote Code Execution Vulnerability
Summary
A vulnerability in the Java Remote Method Invocation (RMI) process of Cisco Unified CCX could allow an unauthenticated, remote attacker to upload arbitrary files and execute arbitrary commands with root permissions on an affected system.
This vulnerability is due to improper authentication mechanisms that are associated to specific Cisco Unified CCX features. An attacker could exploit this vulnerability by uploading a crafted file to an affected system through the Java RMI process. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system and elevate privileges to root.
Severity
9.8 (Critical)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-434 - Unrestricted Upload of File with Dangerous Type
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Cisco | Cisco Unified Contact Center Express |
Affected:
10.5(1)SU1
Affected: 10.6(1) Affected: 11.6(1) Affected: 10.6(1)SU1 Affected: 10.6(1)SU3 Affected: 11.6(2) Affected: 12.0(1) Affected: 11.0(1)SU1 Affected: 11.5(1)SU1 Affected: 10.5(1) Affected: 12.5(1) Affected: 12.5(1)SU1 Affected: 12.5(1)SU2 Affected: 12.5(1)SU3 Affected: 12.5(1)_SU03_ES01 Affected: 12.5(1)_SU03_ES02 Affected: 12.5(1)_SU02_ES03 Affected: 12.5(1)_SU02_ES04 Affected: 12.5(1)_SU02_ES02 Affected: 12.5(1)_SU01_ES02 Affected: 12.5(1)_SU01_ES03 Affected: 12.5(1)_SU02_ES01 Affected: 11.6(2)ES07 Affected: 11.6(2)ES08 Affected: 12.5(1)_SU01_ES01 Affected: 12.0(1)ES04 Affected: 12.5(1)ES02 Affected: 12.5(1)ES03 Affected: 11.6(2)ES06 Affected: 12.5(1)ES01 Affected: 12.0(1)ES03 Affected: 12.0(1)ES01 Affected: 11.6(2)ES05 Affected: 12.0(1)ES02 Affected: 11.6(2)ES04 Affected: 11.6(2)ES03 Affected: 11.6(2)ES02 Affected: 11.6(2)ES01 Affected: 10.6(1)SU3ES03 Affected: 11.0(1)SU1ES03 Affected: 10.6(1)SU3ES01 Affected: 10.5(1)SU1ES10 Affected: 11.5(1)SU1ES03 Affected: 11.6(1)ES02 Affected: 11.5(1)ES01 Affected: 10.6(1)SU2 Affected: 10.6(1)SU2ES04 Affected: 11.6(1)ES01 Affected: 10.6(1)SU3ES02 Affected: 11.5(1)SU1ES02 Affected: 11.5(1)SU1ES01 Affected: 11.0(1)SU1ES02 Affected: 12.5(1)_SU03_ES03 Affected: 12.5(1)_SU03_ES04 Affected: 12.5(1)_SU03_ES05 Affected: UCCX 15.0.1 Affected: 12.5(1)_SU03_ES06 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-20354",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-11-06T04:55:43.370246Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-26T17:47:15.433Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Cisco Unified Contact Center Express",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "10.5(1)SU1"
},
{
"status": "affected",
"version": "10.6(1)"
},
{
"status": "affected",
"version": "11.6(1)"
},
{
"status": "affected",
"version": "10.6(1)SU1"
},
{
"status": "affected",
"version": "10.6(1)SU3"
},
{
"status": "affected",
"version": "11.6(2)"
},
{
"status": "affected",
"version": "12.0(1)"
},
{
"status": "affected",
"version": "11.0(1)SU1"
},
{
"status": "affected",
"version": "11.5(1)SU1"
},
{
"status": "affected",
"version": "10.5(1)"
},
{
"status": "affected",
"version": "12.5(1)"
},
{
"status": "affected",
"version": "12.5(1)SU1"
},
{
"status": "affected",
"version": "12.5(1)SU2"
},
{
"status": "affected",
"version": "12.5(1)SU3"
},
{
"status": "affected",
"version": "12.5(1)_SU03_ES01"
},
{
"status": "affected",
"version": "12.5(1)_SU03_ES02"
},
{
"status": "affected",
"version": "12.5(1)_SU02_ES03"
},
{
"status": "affected",
"version": "12.5(1)_SU02_ES04"
},
{
"status": "affected",
"version": "12.5(1)_SU02_ES02"
},
{
"status": "affected",
"version": "12.5(1)_SU01_ES02"
},
{
"status": "affected",
"version": "12.5(1)_SU01_ES03"
},
{
"status": "affected",
"version": "12.5(1)_SU02_ES01"
},
{
"status": "affected",
"version": "11.6(2)ES07"
},
{
"status": "affected",
"version": "11.6(2)ES08"
},
{
"status": "affected",
"version": "12.5(1)_SU01_ES01"
},
{
"status": "affected",
"version": "12.0(1)ES04"
},
{
"status": "affected",
"version": "12.5(1)ES02"
},
{
"status": "affected",
"version": "12.5(1)ES03"
},
{
"status": "affected",
"version": "11.6(2)ES06"
},
{
"status": "affected",
"version": "12.5(1)ES01"
},
{
"status": "affected",
"version": "12.0(1)ES03"
},
{
"status": "affected",
"version": "12.0(1)ES01"
},
{
"status": "affected",
"version": "11.6(2)ES05"
},
{
"status": "affected",
"version": "12.0(1)ES02"
},
{
"status": "affected",
"version": "11.6(2)ES04"
},
{
"status": "affected",
"version": "11.6(2)ES03"
},
{
"status": "affected",
"version": "11.6(2)ES02"
},
{
"status": "affected",
"version": "11.6(2)ES01"
},
{
"status": "affected",
"version": "10.6(1)SU3ES03"
},
{
"status": "affected",
"version": "11.0(1)SU1ES03"
},
{
"status": "affected",
"version": "10.6(1)SU3ES01"
},
{
"status": "affected",
"version": "10.5(1)SU1ES10"
},
{
"status": "affected",
"version": "11.5(1)SU1ES03"
},
{
"status": "affected",
"version": "11.6(1)ES02"
},
{
"status": "affected",
"version": "11.5(1)ES01"
},
{
"status": "affected",
"version": "10.6(1)SU2"
},
{
"status": "affected",
"version": "10.6(1)SU2ES04"
},
{
"status": "affected",
"version": "11.6(1)ES01"
},
{
"status": "affected",
"version": "10.6(1)SU3ES02"
},
{
"status": "affected",
"version": "11.5(1)SU1ES02"
},
{
"status": "affected",
"version": "11.5(1)SU1ES01"
},
{
"status": "affected",
"version": "11.0(1)SU1ES02"
},
{
"status": "affected",
"version": "12.5(1)_SU03_ES03"
},
{
"status": "affected",
"version": "12.5(1)_SU03_ES04"
},
{
"status": "affected",
"version": "12.5(1)_SU03_ES05"
},
{
"status": "affected",
"version": "UCCX 15.0.1"
},
{
"status": "affected",
"version": "12.5(1)_SU03_ES06"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the Java Remote Method Invocation (RMI) process of Cisco Unified CCX could allow an unauthenticated, remote attacker to upload arbitrary files and execute arbitrary commands with root permissions on an affected system.\r\n\r\nThis vulnerability is due to improper authentication mechanisms that are associated to specific Cisco Unified CCX features. An attacker could exploit this vulnerability by uploading a crafted file to an affected system through the Java RMI process. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system and elevate privileges to root."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-434",
"description": "Unrestricted Upload of File with Dangerous Type",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-05T16:31:14.821Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-cc-unauth-rce-QeN8h7mQ",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cc-unauth-rce-QeN8h7mQ"
}
],
"source": {
"advisory": "cisco-sa-cc-unauth-rce-QeN8h7mQ",
"defects": [
"CSCwq36528"
],
"discovery": "EXTERNAL"
},
"title": "Cisco Unified Contact Center Express Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2025-20354",
"datePublished": "2025-11-05T16:31:14.821Z",
"dateReserved": "2024-10-10T19:15:13.257Z",
"dateUpdated": "2026-02-26T17:47:15.433Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-20288 (GCVE-0-2025-20288)
Vulnerability from nvd ā Published: 2025-07-16 16:16 ā Updated: 2025-07-18 14:30
VLAI
Title
Cisco Unified Intelligence Center Server-Side Request Forgery Vulnerability
Summary
A vulnerability in the web-based management interface of Cisco Unified Intelligence Center could allow an unauthenticated, remote attacker to conduct a server-side request forgery (SSRF) attack through an affected device.
This vulnerability is due to improper input validation for specific HTTP requests. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected device. A successful exploit could allow the attacker to send arbitrary network requests that are sourced from the affected device.
Severity
5.8 (Medium)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-918 - Server-Side Request Forgery (SSRF)
Assigner
References
1 reference
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Cisco | Cisco Unified Contact Center Express |
Affected:
10.6(1)
Affected: 10.5(1)SU1 Affected: 10.6(1)SU3 Affected: 12.0(1) Affected: 10.6(1)SU1 Affected: 11.0(1)SU1 Affected: 11.5(1)SU1 Affected: 10.5(1) Affected: 11.6(1) Affected: 11.6(2) Affected: 12.5(1) Affected: 12.5(1)SU1 Affected: 12.5(1)SU2 Affected: 12.5(1)SU3 Affected: 12.5(1)_SU03_ES01 Affected: 12.5(1)_SU03_ES02 Affected: 12.5(1)_SU02_ES03 Affected: 12.5(1)_SU02_ES04 Affected: 12.5(1)_SU02_ES02 Affected: 12.5(1)_SU01_ES02 Affected: 12.5(1)_SU01_ES03 Affected: 12.5(1)_SU02_ES01 Affected: 11.6(2)ES07 Affected: 11.6(2)ES08 Affected: 12.5(1)_SU01_ES01 Affected: 12.0(1)ES04 Affected: 12.5(1)ES02 Affected: 12.5(1)ES03 Affected: 11.6(2)ES06 Affected: 12.5(1)ES01 Affected: 12.0(1)ES03 Affected: 12.0(1)ES01 Affected: 11.6(2)ES05 Affected: 12.0(1)ES02 Affected: 11.6(2)ES04 Affected: 11.6(2)ES03 Affected: 11.6(2)ES02 Affected: 11.6(2)ES01 Affected: 10.6(1)SU3ES03 Affected: 11.0(1)SU1ES03 Affected: 10.6(1)SU3ES01 Affected: 10.5(1)SU1ES10 Affected: 11.5(1)SU1ES03 Affected: 11.6(1)ES02 Affected: 11.5(1)ES01 Affected: 10.6(1)SU2 Affected: 10.6(1)SU2ES04 Affected: 11.6(1)ES01 Affected: 10.6(1)SU3ES02 Affected: 11.5(1)SU1ES02 Affected: 11.5(1)SU1ES01 Affected: 11.0(1)SU1ES02 Affected: 12.5(1)_SU03_ES03 Affected: 12.5(1)_SU03_ES04 Affected: 12.5(1)_SU03_ES05 Affected: 12.5(1)_SU03_ES06 |
|
| Cisco | Cisco Unified Intelligence Center |
Affected:
11.6(1)
Affected: 10.5(1) Affected: 11.0(1) Affected: 11.5(1) Affected: 12.0(1) Affected: 12.5(1) Affected: 11.0(2) Affected: 12.6(1) Affected: 12.5(1)SU Affected: 12.6(1)_ET Affected: 12.6(1)_ES05_ET Affected: 11.0(3) Affected: 12.6(2) Affected: 12.6(2)_504_Issue_ET Affected: 12.6.1_ExcelIssue_ET Affected: 12.6(2)_Permalink_ET Affected: 12.6.2_CSCwk19536_ET Affected: 12.6.2_CSCwm96922_ET Affected: 12.6.2_Amq_OOS_ET Affected: 12.5(2)ET_CSCwi79933 Affected: 12.6(2)_ET Affected: 12.6.2_CSCwn48501_ET |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-20288",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-18T14:30:07.079145Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-07-18T14:30:15.794Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Cisco Unified Contact Center Express",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "10.6(1)"
},
{
"status": "affected",
"version": "10.5(1)SU1"
},
{
"status": "affected",
"version": "10.6(1)SU3"
},
{
"status": "affected",
"version": "12.0(1)"
},
{
"status": "affected",
"version": "10.6(1)SU1"
},
{
"status": "affected",
"version": "11.0(1)SU1"
},
{
"status": "affected",
"version": "11.5(1)SU1"
},
{
"status": "affected",
"version": "10.5(1)"
},
{
"status": "affected",
"version": "11.6(1)"
},
{
"status": "affected",
"version": "11.6(2)"
},
{
"status": "affected",
"version": "12.5(1)"
},
{
"status": "affected",
"version": "12.5(1)SU1"
},
{
"status": "affected",
"version": "12.5(1)SU2"
},
{
"status": "affected",
"version": "12.5(1)SU3"
},
{
"status": "affected",
"version": "12.5(1)_SU03_ES01"
},
{
"status": "affected",
"version": "12.5(1)_SU03_ES02"
},
{
"status": "affected",
"version": "12.5(1)_SU02_ES03"
},
{
"status": "affected",
"version": "12.5(1)_SU02_ES04"
},
{
"status": "affected",
"version": "12.5(1)_SU02_ES02"
},
{
"status": "affected",
"version": "12.5(1)_SU01_ES02"
},
{
"status": "affected",
"version": "12.5(1)_SU01_ES03"
},
{
"status": "affected",
"version": "12.5(1)_SU02_ES01"
},
{
"status": "affected",
"version": "11.6(2)ES07"
},
{
"status": "affected",
"version": "11.6(2)ES08"
},
{
"status": "affected",
"version": "12.5(1)_SU01_ES01"
},
{
"status": "affected",
"version": "12.0(1)ES04"
},
{
"status": "affected",
"version": "12.5(1)ES02"
},
{
"status": "affected",
"version": "12.5(1)ES03"
},
{
"status": "affected",
"version": "11.6(2)ES06"
},
{
"status": "affected",
"version": "12.5(1)ES01"
},
{
"status": "affected",
"version": "12.0(1)ES03"
},
{
"status": "affected",
"version": "12.0(1)ES01"
},
{
"status": "affected",
"version": "11.6(2)ES05"
},
{
"status": "affected",
"version": "12.0(1)ES02"
},
{
"status": "affected",
"version": "11.6(2)ES04"
},
{
"status": "affected",
"version": "11.6(2)ES03"
},
{
"status": "affected",
"version": "11.6(2)ES02"
},
{
"status": "affected",
"version": "11.6(2)ES01"
},
{
"status": "affected",
"version": "10.6(1)SU3ES03"
},
{
"status": "affected",
"version": "11.0(1)SU1ES03"
},
{
"status": "affected",
"version": "10.6(1)SU3ES01"
},
{
"status": "affected",
"version": "10.5(1)SU1ES10"
},
{
"status": "affected",
"version": "11.5(1)SU1ES03"
},
{
"status": "affected",
"version": "11.6(1)ES02"
},
{
"status": "affected",
"version": "11.5(1)ES01"
},
{
"status": "affected",
"version": "10.6(1)SU2"
},
{
"status": "affected",
"version": "10.6(1)SU2ES04"
},
{
"status": "affected",
"version": "11.6(1)ES01"
},
{
"status": "affected",
"version": "10.6(1)SU3ES02"
},
{
"status": "affected",
"version": "11.5(1)SU1ES02"
},
{
"status": "affected",
"version": "11.5(1)SU1ES01"
},
{
"status": "affected",
"version": "11.0(1)SU1ES02"
},
{
"status": "affected",
"version": "12.5(1)_SU03_ES03"
},
{
"status": "affected",
"version": "12.5(1)_SU03_ES04"
},
{
"status": "affected",
"version": "12.5(1)_SU03_ES05"
},
{
"status": "affected",
"version": "12.5(1)_SU03_ES06"
}
]
},
{
"defaultStatus": "unknown",
"product": "Cisco Unified Intelligence Center",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "11.6(1)"
},
{
"status": "affected",
"version": "10.5(1)"
},
{
"status": "affected",
"version": "11.0(1)"
},
{
"status": "affected",
"version": "11.5(1)"
},
{
"status": "affected",
"version": "12.0(1)"
},
{
"status": "affected",
"version": "12.5(1)"
},
{
"status": "affected",
"version": "11.0(2)"
},
{
"status": "affected",
"version": "12.6(1)"
},
{
"status": "affected",
"version": "12.5(1)SU"
},
{
"status": "affected",
"version": "12.6(1)_ET"
},
{
"status": "affected",
"version": "12.6(1)_ES05_ET"
},
{
"status": "affected",
"version": "11.0(3)"
},
{
"status": "affected",
"version": "12.6(2)"
},
{
"status": "affected",
"version": "12.6(2)_504_Issue_ET"
},
{
"status": "affected",
"version": "12.6.1_ExcelIssue_ET"
},
{
"status": "affected",
"version": "12.6(2)_Permalink_ET"
},
{
"status": "affected",
"version": "12.6.2_CSCwk19536_ET"
},
{
"status": "affected",
"version": "12.6.2_CSCwm96922_ET"
},
{
"status": "affected",
"version": "12.6.2_Amq_OOS_ET"
},
{
"status": "affected",
"version": "12.5(2)ET_CSCwi79933"
},
{
"status": "affected",
"version": "12.6(2)_ET"
},
{
"status": "affected",
"version": "12.6.2_CSCwn48501_ET"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based management interface of Cisco Unified Intelligence Center could allow an unauthenticated, remote attacker to conduct a server-side request forgery (SSRF) attack through an affected device.\r\n\r\nThis vulnerability is due to improper input validation for specific HTTP requests. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected device. A successful exploit could allow the attacker to send arbitrary network requests that are sourced from the affected device."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-918",
"description": "Server-Side Request Forgery (SSRF)",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-16T16:16:55.622Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-cuis-ssrf-JSuDjeV",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cuis-ssrf-JSuDjeV"
}
],
"source": {
"advisory": "cisco-sa-cuis-ssrf-JSuDjeV",
"defects": [
"CSCwn34672"
],
"discovery": "EXTERNAL"
},
"title": "Cisco Unified Intelligence Center Server-Side Request Forgery Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2025-20288",
"datePublished": "2025-07-16T16:16:55.622Z",
"dateReserved": "2024-10-10T19:15:13.251Z",
"dateUpdated": "2025-07-18T14:30:15.794Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-20274 (GCVE-0-2025-20274)
Vulnerability from nvd ā Published: 2025-07-16 16:16 ā Updated: 2026-02-26 17:50
VLAI
Title
Cisco Unified Intelligence Center Arbitrary File Upload Vulnerability
Summary
A vulnerability in the web-based management interface of Cisco Unified Intelligence Center could allow an authenticated, remote attacker to upload arbitrary files to an affected device.
This vulnerability is due to improper validation of files that are uploaded to the web-based management interface. An attacker could exploit this vulnerability by uploading arbitrary files to an affected device. A successful exploit could allow the attacker to store malicious files on the system and execute arbitrary commands on the operating system. The Security Impact Rating (SIR) of this advisory has been raised to High because an attacker could elevate privileges to root. To exploit this vulnerability, the attacker must have valid credentials for a user account with at least the role of Report Designer.
Severity
6.3 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-434 - Unrestricted Upload of File with Dangerous Type
Assigner
References
1 reference
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Cisco | Cisco Unified Contact Center Express |
Affected:
10.6(1)
Affected: 10.5(1)SU1 Affected: 10.6(1)SU3 Affected: 12.0(1) Affected: 10.6(1)SU1 Affected: 11.0(1)SU1 Affected: 11.5(1)SU1 Affected: 10.5(1) Affected: 11.6(1) Affected: 11.6(2) Affected: 12.5(1) Affected: 12.5(1)SU1 Affected: 12.5(1)SU2 Affected: 12.5(1)SU3 Affected: 12.5(1)_SU03_ES01 Affected: 12.5(1)_SU03_ES02 Affected: 12.5(1)_SU02_ES03 Affected: 12.5(1)_SU02_ES04 Affected: 12.5(1)_SU02_ES02 Affected: 12.5(1)_SU01_ES02 Affected: 12.5(1)_SU01_ES03 Affected: 12.5(1)_SU02_ES01 Affected: 11.6(2)ES07 Affected: 11.6(2)ES08 Affected: 12.5(1)_SU01_ES01 Affected: 12.0(1)ES04 Affected: 12.5(1)ES02 Affected: 12.5(1)ES03 Affected: 11.6(2)ES06 Affected: 12.5(1)ES01 Affected: 12.0(1)ES03 Affected: 12.0(1)ES01 Affected: 11.6(2)ES05 Affected: 12.0(1)ES02 Affected: 11.6(2)ES04 Affected: 11.6(2)ES03 Affected: 11.6(2)ES02 Affected: 11.6(2)ES01 Affected: 10.6(1)SU3ES03 Affected: 11.0(1)SU1ES03 Affected: 10.6(1)SU3ES01 Affected: 10.5(1)SU1ES10 Affected: 11.5(1)SU1ES03 Affected: 11.6(1)ES02 Affected: 11.5(1)ES01 Affected: 10.6(1)SU2 Affected: 10.6(1)SU2ES04 Affected: 11.6(1)ES01 Affected: 10.6(1)SU3ES02 Affected: 11.5(1)SU1ES02 Affected: 11.5(1)SU1ES01 Affected: 11.0(1)SU1ES02 Affected: 12.5(1)_SU03_ES03 Affected: 12.5(1)_SU03_ES04 Affected: 12.5(1)_SU03_ES05 Affected: 12.5(1)_SU03_ES06 |
|
| Cisco | Cisco Unified Intelligence Center |
Affected:
11.6(1)
Affected: 10.5(1) Affected: 11.0(1) Affected: 11.5(1) Affected: 12.0(1) Affected: 12.5(1) Affected: 11.0(2) Affected: 12.6(1) Affected: 12.5(1)SU Affected: 12.6(1)_ET Affected: 12.6(1)_ES05_ET Affected: 11.0(3) Affected: 12.6(2) Affected: 12.6(2)_504_Issue_ET Affected: 12.6.1_ExcelIssue_ET Affected: 12.6(2)_Permalink_ET Affected: 12.6.2_CSCwk19536_ET Affected: 12.6.2_CSCwm96922_ET Affected: 12.6.2_Amq_OOS_ET Affected: 12.5(2)ET_CSCwi79933 Affected: 12.6(2)_ET Affected: 12.6.2_CSCwn48501_ET |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-20274",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-17T03:55:54.247665Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-26T17:50:31.824Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Cisco Unified Contact Center Express",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "10.6(1)"
},
{
"status": "affected",
"version": "10.5(1)SU1"
},
{
"status": "affected",
"version": "10.6(1)SU3"
},
{
"status": "affected",
"version": "12.0(1)"
},
{
"status": "affected",
"version": "10.6(1)SU1"
},
{
"status": "affected",
"version": "11.0(1)SU1"
},
{
"status": "affected",
"version": "11.5(1)SU1"
},
{
"status": "affected",
"version": "10.5(1)"
},
{
"status": "affected",
"version": "11.6(1)"
},
{
"status": "affected",
"version": "11.6(2)"
},
{
"status": "affected",
"version": "12.5(1)"
},
{
"status": "affected",
"version": "12.5(1)SU1"
},
{
"status": "affected",
"version": "12.5(1)SU2"
},
{
"status": "affected",
"version": "12.5(1)SU3"
},
{
"status": "affected",
"version": "12.5(1)_SU03_ES01"
},
{
"status": "affected",
"version": "12.5(1)_SU03_ES02"
},
{
"status": "affected",
"version": "12.5(1)_SU02_ES03"
},
{
"status": "affected",
"version": "12.5(1)_SU02_ES04"
},
{
"status": "affected",
"version": "12.5(1)_SU02_ES02"
},
{
"status": "affected",
"version": "12.5(1)_SU01_ES02"
},
{
"status": "affected",
"version": "12.5(1)_SU01_ES03"
},
{
"status": "affected",
"version": "12.5(1)_SU02_ES01"
},
{
"status": "affected",
"version": "11.6(2)ES07"
},
{
"status": "affected",
"version": "11.6(2)ES08"
},
{
"status": "affected",
"version": "12.5(1)_SU01_ES01"
},
{
"status": "affected",
"version": "12.0(1)ES04"
},
{
"status": "affected",
"version": "12.5(1)ES02"
},
{
"status": "affected",
"version": "12.5(1)ES03"
},
{
"status": "affected",
"version": "11.6(2)ES06"
},
{
"status": "affected",
"version": "12.5(1)ES01"
},
{
"status": "affected",
"version": "12.0(1)ES03"
},
{
"status": "affected",
"version": "12.0(1)ES01"
},
{
"status": "affected",
"version": "11.6(2)ES05"
},
{
"status": "affected",
"version": "12.0(1)ES02"
},
{
"status": "affected",
"version": "11.6(2)ES04"
},
{
"status": "affected",
"version": "11.6(2)ES03"
},
{
"status": "affected",
"version": "11.6(2)ES02"
},
{
"status": "affected",
"version": "11.6(2)ES01"
},
{
"status": "affected",
"version": "10.6(1)SU3ES03"
},
{
"status": "affected",
"version": "11.0(1)SU1ES03"
},
{
"status": "affected",
"version": "10.6(1)SU3ES01"
},
{
"status": "affected",
"version": "10.5(1)SU1ES10"
},
{
"status": "affected",
"version": "11.5(1)SU1ES03"
},
{
"status": "affected",
"version": "11.6(1)ES02"
},
{
"status": "affected",
"version": "11.5(1)ES01"
},
{
"status": "affected",
"version": "10.6(1)SU2"
},
{
"status": "affected",
"version": "10.6(1)SU2ES04"
},
{
"status": "affected",
"version": "11.6(1)ES01"
},
{
"status": "affected",
"version": "10.6(1)SU3ES02"
},
{
"status": "affected",
"version": "11.5(1)SU1ES02"
},
{
"status": "affected",
"version": "11.5(1)SU1ES01"
},
{
"status": "affected",
"version": "11.0(1)SU1ES02"
},
{
"status": "affected",
"version": "12.5(1)_SU03_ES03"
},
{
"status": "affected",
"version": "12.5(1)_SU03_ES04"
},
{
"status": "affected",
"version": "12.5(1)_SU03_ES05"
},
{
"status": "affected",
"version": "12.5(1)_SU03_ES06"
}
]
},
{
"defaultStatus": "unknown",
"product": "Cisco Unified Intelligence Center",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "11.6(1)"
},
{
"status": "affected",
"version": "10.5(1)"
},
{
"status": "affected",
"version": "11.0(1)"
},
{
"status": "affected",
"version": "11.5(1)"
},
{
"status": "affected",
"version": "12.0(1)"
},
{
"status": "affected",
"version": "12.5(1)"
},
{
"status": "affected",
"version": "11.0(2)"
},
{
"status": "affected",
"version": "12.6(1)"
},
{
"status": "affected",
"version": "12.5(1)SU"
},
{
"status": "affected",
"version": "12.6(1)_ET"
},
{
"status": "affected",
"version": "12.6(1)_ES05_ET"
},
{
"status": "affected",
"version": "11.0(3)"
},
{
"status": "affected",
"version": "12.6(2)"
},
{
"status": "affected",
"version": "12.6(2)_504_Issue_ET"
},
{
"status": "affected",
"version": "12.6.1_ExcelIssue_ET"
},
{
"status": "affected",
"version": "12.6(2)_Permalink_ET"
},
{
"status": "affected",
"version": "12.6.2_CSCwk19536_ET"
},
{
"status": "affected",
"version": "12.6.2_CSCwm96922_ET"
},
{
"status": "affected",
"version": "12.6.2_Amq_OOS_ET"
},
{
"status": "affected",
"version": "12.5(2)ET_CSCwi79933"
},
{
"status": "affected",
"version": "12.6(2)_ET"
},
{
"status": "affected",
"version": "12.6.2_CSCwn48501_ET"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based management interface of Cisco Unified Intelligence Center could allow an authenticated, remote attacker to upload arbitrary files to an affected device.\r\n\r\nThis vulnerability is due to improper validation of files that are uploaded to the web-based management interface. An attacker could exploit this vulnerability by uploading arbitrary files to an affected device. A successful exploit could allow the attacker to store malicious files on the system and execute arbitrary commands on the operating system. The Security Impact Rating (SIR) of this advisory has been raised to High because an attacker could elevate privileges to root. To exploit this vulnerability, the attacker must have valid credentials for a user account with at least the role of Report Designer."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-434",
"description": "Unrestricted Upload of File with Dangerous Type",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-16T16:16:28.874Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-cuis-file-upload-UhNEtStm",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cuis-file-upload-UhNEtStm"
}
],
"source": {
"advisory": "cisco-sa-cuis-file-upload-UhNEtStm",
"defects": [
"CSCwn18794"
],
"discovery": "INTERNAL"
},
"title": "Cisco Unified Intelligence Center Arbitrary File Upload Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2025-20274",
"datePublished": "2025-07-16T16:16:28.874Z",
"dateReserved": "2024-10-10T19:15:13.246Z",
"dateUpdated": "2026-02-26T17:50:31.824Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-20279 (GCVE-0-2025-20279)
Vulnerability from nvd ā Published: 2025-06-04 16:18 ā Updated: 2025-06-04 18:19
VLAI
Title
Cisco Unifed Contact Center Express Stored Cross-Site Scripting Vulnerability
Summary
A vulnerability in the web-based management interface of Cisco Unified CCX could allow an authenticated, remote attacker to conduct a stored XSS attack on an affected system. To exploit this vulnerability, the attacker must have valid administrative credentials.
This vulnerability is due to improper sanitization of user input to the web-based management interface. An attacker could exploit this vulnerability by submitting a malicious script through the interface. A successful exploit could allow the attacker to conduct a stored XSS attack on the affected system.
Severity
4.8 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Cisco | Cisco Unified Contact Center Express |
Affected:
10.6(1)
Affected: 10.5(1)SU1 Affected: 10.6(1)SU3 Affected: 12.0(1) Affected: 10.0(1)SU1 Affected: 10.6(1)SU1 Affected: 11.0(1)SU1 Affected: 11.5(1)SU1 Affected: 10.5(1) Affected: 11.6(1) Affected: 11.6(2) Affected: 12.5(1) Affected: 12.5(1)SU1 Affected: 12.5(1)SU2 Affected: 12.5(1)SU3 Affected: 12.5(1)_SU03_ES01 Affected: 12.5(1)_SU03_ES02 Affected: 12.5(1)_SU02_ES03 Affected: 12.5(1)_SU02_ES04 Affected: 12.5(1)_SU02_ES02 Affected: 12.5(1)_SU01_ES02 Affected: 12.5(1)_SU01_ES03 Affected: 12.5(1)_SU02_ES01 Affected: 11.6(2)ES07 Affected: 11.6(2)ES08 Affected: 12.5(1)_SU01_ES01 Affected: 12.0(1)ES04 Affected: 12.5(1)ES02 Affected: 12.5(1)ES03 Affected: 11.6(2)ES06 Affected: 12.5(1)ES01 Affected: 12.0(1)ES03 Affected: 12.0(1)ES01 Affected: 11.6(2)ES05 Affected: 12.0(1)ES02 Affected: 11.6(2)ES04 Affected: 11.6(2)ES03 Affected: 11.6(2)ES02 Affected: 11.6(2)ES01 Affected: 10.6(1)SU3ES03 Affected: 11.0(1)SU1ES03 Affected: 10.6(1)SU3ES01 Affected: 10.5(1)SU1ES10 Affected: 10.0(1)SU1ES04 Affected: 11.5(1)SU1ES03 Affected: 11.6(1)ES02 Affected: 11.5(1)ES01 Affected: 9.0(2)SU3ES04 Affected: 10.6(1)SU2 Affected: 10.6(1)SU2ES04 Affected: 11.6(1)ES01 Affected: 10.6(1)SU3ES02 Affected: 11.5(1)SU1ES02 Affected: 11.5(1)SU1ES01 Affected: 8.5(1) Affected: 11.0(1)SU1ES02 Affected: 12.5(1)_SU03_ES03 Affected: 12.5(1)_SU03_ES04 Affected: 12.5(1)_SU03_ES05 Affected: 12.5(1)_SU03_ES06 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-20279",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-06-04T18:12:43.136839Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-06-04T18:19:30.697Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Cisco Unified Contact Center Express",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "10.6(1)"
},
{
"status": "affected",
"version": "10.5(1)SU1"
},
{
"status": "affected",
"version": "10.6(1)SU3"
},
{
"status": "affected",
"version": "12.0(1)"
},
{
"status": "affected",
"version": "10.0(1)SU1"
},
{
"status": "affected",
"version": "10.6(1)SU1"
},
{
"status": "affected",
"version": "11.0(1)SU1"
},
{
"status": "affected",
"version": "11.5(1)SU1"
},
{
"status": "affected",
"version": "10.5(1)"
},
{
"status": "affected",
"version": "11.6(1)"
},
{
"status": "affected",
"version": "11.6(2)"
},
{
"status": "affected",
"version": "12.5(1)"
},
{
"status": "affected",
"version": "12.5(1)SU1"
},
{
"status": "affected",
"version": "12.5(1)SU2"
},
{
"status": "affected",
"version": "12.5(1)SU3"
},
{
"status": "affected",
"version": "12.5(1)_SU03_ES01"
},
{
"status": "affected",
"version": "12.5(1)_SU03_ES02"
},
{
"status": "affected",
"version": "12.5(1)_SU02_ES03"
},
{
"status": "affected",
"version": "12.5(1)_SU02_ES04"
},
{
"status": "affected",
"version": "12.5(1)_SU02_ES02"
},
{
"status": "affected",
"version": "12.5(1)_SU01_ES02"
},
{
"status": "affected",
"version": "12.5(1)_SU01_ES03"
},
{
"status": "affected",
"version": "12.5(1)_SU02_ES01"
},
{
"status": "affected",
"version": "11.6(2)ES07"
},
{
"status": "affected",
"version": "11.6(2)ES08"
},
{
"status": "affected",
"version": "12.5(1)_SU01_ES01"
},
{
"status": "affected",
"version": "12.0(1)ES04"
},
{
"status": "affected",
"version": "12.5(1)ES02"
},
{
"status": "affected",
"version": "12.5(1)ES03"
},
{
"status": "affected",
"version": "11.6(2)ES06"
},
{
"status": "affected",
"version": "12.5(1)ES01"
},
{
"status": "affected",
"version": "12.0(1)ES03"
},
{
"status": "affected",
"version": "12.0(1)ES01"
},
{
"status": "affected",
"version": "11.6(2)ES05"
},
{
"status": "affected",
"version": "12.0(1)ES02"
},
{
"status": "affected",
"version": "11.6(2)ES04"
},
{
"status": "affected",
"version": "11.6(2)ES03"
},
{
"status": "affected",
"version": "11.6(2)ES02"
},
{
"status": "affected",
"version": "11.6(2)ES01"
},
{
"status": "affected",
"version": "10.6(1)SU3ES03"
},
{
"status": "affected",
"version": "11.0(1)SU1ES03"
},
{
"status": "affected",
"version": "10.6(1)SU3ES01"
},
{
"status": "affected",
"version": "10.5(1)SU1ES10"
},
{
"status": "affected",
"version": "10.0(1)SU1ES04"
},
{
"status": "affected",
"version": "11.5(1)SU1ES03"
},
{
"status": "affected",
"version": "11.6(1)ES02"
},
{
"status": "affected",
"version": "11.5(1)ES01"
},
{
"status": "affected",
"version": "9.0(2)SU3ES04"
},
{
"status": "affected",
"version": "10.6(1)SU2"
},
{
"status": "affected",
"version": "10.6(1)SU2ES04"
},
{
"status": "affected",
"version": "11.6(1)ES01"
},
{
"status": "affected",
"version": "10.6(1)SU3ES02"
},
{
"status": "affected",
"version": "11.5(1)SU1ES02"
},
{
"status": "affected",
"version": "11.5(1)SU1ES01"
},
{
"status": "affected",
"version": "8.5(1)"
},
{
"status": "affected",
"version": "11.0(1)SU1ES02"
},
{
"status": "affected",
"version": "12.5(1)_SU03_ES03"
},
{
"status": "affected",
"version": "12.5(1)_SU03_ES04"
},
{
"status": "affected",
"version": "12.5(1)_SU03_ES05"
},
{
"status": "affected",
"version": "12.5(1)_SU03_ES06"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based management interface of Cisco Unified CCX could allow an authenticated, remote attacker to conduct a stored XSS attack on an affected system. To exploit this vulnerability, the attacker must have valid administrative credentials.\r\n\r\nThis vulnerability is due to improper sanitization of user input to the web-based management interface. An attacker could exploit this vulnerability by submitting a malicious script through the interface. A successful exploit could allow the attacker to conduct a stored XSS attack on the affected system."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-06-04T16:18:20.643Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-uccx-multi-UhOTvPGL",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-uccx-multi-UhOTvPGL"
}
],
"source": {
"advisory": "cisco-sa-uccx-multi-UhOTvPGL",
"defects": [
"CSCwk24130"
],
"discovery": "EXTERNAL"
},
"title": "Cisco Unifed Contact Center Express Stored Cross-Site Scripting Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2025-20279",
"datePublished": "2025-06-04T16:18:20.643Z",
"dateReserved": "2024-10-10T19:15:13.246Z",
"dateUpdated": "2025-06-04T18:19:30.697Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-20278 (GCVE-0-2025-20278)
Vulnerability from nvd ā Published: 2025-06-04 16:18 ā Updated: 2026-02-26 17:51
VLAI
Title
Cisco Unified Communications Products Command Injection Vulnerability
Summary
A vulnerability in the CLI of multiple Cisco Unified Communications products could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system of an affected device as the root user.
This vulnerability is due to improper validation of user-supplied command arguments. An attacker could exploit this vulnerability by executing crafted commands on the CLI of an affected device. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system of an affected device as the root user. To exploit this vulnerability, the attacker must have valid administrative credentials.
Severity
6 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-77 - Improper Neutralization of Special Elements used in a Command ('Command Injection')
Assigner
References
1 reference
Impacted products
8 products
| Vendor | Product | Version | |
|---|---|---|---|
| Cisco | Cisco Finesse |
Affected:
11.0(1)ES_Rollback
Affected: 10.5(1)ES4 Affected: 11.6(1)ES3 Affected: 11.0(1)ES2 Affected: 12.0(1)ES2 Affected: 10.5(1)ES3 Affected: 11.0(1) Affected: 11.6(1)FIPS Affected: 11.6(1)ES4 Affected: 11.0(1)ES3 Affected: 10.5(1)ES6 Affected: 11.0(1)ES7 Affected: 11.5(1)ES4 Affected: 10.5(1)ES8 Affected: 11.5(1) Affected: 11.6(1) Affected: 10.5(1)ES10 Affected: 11.6(1)ES2 Affected: 11.6(1)ES Affected: 11.0(1)ES6 Affected: 11.0(1)ES4 Affected: 12.0(1) Affected: 11.6(1)ES7 Affected: 10.5(1)ES7 Affected: 11.6(1)ES8 Affected: 11.5(1)ES1 Affected: 11.6(1)ES1 Affected: 11.5(1)ES5 Affected: 11.0(1)ES1 Affected: 10.5(1) Affected: 11.6(1)ES6 Affected: 10.5(1)ES2 Affected: 12.0(1)ES1 Affected: 11.0(1)ES5 Affected: 10.5(1)ES5 Affected: 11.5(1)ES3 Affected: 11.5(1)ES2 Affected: 10.5(1)ES9 Affected: 11.6(1)ES5 Affected: 11.6(1)ES9 Affected: 11.5(1)ES6 Affected: 10.5(1)ES1 Affected: 12.5(1) Affected: 12.0(1)ES3 Affected: 11.6(1)ES10 Affected: 12.5(1)ES1 Affected: 12.5(1)ES2 Affected: 12.0(1)ES4 Affected: 12.5(1)ES3 Affected: 12.0(1)ES5 Affected: 12.5(1)ES4 Affected: 12.0(1)ES6 Affected: 12.5(1)ES5 Affected: 12.5(1)ES6 Affected: 12.0(1)ES7 Affected: 12.6(1) Affected: 12.5(1)ES7 Affected: 11.6(1)ES11 Affected: 12.6(1)ES1 Affected: 12.0(1)ES8 Affected: 12.5(1)ES8 Affected: 12.6(1)ES2 Affected: 12.6(1)ES3 Affected: 12.6(1)ES4 Affected: 12.6(1)ES5 Affected: 12.5(2) Affected: 12.5(1)_SU Affected: 12.5(1)SU Affected: 12.6(1)ES6 Affected: 12.5(1)SU ES1 Affected: 12.6(1)ES7 Affected: 12.6(1)ES7_ET Affected: 12.6(2) Affected: 12.6(1)ES8 Affected: 12.6(1)ES9 Affected: 12.6(2)ES1 Affected: 12.6(1)ES10 Affected: 12.5(1)SU ES2 Affected: 12.6(1)ES11 Affected: 12.6(2)ES2 Affected: 12.6(2)ES3 Affected: 12.5(1)SU ES3 Affected: 12.6(2)ES4 Affected: 12.6(2)ES5 |
|
| Cisco | Cisco SocialMiner |
Affected:
12.5(1)ES01
Affected: 10.5(1) Affected: 11.6(1) Affected: 10.6(1) Affected: 12.0(1)ES04 Affected: 10.6(2) Affected: 12.5(1) Affected: 11.6(2) Affected: 12.0(1) Affected: 12.0(1)ES02 Affected: 11.0(1) Affected: 11.5(1) Affected: 11.5(1)SU1 Affected: 12.0(1)ES03 Affected: 12.5(1)SU3 Affected: 12.5(1)SU1 Affected: 12.5(1)SU2 |
|
| Cisco | Cisco Unified Communications Manager |
Affected:
12.5(1)SU2
Affected: 12.5(1)SU1 Affected: 12.5(1) Affected: 12.5(1)SU3 Affected: 12.5(1)SU4 Affected: 14 Affected: 12.5(1)SU5 Affected: 14SU1 Affected: 12.5(1)SU6 Affected: 14SU2 Affected: 12.5(1)SU7 Affected: 12.5(1)SU7a Affected: 14SU3 Affected: 12.5(1)SU8 Affected: 12.5(1)SU8a Affected: 15 Affected: 15SU1 Affected: 14SU4 Affected: 14SU4a Affected: 15SU1a Affected: 12.5(1)SU9 |
|
| Cisco | Cisco Unified Communications Manager IM and Presence Service |
Affected:
12.5(1)
Affected: 12.5(1)SU1 Affected: 12.5(1)SU2 Affected: 12.5(1)SU3 Affected: 12.5(1)SU4 Affected: 14 Affected: 12.5(1)SU5 Affected: 14SU1 Affected: 12.5(1)SU6 Affected: 14SU2 Affected: 14SU2a Affected: 12.5(1)SU7 Affected: 14SU3 Affected: 12.5(1)SU8 Affected: 15 Affected: Recovery ISO Affected: 15SU1 Affected: 14SU4 Affected: 12.5(1)SU9 |
|
| Cisco | Cisco Unified Contact Center Express |
Affected:
10.6(1)
Affected: 10.5(1)SU1 Affected: 10.6(1)SU3 Affected: 12.0(1) Affected: 10.0(1)SU1 Affected: 10.6(1)SU1 Affected: 11.0(1)SU1 Affected: 11.5(1)SU1 Affected: 10.5(1) Affected: 11.6(1) Affected: 11.6(2) Affected: 12.5(1) Affected: 12.5(1)SU1 Affected: 12.5(1)SU2 Affected: 12.5(1)SU3 Affected: 12.5(1)_SU03_ES01 Affected: 12.5(1)_SU03_ES02 Affected: 12.5(1)_SU02_ES03 Affected: 12.5(1)_SU02_ES04 Affected: 12.5(1)_SU02_ES02 Affected: 12.5(1)_SU01_ES02 Affected: 12.5(1)_SU01_ES03 Affected: 12.5(1)_SU02_ES01 Affected: 11.6(2)ES07 Affected: 11.6(2)ES08 Affected: 12.5(1)_SU01_ES01 Affected: 12.0(1)ES04 Affected: 12.5(1)ES02 Affected: 12.5(1)ES03 Affected: 11.6(2)ES06 Affected: 12.5(1)ES01 Affected: 12.0(1)ES03 Affected: 12.0(1)ES01 Affected: 11.6(2)ES05 Affected: 12.0(1)ES02 Affected: 11.6(2)ES04 Affected: 11.6(2)ES03 Affected: 11.6(2)ES02 Affected: 11.6(2)ES01 Affected: 10.6(1)SU3ES03 Affected: 11.0(1)SU1ES03 Affected: 10.6(1)SU3ES01 Affected: 10.5(1)SU1ES10 Affected: 10.0(1)SU1ES04 Affected: 11.5(1)SU1ES03 Affected: 11.6(1)ES02 Affected: 11.5(1)ES01 Affected: 9.0(2)SU3ES04 Affected: 10.6(1)SU2 Affected: 10.6(1)SU2ES04 Affected: 11.6(1)ES01 Affected: 10.6(1)SU3ES02 Affected: 11.5(1)SU1ES02 Affected: 11.5(1)SU1ES01 Affected: 8.5(1) Affected: 11.0(1)SU1ES02 Affected: 12.5(1)_SU03_ES03 Affected: 12.5(1)_SU03_ES04 Affected: 12.5(1)_SU03_ES05 Affected: 12.5(1)_SU03_ES06 |
|
| Cisco | Cisco Unified Intelligence Center |
Affected:
11.6(1)
Affected: 10.5(1) Affected: 11.0(1) Affected: 11.5(1) Affected: 12.0(1) Affected: 12.5(1) Affected: 11.0(2) Affected: 12.6(1) Affected: 12.5(1)SU Affected: 12.6(1)_ET Affected: 12.6(1)_ES05_ET Affected: 11.0(3) Affected: 12.6(2) Affected: 12.6(2)_504_Issue_ET Affected: 12.6.1_ExcelIssue_ET Affected: 12.6(2)_Permalink_ET Affected: 12.6.2_CSCwk19536_ET Affected: 12.6.2_CSCwm96922_ET Affected: 12.6.2_Amq_OOS_ET Affected: 12.5(2)ET_CSCwi79933 Affected: 12.6(2)_ET Affected: 12.6.2_CSCwn48501_ET |
|
| Cisco | Cisco Unity Connection |
Affected:
12.5(1)
Affected: 12.5(1)SU1 Affected: 12.5(1)SU2 Affected: 12.5(1)SU3 Affected: 12.5(1)SU4 Affected: 14 Affected: 12.5(1)SU5 Affected: 14SU1 Affected: 12.5(1)SU6 Affected: 14SU2 Affected: 12.5(1)SU7 Affected: 14SU3 Affected: 12.5(1)SU8 Affected: 14SU3a Affected: 12.5(1)SU8a Affected: 15 Affected: 15SU1 Affected: 14SU4 Affected: 12.5(1)SU9 |
|
| Cisco | Cisco Virtualized Voice Browser |
Affected:
11.0(1)
Affected: 11.6(1)_ES84 Affected: 11.5(1)_ES54 Affected: 11.5(1)_ES27 Affected: 11.5(1) Affected: 11.5(1)ES36 Affected: 12.0(1)_ES01 Affected: 11.6(1)_ES85 Affected: 12.5(1)_ES05 Affected: 11.5(1)_ES32 Affected: 11.6(1)_ES83 Affected: 11.5(1)_ES29 Affected: 12.0(1)_ES06 Affected: 12.5(1) Affected: 12.0(1)_ES07 Affected: 11.6(1)_ES80 Affected: 12.0(1)_ES05 Affected: 11.5(1)_ES36 Affected: 11.5(1)_ES53 Affected: 12.5(1)_ES08 Affected: 11.5(1)ES43 Affected: 12.0(1)_ES03 Affected: 11.6(1)_ES86 Affected: 12.0(1)_ES04 Affected: 11.5(1)ES27 Affected: 12.5(1)_ES03 Affected: 11.6(1)_ES88 Affected: 12.5(1)_ES06 Affected: 11.6(1)_ES82 Affected: 11.6(1) Affected: 11.5(1)ES29 Affected: 12.5(1)_ES04 Affected: 12.5(1)_ES07 Affected: 11.6(1)_ES87 Affected: 11.6(1)_ES81 Affected: 12.0(1) Affected: 11.6(1)_ES22 Affected: 11.5(1)_ES43 Affected: 11.5(1)ES32 Affected: 12.0(1)_ES02 Affected: 12.5(1)_ES02 Affected: 12.6(1) Affected: 12.5(1)_ES09 Affected: 12.6(1)_ES01 Affected: 12.0(1)_ES08 Affected: 12.5(1)_ES10 Affected: 12.6(1)_ES02 Affected: 12.5(1)_ES11 Affected: 12.5(1)_ES12 Affected: 12.6(1)_ES03 Affected: 12.5(1)_ES13 Affected: 12.5(1)_ES14 Affected: 12.6(1)_ES04 Affected: 12.6(1)_ES05 Affected: 12.5(1)_ES15 Affected: 12.6(1)_ES06 Affected: 12.6(1)_ET Affected: 12.5(1)_ES16 Affected: 12.5(1)SU Affected: 12.5(1)_SU Affected: 12.5(1)_SU_ES01 Affected: 12.6(1)_ES07 Affected: 12.6(2) Affected: 12.5(1)_ES17 Affected: 12.6(1)_ES08 Affected: 12.6(1)_ES09 Affected: 12.6(1)_ES10 Affected: 12.5(1)_SU_ES02 Affected: 12.6(2)_ES01 Affected: 12.6(2)_ET01 Affected: 12.5(2)_ET Affected: 12.6(2)_ES02 Affected: 12.6(2)_ET_Streaming Affected: 12.6(2)ET_Transcribe Affected: 12.6(2)_ES03 Affected: 12.6(2)ET_NuanceMix Affected: 12.6(2)ET_FileUpload Affected: 12.6(2)_ET02 Affected: 12.6(2)_ES04 Affected: 12.6.2ET_RTPfallback Affected: 12.6.2ET_CSCwf55306 Affected: 12.6.2_ET_CSCwj36712 Affected: 12.5.2 ET-CSCwj33374 Affected: 12.5(1) SU ET Affected: 12.6(2)ET_CSCwj87296 Affected: 12.6(2)_ES05 Affected: 12.5.2_ET_CSCvz27014 Affected: 12.6(2)_ET Affected: 12.6.2-ET Affected: 12.6(2)ET_CSCwk83135 Affected: 12.6.2_ET_CX_ALAW Affected: 12.6.2-ET01-SSL Affected: 12.6(2)_ES06 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-20278",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-06-06T03:55:33.465322Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-26T17:51:08.371Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Cisco Finesse",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "11.0(1)ES_Rollback"
},
{
"status": "affected",
"version": "10.5(1)ES4"
},
{
"status": "affected",
"version": "11.6(1)ES3"
},
{
"status": "affected",
"version": "11.0(1)ES2"
},
{
"status": "affected",
"version": "12.0(1)ES2"
},
{
"status": "affected",
"version": "10.5(1)ES3"
},
{
"status": "affected",
"version": "11.0(1)"
},
{
"status": "affected",
"version": "11.6(1)FIPS"
},
{
"status": "affected",
"version": "11.6(1)ES4"
},
{
"status": "affected",
"version": "11.0(1)ES3"
},
{
"status": "affected",
"version": "10.5(1)ES6"
},
{
"status": "affected",
"version": "11.0(1)ES7"
},
{
"status": "affected",
"version": "11.5(1)ES4"
},
{
"status": "affected",
"version": "10.5(1)ES8"
},
{
"status": "affected",
"version": "11.5(1)"
},
{
"status": "affected",
"version": "11.6(1)"
},
{
"status": "affected",
"version": "10.5(1)ES10"
},
{
"status": "affected",
"version": "11.6(1)ES2"
},
{
"status": "affected",
"version": "11.6(1)ES"
},
{
"status": "affected",
"version": "11.0(1)ES6"
},
{
"status": "affected",
"version": "11.0(1)ES4"
},
{
"status": "affected",
"version": "12.0(1)"
},
{
"status": "affected",
"version": "11.6(1)ES7"
},
{
"status": "affected",
"version": "10.5(1)ES7"
},
{
"status": "affected",
"version": "11.6(1)ES8"
},
{
"status": "affected",
"version": "11.5(1)ES1"
},
{
"status": "affected",
"version": "11.6(1)ES1"
},
{
"status": "affected",
"version": "11.5(1)ES5"
},
{
"status": "affected",
"version": "11.0(1)ES1"
},
{
"status": "affected",
"version": "10.5(1)"
},
{
"status": "affected",
"version": "11.6(1)ES6"
},
{
"status": "affected",
"version": "10.5(1)ES2"
},
{
"status": "affected",
"version": "12.0(1)ES1"
},
{
"status": "affected",
"version": "11.0(1)ES5"
},
{
"status": "affected",
"version": "10.5(1)ES5"
},
{
"status": "affected",
"version": "11.5(1)ES3"
},
{
"status": "affected",
"version": "11.5(1)ES2"
},
{
"status": "affected",
"version": "10.5(1)ES9"
},
{
"status": "affected",
"version": "11.6(1)ES5"
},
{
"status": "affected",
"version": "11.6(1)ES9"
},
{
"status": "affected",
"version": "11.5(1)ES6"
},
{
"status": "affected",
"version": "10.5(1)ES1"
},
{
"status": "affected",
"version": "12.5(1)"
},
{
"status": "affected",
"version": "12.0(1)ES3"
},
{
"status": "affected",
"version": "11.6(1)ES10"
},
{
"status": "affected",
"version": "12.5(1)ES1"
},
{
"status": "affected",
"version": "12.5(1)ES2"
},
{
"status": "affected",
"version": "12.0(1)ES4"
},
{
"status": "affected",
"version": "12.5(1)ES3"
},
{
"status": "affected",
"version": "12.0(1)ES5"
},
{
"status": "affected",
"version": "12.5(1)ES4"
},
{
"status": "affected",
"version": "12.0(1)ES6"
},
{
"status": "affected",
"version": "12.5(1)ES5"
},
{
"status": "affected",
"version": "12.5(1)ES6"
},
{
"status": "affected",
"version": "12.0(1)ES7"
},
{
"status": "affected",
"version": "12.6(1)"
},
{
"status": "affected",
"version": "12.5(1)ES7"
},
{
"status": "affected",
"version": "11.6(1)ES11"
},
{
"status": "affected",
"version": "12.6(1)ES1"
},
{
"status": "affected",
"version": "12.0(1)ES8"
},
{
"status": "affected",
"version": "12.5(1)ES8"
},
{
"status": "affected",
"version": "12.6(1)ES2"
},
{
"status": "affected",
"version": "12.6(1)ES3"
},
{
"status": "affected",
"version": "12.6(1)ES4"
},
{
"status": "affected",
"version": "12.6(1)ES5"
},
{
"status": "affected",
"version": "12.5(2)"
},
{
"status": "affected",
"version": "12.5(1)_SU"
},
{
"status": "affected",
"version": "12.5(1)SU"
},
{
"status": "affected",
"version": "12.6(1)ES6"
},
{
"status": "affected",
"version": "12.5(1)SU ES1"
},
{
"status": "affected",
"version": "12.6(1)ES7"
},
{
"status": "affected",
"version": "12.6(1)ES7_ET"
},
{
"status": "affected",
"version": "12.6(2)"
},
{
"status": "affected",
"version": "12.6(1)ES8"
},
{
"status": "affected",
"version": "12.6(1)ES9"
},
{
"status": "affected",
"version": "12.6(2)ES1"
},
{
"status": "affected",
"version": "12.6(1)ES10"
},
{
"status": "affected",
"version": "12.5(1)SU ES2"
},
{
"status": "affected",
"version": "12.6(1)ES11"
},
{
"status": "affected",
"version": "12.6(2)ES2"
},
{
"status": "affected",
"version": "12.6(2)ES3"
},
{
"status": "affected",
"version": "12.5(1)SU ES3"
},
{
"status": "affected",
"version": "12.6(2)ES4"
},
{
"status": "affected",
"version": "12.6(2)ES5"
}
]
},
{
"defaultStatus": "unknown",
"product": "Cisco SocialMiner",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "12.5(1)ES01"
},
{
"status": "affected",
"version": "10.5(1)"
},
{
"status": "affected",
"version": "11.6(1)"
},
{
"status": "affected",
"version": "10.6(1)"
},
{
"status": "affected",
"version": "12.0(1)ES04"
},
{
"status": "affected",
"version": "10.6(2)"
},
{
"status": "affected",
"version": "12.5(1)"
},
{
"status": "affected",
"version": "11.6(2)"
},
{
"status": "affected",
"version": "12.0(1)"
},
{
"status": "affected",
"version": "12.0(1)ES02"
},
{
"status": "affected",
"version": "11.0(1)"
},
{
"status": "affected",
"version": "11.5(1)"
},
{
"status": "affected",
"version": "11.5(1)SU1"
},
{
"status": "affected",
"version": "12.0(1)ES03"
},
{
"status": "affected",
"version": "12.5(1)SU3"
},
{
"status": "affected",
"version": "12.5(1)SU1"
},
{
"status": "affected",
"version": "12.5(1)SU2"
}
]
},
{
"defaultStatus": "unknown",
"product": "Cisco Unified Communications Manager",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "12.5(1)SU2"
},
{
"status": "affected",
"version": "12.5(1)SU1"
},
{
"status": "affected",
"version": "12.5(1)"
},
{
"status": "affected",
"version": "12.5(1)SU3"
},
{
"status": "affected",
"version": "12.5(1)SU4"
},
{
"status": "affected",
"version": "14"
},
{
"status": "affected",
"version": "12.5(1)SU5"
},
{
"status": "affected",
"version": "14SU1"
},
{
"status": "affected",
"version": "12.5(1)SU6"
},
{
"status": "affected",
"version": "14SU2"
},
{
"status": "affected",
"version": "12.5(1)SU7"
},
{
"status": "affected",
"version": "12.5(1)SU7a"
},
{
"status": "affected",
"version": "14SU3"
},
{
"status": "affected",
"version": "12.5(1)SU8"
},
{
"status": "affected",
"version": "12.5(1)SU8a"
},
{
"status": "affected",
"version": "15"
},
{
"status": "affected",
"version": "15SU1"
},
{
"status": "affected",
"version": "14SU4"
},
{
"status": "affected",
"version": "14SU4a"
},
{
"status": "affected",
"version": "15SU1a"
},
{
"status": "affected",
"version": "12.5(1)SU9"
}
]
},
{
"defaultStatus": "unknown",
"product": "Cisco Unified Communications Manager IM and Presence Service",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "12.5(1)"
},
{
"status": "affected",
"version": "12.5(1)SU1"
},
{
"status": "affected",
"version": "12.5(1)SU2"
},
{
"status": "affected",
"version": "12.5(1)SU3"
},
{
"status": "affected",
"version": "12.5(1)SU4"
},
{
"status": "affected",
"version": "14"
},
{
"status": "affected",
"version": "12.5(1)SU5"
},
{
"status": "affected",
"version": "14SU1"
},
{
"status": "affected",
"version": "12.5(1)SU6"
},
{
"status": "affected",
"version": "14SU2"
},
{
"status": "affected",
"version": "14SU2a"
},
{
"status": "affected",
"version": "12.5(1)SU7"
},
{
"status": "affected",
"version": "14SU3"
},
{
"status": "affected",
"version": "12.5(1)SU8"
},
{
"status": "affected",
"version": "15"
},
{
"status": "affected",
"version": "Recovery ISO"
},
{
"status": "affected",
"version": "15SU1"
},
{
"status": "affected",
"version": "14SU4"
},
{
"status": "affected",
"version": "12.5(1)SU9"
}
]
},
{
"defaultStatus": "unknown",
"product": "Cisco Unified Contact Center Express",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "10.6(1)"
},
{
"status": "affected",
"version": "10.5(1)SU1"
},
{
"status": "affected",
"version": "10.6(1)SU3"
},
{
"status": "affected",
"version": "12.0(1)"
},
{
"status": "affected",
"version": "10.0(1)SU1"
},
{
"status": "affected",
"version": "10.6(1)SU1"
},
{
"status": "affected",
"version": "11.0(1)SU1"
},
{
"status": "affected",
"version": "11.5(1)SU1"
},
{
"status": "affected",
"version": "10.5(1)"
},
{
"status": "affected",
"version": "11.6(1)"
},
{
"status": "affected",
"version": "11.6(2)"
},
{
"status": "affected",
"version": "12.5(1)"
},
{
"status": "affected",
"version": "12.5(1)SU1"
},
{
"status": "affected",
"version": "12.5(1)SU2"
},
{
"status": "affected",
"version": "12.5(1)SU3"
},
{
"status": "affected",
"version": "12.5(1)_SU03_ES01"
},
{
"status": "affected",
"version": "12.5(1)_SU03_ES02"
},
{
"status": "affected",
"version": "12.5(1)_SU02_ES03"
},
{
"status": "affected",
"version": "12.5(1)_SU02_ES04"
},
{
"status": "affected",
"version": "12.5(1)_SU02_ES02"
},
{
"status": "affected",
"version": "12.5(1)_SU01_ES02"
},
{
"status": "affected",
"version": "12.5(1)_SU01_ES03"
},
{
"status": "affected",
"version": "12.5(1)_SU02_ES01"
},
{
"status": "affected",
"version": "11.6(2)ES07"
},
{
"status": "affected",
"version": "11.6(2)ES08"
},
{
"status": "affected",
"version": "12.5(1)_SU01_ES01"
},
{
"status": "affected",
"version": "12.0(1)ES04"
},
{
"status": "affected",
"version": "12.5(1)ES02"
},
{
"status": "affected",
"version": "12.5(1)ES03"
},
{
"status": "affected",
"version": "11.6(2)ES06"
},
{
"status": "affected",
"version": "12.5(1)ES01"
},
{
"status": "affected",
"version": "12.0(1)ES03"
},
{
"status": "affected",
"version": "12.0(1)ES01"
},
{
"status": "affected",
"version": "11.6(2)ES05"
},
{
"status": "affected",
"version": "12.0(1)ES02"
},
{
"status": "affected",
"version": "11.6(2)ES04"
},
{
"status": "affected",
"version": "11.6(2)ES03"
},
{
"status": "affected",
"version": "11.6(2)ES02"
},
{
"status": "affected",
"version": "11.6(2)ES01"
},
{
"status": "affected",
"version": "10.6(1)SU3ES03"
},
{
"status": "affected",
"version": "11.0(1)SU1ES03"
},
{
"status": "affected",
"version": "10.6(1)SU3ES01"
},
{
"status": "affected",
"version": "10.5(1)SU1ES10"
},
{
"status": "affected",
"version": "10.0(1)SU1ES04"
},
{
"status": "affected",
"version": "11.5(1)SU1ES03"
},
{
"status": "affected",
"version": "11.6(1)ES02"
},
{
"status": "affected",
"version": "11.5(1)ES01"
},
{
"status": "affected",
"version": "9.0(2)SU3ES04"
},
{
"status": "affected",
"version": "10.6(1)SU2"
},
{
"status": "affected",
"version": "10.6(1)SU2ES04"
},
{
"status": "affected",
"version": "11.6(1)ES01"
},
{
"status": "affected",
"version": "10.6(1)SU3ES02"
},
{
"status": "affected",
"version": "11.5(1)SU1ES02"
},
{
"status": "affected",
"version": "11.5(1)SU1ES01"
},
{
"status": "affected",
"version": "8.5(1)"
},
{
"status": "affected",
"version": "11.0(1)SU1ES02"
},
{
"status": "affected",
"version": "12.5(1)_SU03_ES03"
},
{
"status": "affected",
"version": "12.5(1)_SU03_ES04"
},
{
"status": "affected",
"version": "12.5(1)_SU03_ES05"
},
{
"status": "affected",
"version": "12.5(1)_SU03_ES06"
}
]
},
{
"defaultStatus": "unknown",
"product": "Cisco Unified Intelligence Center",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "11.6(1)"
},
{
"status": "affected",
"version": "10.5(1)"
},
{
"status": "affected",
"version": "11.0(1)"
},
{
"status": "affected",
"version": "11.5(1)"
},
{
"status": "affected",
"version": "12.0(1)"
},
{
"status": "affected",
"version": "12.5(1)"
},
{
"status": "affected",
"version": "11.0(2)"
},
{
"status": "affected",
"version": "12.6(1)"
},
{
"status": "affected",
"version": "12.5(1)SU"
},
{
"status": "affected",
"version": "12.6(1)_ET"
},
{
"status": "affected",
"version": "12.6(1)_ES05_ET"
},
{
"status": "affected",
"version": "11.0(3)"
},
{
"status": "affected",
"version": "12.6(2)"
},
{
"status": "affected",
"version": "12.6(2)_504_Issue_ET"
},
{
"status": "affected",
"version": "12.6.1_ExcelIssue_ET"
},
{
"status": "affected",
"version": "12.6(2)_Permalink_ET"
},
{
"status": "affected",
"version": "12.6.2_CSCwk19536_ET"
},
{
"status": "affected",
"version": "12.6.2_CSCwm96922_ET"
},
{
"status": "affected",
"version": "12.6.2_Amq_OOS_ET"
},
{
"status": "affected",
"version": "12.5(2)ET_CSCwi79933"
},
{
"status": "affected",
"version": "12.6(2)_ET"
},
{
"status": "affected",
"version": "12.6.2_CSCwn48501_ET"
}
]
},
{
"defaultStatus": "unknown",
"product": "Cisco Unity Connection",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "12.5(1)"
},
{
"status": "affected",
"version": "12.5(1)SU1"
},
{
"status": "affected",
"version": "12.5(1)SU2"
},
{
"status": "affected",
"version": "12.5(1)SU3"
},
{
"status": "affected",
"version": "12.5(1)SU4"
},
{
"status": "affected",
"version": "14"
},
{
"status": "affected",
"version": "12.5(1)SU5"
},
{
"status": "affected",
"version": "14SU1"
},
{
"status": "affected",
"version": "12.5(1)SU6"
},
{
"status": "affected",
"version": "14SU2"
},
{
"status": "affected",
"version": "12.5(1)SU7"
},
{
"status": "affected",
"version": "14SU3"
},
{
"status": "affected",
"version": "12.5(1)SU8"
},
{
"status": "affected",
"version": "14SU3a"
},
{
"status": "affected",
"version": "12.5(1)SU8a"
},
{
"status": "affected",
"version": "15"
},
{
"status": "affected",
"version": "15SU1"
},
{
"status": "affected",
"version": "14SU4"
},
{
"status": "affected",
"version": "12.5(1)SU9"
}
]
},
{
"defaultStatus": "unknown",
"product": "Cisco Virtualized Voice Browser",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "11.0(1)"
},
{
"status": "affected",
"version": "11.6(1)_ES84"
},
{
"status": "affected",
"version": "11.5(1)_ES54"
},
{
"status": "affected",
"version": "11.5(1)_ES27"
},
{
"status": "affected",
"version": "11.5(1)"
},
{
"status": "affected",
"version": "11.5(1)ES36"
},
{
"status": "affected",
"version": "12.0(1)_ES01"
},
{
"status": "affected",
"version": "11.6(1)_ES85"
},
{
"status": "affected",
"version": "12.5(1)_ES05"
},
{
"status": "affected",
"version": "11.5(1)_ES32"
},
{
"status": "affected",
"version": "11.6(1)_ES83"
},
{
"status": "affected",
"version": "11.5(1)_ES29"
},
{
"status": "affected",
"version": "12.0(1)_ES06"
},
{
"status": "affected",
"version": "12.5(1)"
},
{
"status": "affected",
"version": "12.0(1)_ES07"
},
{
"status": "affected",
"version": "11.6(1)_ES80"
},
{
"status": "affected",
"version": "12.0(1)_ES05"
},
{
"status": "affected",
"version": "11.5(1)_ES36"
},
{
"status": "affected",
"version": "11.5(1)_ES53"
},
{
"status": "affected",
"version": "12.5(1)_ES08"
},
{
"status": "affected",
"version": "11.5(1)ES43"
},
{
"status": "affected",
"version": "12.0(1)_ES03"
},
{
"status": "affected",
"version": "11.6(1)_ES86"
},
{
"status": "affected",
"version": "12.0(1)_ES04"
},
{
"status": "affected",
"version": "11.5(1)ES27"
},
{
"status": "affected",
"version": "12.5(1)_ES03"
},
{
"status": "affected",
"version": "11.6(1)_ES88"
},
{
"status": "affected",
"version": "12.5(1)_ES06"
},
{
"status": "affected",
"version": "11.6(1)_ES82"
},
{
"status": "affected",
"version": "11.6(1)"
},
{
"status": "affected",
"version": "11.5(1)ES29"
},
{
"status": "affected",
"version": "12.5(1)_ES04"
},
{
"status": "affected",
"version": "12.5(1)_ES07"
},
{
"status": "affected",
"version": "11.6(1)_ES87"
},
{
"status": "affected",
"version": "11.6(1)_ES81"
},
{
"status": "affected",
"version": "12.0(1)"
},
{
"status": "affected",
"version": "11.6(1)_ES22"
},
{
"status": "affected",
"version": "11.5(1)_ES43"
},
{
"status": "affected",
"version": "11.5(1)ES32"
},
{
"status": "affected",
"version": "12.0(1)_ES02"
},
{
"status": "affected",
"version": "12.5(1)_ES02"
},
{
"status": "affected",
"version": "12.6(1)"
},
{
"status": "affected",
"version": "12.5(1)_ES09"
},
{
"status": "affected",
"version": "12.6(1)_ES01"
},
{
"status": "affected",
"version": "12.0(1)_ES08"
},
{
"status": "affected",
"version": "12.5(1)_ES10"
},
{
"status": "affected",
"version": "12.6(1)_ES02"
},
{
"status": "affected",
"version": "12.5(1)_ES11"
},
{
"status": "affected",
"version": "12.5(1)_ES12"
},
{
"status": "affected",
"version": "12.6(1)_ES03"
},
{
"status": "affected",
"version": "12.5(1)_ES13"
},
{
"status": "affected",
"version": "12.5(1)_ES14"
},
{
"status": "affected",
"version": "12.6(1)_ES04"
},
{
"status": "affected",
"version": "12.6(1)_ES05"
},
{
"status": "affected",
"version": "12.5(1)_ES15"
},
{
"status": "affected",
"version": "12.6(1)_ES06"
},
{
"status": "affected",
"version": "12.6(1)_ET"
},
{
"status": "affected",
"version": "12.5(1)_ES16"
},
{
"status": "affected",
"version": "12.5(1)SU"
},
{
"status": "affected",
"version": "12.5(1)_SU"
},
{
"status": "affected",
"version": "12.5(1)_SU_ES01"
},
{
"status": "affected",
"version": "12.6(1)_ES07"
},
{
"status": "affected",
"version": "12.6(2)"
},
{
"status": "affected",
"version": "12.5(1)_ES17"
},
{
"status": "affected",
"version": "12.6(1)_ES08"
},
{
"status": "affected",
"version": "12.6(1)_ES09"
},
{
"status": "affected",
"version": "12.6(1)_ES10"
},
{
"status": "affected",
"version": "12.5(1)_SU_ES02"
},
{
"status": "affected",
"version": "12.6(2)_ES01"
},
{
"status": "affected",
"version": "12.6(2)_ET01"
},
{
"status": "affected",
"version": "12.5(2)_ET"
},
{
"status": "affected",
"version": "12.6(2)_ES02"
},
{
"status": "affected",
"version": "12.6(2)_ET_Streaming"
},
{
"status": "affected",
"version": "12.6(2)ET_Transcribe"
},
{
"status": "affected",
"version": "12.6(2)_ES03"
},
{
"status": "affected",
"version": "12.6(2)ET_NuanceMix"
},
{
"status": "affected",
"version": "12.6(2)ET_FileUpload"
},
{
"status": "affected",
"version": "12.6(2)_ET02"
},
{
"status": "affected",
"version": "12.6(2)_ES04"
},
{
"status": "affected",
"version": "12.6.2ET_RTPfallback"
},
{
"status": "affected",
"version": "12.6.2ET_CSCwf55306"
},
{
"status": "affected",
"version": "12.6.2_ET_CSCwj36712"
},
{
"status": "affected",
"version": "12.5.2 ET-CSCwj33374"
},
{
"status": "affected",
"version": "12.5(1) SU ET"
},
{
"status": "affected",
"version": "12.6(2)ET_CSCwj87296"
},
{
"status": "affected",
"version": "12.6(2)_ES05"
},
{
"status": "affected",
"version": "12.5.2_ET_CSCvz27014"
},
{
"status": "affected",
"version": "12.6(2)_ET"
},
{
"status": "affected",
"version": "12.6.2-ET"
},
{
"status": "affected",
"version": "12.6(2)ET_CSCwk83135"
},
{
"status": "affected",
"version": "12.6.2_ET_CX_ALAW"
},
{
"status": "affected",
"version": "12.6.2-ET01-SSL"
},
{
"status": "affected",
"version": "12.6(2)_ES06"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the CLI of multiple Cisco Unified Communications products could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system of an affected device as the root user.\r\n\r\nThis vulnerability is due to improper validation of user-supplied command arguments. An attacker could exploit this vulnerability by executing crafted commands on the CLI of an affected device. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system of an affected device as the root user. To exploit this vulnerability, the attacker must have valid administrative credentials."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-77",
"description": "Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-06-04T16:18:20.661Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-vos-command-inject-65s2UCYy",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-vos-command-inject-65s2UCYy"
}
],
"source": {
"advisory": "cisco-sa-vos-command-inject-65s2UCYy",
"defects": [
"CSCwk24029"
],
"discovery": "EXTERNAL"
},
"title": "Cisco Unified Communications Products Command Injection Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2025-20278",
"datePublished": "2025-06-04T16:18:20.661Z",
"dateReserved": "2024-10-10T19:15:13.246Z",
"dateUpdated": "2026-02-26T17:51:08.371Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-20277 (GCVE-0-2025-20277)
Vulnerability from nvd ā Published: 2025-06-04 16:18 ā Updated: 2026-02-26 18:27
VLAI
Title
Cisco Unified Contact Center Express Path Traversal Vulnerability
Summary
A vulnerability in the web-based management interface of Cisco Unified CCX could allow an authenticated, local attacker to execute arbitrary code on an affected device. To exploit this vulnerability, the attacker must have valid administrative credentials.
This vulnerability is due to improper limitation of a pathname to a restricted directory (path traversal). An attacker could exploit this vulnerability by sending a crafted web request to an affected device, followed by a specific command through an SSH session. A successful exploit could allow the attacker to execute arbitrary code on the underlying operating system of an affected device as a low-privilege user. A successful exploit could also allow the attacker to undertake further actions to elevate their privileges to root.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Cisco | Cisco Unified Contact Center Express |
Affected:
10.6(1)
Affected: 10.5(1)SU1 Affected: 10.6(1)SU3 Affected: 12.0(1) Affected: 10.0(1)SU1 Affected: 10.6(1)SU1 Affected: 11.0(1)SU1 Affected: 11.5(1)SU1 Affected: 10.5(1) Affected: 11.6(1) Affected: 11.6(2) Affected: 12.5(1) Affected: 12.5(1)SU1 Affected: 12.5(1)SU2 Affected: 12.5(1)SU3 Affected: 12.5(1)_SU03_ES01 Affected: 12.5(1)_SU03_ES02 Affected: 12.5(1)_SU02_ES03 Affected: 12.5(1)_SU02_ES04 Affected: 12.5(1)_SU02_ES02 Affected: 12.5(1)_SU01_ES02 Affected: 12.5(1)_SU01_ES03 Affected: 12.5(1)_SU02_ES01 Affected: 11.6(2)ES07 Affected: 11.6(2)ES08 Affected: 12.5(1)_SU01_ES01 Affected: 12.0(1)ES04 Affected: 12.5(1)ES02 Affected: 12.5(1)ES03 Affected: 11.6(2)ES06 Affected: 12.5(1)ES01 Affected: 12.0(1)ES03 Affected: 12.0(1)ES01 Affected: 11.6(2)ES05 Affected: 12.0(1)ES02 Affected: 11.6(2)ES04 Affected: 11.6(2)ES03 Affected: 11.6(2)ES02 Affected: 11.6(2)ES01 Affected: 10.6(1)SU3ES03 Affected: 11.0(1)SU1ES03 Affected: 10.6(1)SU3ES01 Affected: 10.5(1)SU1ES10 Affected: 10.0(1)SU1ES04 Affected: 11.5(1)SU1ES03 Affected: 11.6(1)ES02 Affected: 11.5(1)ES01 Affected: 9.0(2)SU3ES04 Affected: 10.6(1)SU2 Affected: 10.6(1)SU2ES04 Affected: 11.6(1)ES01 Affected: 10.6(1)SU3ES02 Affected: 11.5(1)SU1ES02 Affected: 11.5(1)SU1ES01 Affected: 8.5(1) Affected: 11.0(1)SU1ES02 Affected: 12.5(1)_SU03_ES03 Affected: 12.5(1)_SU03_ES04 Affected: 12.5(1)_SU03_ES05 Affected: 12.5(1)_SU03_ES06 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-20277",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-06-05T03:55:23.589420Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-26T18:27:35.377Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Cisco Unified Contact Center Express",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "10.6(1)"
},
{
"status": "affected",
"version": "10.5(1)SU1"
},
{
"status": "affected",
"version": "10.6(1)SU3"
},
{
"status": "affected",
"version": "12.0(1)"
},
{
"status": "affected",
"version": "10.0(1)SU1"
},
{
"status": "affected",
"version": "10.6(1)SU1"
},
{
"status": "affected",
"version": "11.0(1)SU1"
},
{
"status": "affected",
"version": "11.5(1)SU1"
},
{
"status": "affected",
"version": "10.5(1)"
},
{
"status": "affected",
"version": "11.6(1)"
},
{
"status": "affected",
"version": "11.6(2)"
},
{
"status": "affected",
"version": "12.5(1)"
},
{
"status": "affected",
"version": "12.5(1)SU1"
},
{
"status": "affected",
"version": "12.5(1)SU2"
},
{
"status": "affected",
"version": "12.5(1)SU3"
},
{
"status": "affected",
"version": "12.5(1)_SU03_ES01"
},
{
"status": "affected",
"version": "12.5(1)_SU03_ES02"
},
{
"status": "affected",
"version": "12.5(1)_SU02_ES03"
},
{
"status": "affected",
"version": "12.5(1)_SU02_ES04"
},
{
"status": "affected",
"version": "12.5(1)_SU02_ES02"
},
{
"status": "affected",
"version": "12.5(1)_SU01_ES02"
},
{
"status": "affected",
"version": "12.5(1)_SU01_ES03"
},
{
"status": "affected",
"version": "12.5(1)_SU02_ES01"
},
{
"status": "affected",
"version": "11.6(2)ES07"
},
{
"status": "affected",
"version": "11.6(2)ES08"
},
{
"status": "affected",
"version": "12.5(1)_SU01_ES01"
},
{
"status": "affected",
"version": "12.0(1)ES04"
},
{
"status": "affected",
"version": "12.5(1)ES02"
},
{
"status": "affected",
"version": "12.5(1)ES03"
},
{
"status": "affected",
"version": "11.6(2)ES06"
},
{
"status": "affected",
"version": "12.5(1)ES01"
},
{
"status": "affected",
"version": "12.0(1)ES03"
},
{
"status": "affected",
"version": "12.0(1)ES01"
},
{
"status": "affected",
"version": "11.6(2)ES05"
},
{
"status": "affected",
"version": "12.0(1)ES02"
},
{
"status": "affected",
"version": "11.6(2)ES04"
},
{
"status": "affected",
"version": "11.6(2)ES03"
},
{
"status": "affected",
"version": "11.6(2)ES02"
},
{
"status": "affected",
"version": "11.6(2)ES01"
},
{
"status": "affected",
"version": "10.6(1)SU3ES03"
},
{
"status": "affected",
"version": "11.0(1)SU1ES03"
},
{
"status": "affected",
"version": "10.6(1)SU3ES01"
},
{
"status": "affected",
"version": "10.5(1)SU1ES10"
},
{
"status": "affected",
"version": "10.0(1)SU1ES04"
},
{
"status": "affected",
"version": "11.5(1)SU1ES03"
},
{
"status": "affected",
"version": "11.6(1)ES02"
},
{
"status": "affected",
"version": "11.5(1)ES01"
},
{
"status": "affected",
"version": "9.0(2)SU3ES04"
},
{
"status": "affected",
"version": "10.6(1)SU2"
},
{
"status": "affected",
"version": "10.6(1)SU2ES04"
},
{
"status": "affected",
"version": "11.6(1)ES01"
},
{
"status": "affected",
"version": "10.6(1)SU3ES02"
},
{
"status": "affected",
"version": "11.5(1)SU1ES02"
},
{
"status": "affected",
"version": "11.5(1)SU1ES01"
},
{
"status": "affected",
"version": "8.5(1)"
},
{
"status": "affected",
"version": "11.0(1)SU1ES02"
},
{
"status": "affected",
"version": "12.5(1)_SU03_ES03"
},
{
"status": "affected",
"version": "12.5(1)_SU03_ES04"
},
{
"status": "affected",
"version": "12.5(1)_SU03_ES05"
},
{
"status": "affected",
"version": "12.5(1)_SU03_ES06"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based management interface of Cisco Unified CCX could allow an authenticated, local attacker to execute arbitrary code on an affected device. To exploit this vulnerability, the attacker must have valid administrative credentials.\r\n\r\nThis vulnerability is due to improper limitation of a pathname to a restricted directory (path traversal). An attacker could exploit this vulnerability by sending a crafted web request to an affected device, followed by a specific command through an SSH session. A successful exploit could allow the attacker to execute arbitrary code on the underlying operating system of an affected device as a low-privilege user. A successful exploit could also allow the attacker to undertake further actions to elevate their privileges to root."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 3.4,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-06-04T16:18:12.612Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-uccx-multi-UhOTvPGL",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-uccx-multi-UhOTvPGL"
}
],
"source": {
"advisory": "cisco-sa-uccx-multi-UhOTvPGL",
"defects": [
"CSCwk24068"
],
"discovery": "EXTERNAL"
},
"title": "Cisco Unified Contact Center Express Path Traversal Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2025-20277",
"datePublished": "2025-06-04T16:18:12.612Z",
"dateReserved": "2024-10-10T19:15:13.246Z",
"dateUpdated": "2026-02-26T18:27:35.377Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-20276 (GCVE-0-2025-20276)
Vulnerability from nvd ā Published: 2025-06-04 16:18 ā Updated: 2026-02-26 18:27
VLAI
Title
Cisco Unified Contact Center Express Remote Code Execution Vulnerability
Summary
A vulnerability in the web-based management interface of Cisco Unified CCX could allow an authenticated, remote attacker to execute arbitrary code on an affected device. To exploit this vulnerability, the attacker must have valid administrative credentials.
This vulnerability is due to insecure deserialization of Java objects by the affected software. An attacker could exploit this vulnerability by sending a crafted Java object to an affected device. A successful exploit could allow the attacker to execute arbitrary code on the underlying operating system of an affected device as a low-privilege user. A successful exploit could also allow the attacker to undertake further actions to elevate their privileges to root.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-502 - Deserialization of Untrusted Data
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Cisco | Cisco Unified Contact Center Express |
Affected:
10.6(1)
Affected: 10.5(1)SU1 Affected: 10.6(1)SU3 Affected: 12.0(1) Affected: 10.0(1)SU1 Affected: 10.6(1)SU1 Affected: 11.0(1)SU1 Affected: 11.5(1)SU1 Affected: 10.5(1) Affected: 11.6(1) Affected: 11.6(2) Affected: 12.5(1) Affected: 12.5(1)SU1 Affected: 12.5(1)SU2 Affected: 12.5(1)SU3 Affected: 12.5(1)_SU03_ES01 Affected: 12.5(1)_SU03_ES02 Affected: 12.5(1)_SU02_ES03 Affected: 12.5(1)_SU02_ES04 Affected: 12.5(1)_SU02_ES02 Affected: 12.5(1)_SU01_ES02 Affected: 12.5(1)_SU01_ES03 Affected: 12.5(1)_SU02_ES01 Affected: 11.6(2)ES07 Affected: 11.6(2)ES08 Affected: 12.5(1)_SU01_ES01 Affected: 12.0(1)ES04 Affected: 12.5(1)ES02 Affected: 12.5(1)ES03 Affected: 11.6(2)ES06 Affected: 12.5(1)ES01 Affected: 12.0(1)ES03 Affected: 12.0(1)ES01 Affected: 11.6(2)ES05 Affected: 12.0(1)ES02 Affected: 11.6(2)ES04 Affected: 11.6(2)ES03 Affected: 11.6(2)ES02 Affected: 11.6(2)ES01 Affected: 10.6(1)SU3ES03 Affected: 11.0(1)SU1ES03 Affected: 10.6(1)SU3ES01 Affected: 10.5(1)SU1ES10 Affected: 10.0(1)SU1ES04 Affected: 11.5(1)SU1ES03 Affected: 11.6(1)ES02 Affected: 11.5(1)ES01 Affected: 9.0(2)SU3ES04 Affected: 10.6(1)SU2 Affected: 10.6(1)SU2ES04 Affected: 11.6(1)ES01 Affected: 10.6(1)SU3ES02 Affected: 11.5(1)SU1ES02 Affected: 11.5(1)SU1ES01 Affected: 8.5(1) Affected: 11.0(1)SU1ES02 Affected: 12.5(1)_SU03_ES03 Affected: 12.5(1)_SU03_ES04 Affected: 12.5(1)_SU03_ES05 Affected: 12.5(1)_SU03_ES06 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-20276",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-06-05T03:55:28.044029Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-26T18:27:35.729Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Cisco Unified Contact Center Express",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "10.6(1)"
},
{
"status": "affected",
"version": "10.5(1)SU1"
},
{
"status": "affected",
"version": "10.6(1)SU3"
},
{
"status": "affected",
"version": "12.0(1)"
},
{
"status": "affected",
"version": "10.0(1)SU1"
},
{
"status": "affected",
"version": "10.6(1)SU1"
},
{
"status": "affected",
"version": "11.0(1)SU1"
},
{
"status": "affected",
"version": "11.5(1)SU1"
},
{
"status": "affected",
"version": "10.5(1)"
},
{
"status": "affected",
"version": "11.6(1)"
},
{
"status": "affected",
"version": "11.6(2)"
},
{
"status": "affected",
"version": "12.5(1)"
},
{
"status": "affected",
"version": "12.5(1)SU1"
},
{
"status": "affected",
"version": "12.5(1)SU2"
},
{
"status": "affected",
"version": "12.5(1)SU3"
},
{
"status": "affected",
"version": "12.5(1)_SU03_ES01"
},
{
"status": "affected",
"version": "12.5(1)_SU03_ES02"
},
{
"status": "affected",
"version": "12.5(1)_SU02_ES03"
},
{
"status": "affected",
"version": "12.5(1)_SU02_ES04"
},
{
"status": "affected",
"version": "12.5(1)_SU02_ES02"
},
{
"status": "affected",
"version": "12.5(1)_SU01_ES02"
},
{
"status": "affected",
"version": "12.5(1)_SU01_ES03"
},
{
"status": "affected",
"version": "12.5(1)_SU02_ES01"
},
{
"status": "affected",
"version": "11.6(2)ES07"
},
{
"status": "affected",
"version": "11.6(2)ES08"
},
{
"status": "affected",
"version": "12.5(1)_SU01_ES01"
},
{
"status": "affected",
"version": "12.0(1)ES04"
},
{
"status": "affected",
"version": "12.5(1)ES02"
},
{
"status": "affected",
"version": "12.5(1)ES03"
},
{
"status": "affected",
"version": "11.6(2)ES06"
},
{
"status": "affected",
"version": "12.5(1)ES01"
},
{
"status": "affected",
"version": "12.0(1)ES03"
},
{
"status": "affected",
"version": "12.0(1)ES01"
},
{
"status": "affected",
"version": "11.6(2)ES05"
},
{
"status": "affected",
"version": "12.0(1)ES02"
},
{
"status": "affected",
"version": "11.6(2)ES04"
},
{
"status": "affected",
"version": "11.6(2)ES03"
},
{
"status": "affected",
"version": "11.6(2)ES02"
},
{
"status": "affected",
"version": "11.6(2)ES01"
},
{
"status": "affected",
"version": "10.6(1)SU3ES03"
},
{
"status": "affected",
"version": "11.0(1)SU1ES03"
},
{
"status": "affected",
"version": "10.6(1)SU3ES01"
},
{
"status": "affected",
"version": "10.5(1)SU1ES10"
},
{
"status": "affected",
"version": "10.0(1)SU1ES04"
},
{
"status": "affected",
"version": "11.5(1)SU1ES03"
},
{
"status": "affected",
"version": "11.6(1)ES02"
},
{
"status": "affected",
"version": "11.5(1)ES01"
},
{
"status": "affected",
"version": "9.0(2)SU3ES04"
},
{
"status": "affected",
"version": "10.6(1)SU2"
},
{
"status": "affected",
"version": "10.6(1)SU2ES04"
},
{
"status": "affected",
"version": "11.6(1)ES01"
},
{
"status": "affected",
"version": "10.6(1)SU3ES02"
},
{
"status": "affected",
"version": "11.5(1)SU1ES02"
},
{
"status": "affected",
"version": "11.5(1)SU1ES01"
},
{
"status": "affected",
"version": "8.5(1)"
},
{
"status": "affected",
"version": "11.0(1)SU1ES02"
},
{
"status": "affected",
"version": "12.5(1)_SU03_ES03"
},
{
"status": "affected",
"version": "12.5(1)_SU03_ES04"
},
{
"status": "affected",
"version": "12.5(1)_SU03_ES05"
},
{
"status": "affected",
"version": "12.5(1)_SU03_ES06"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based management interface of Cisco Unified CCX could allow an authenticated, remote attacker to execute arbitrary code on an affected device. To exploit this vulnerability, the attacker must have valid administrative credentials.\u0026nbsp;\r\n\r\nThis vulnerability is due to insecure deserialization of Java objects by the affected software. An attacker could exploit this vulnerability by sending a crafted Java object to an affected device. A successful exploit could allow the attacker to execute arbitrary code on the underlying operating system of an affected device as a low-privilege user. A successful exploit could also allow the attacker to undertake further actions to elevate their privileges to root."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.8,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-502",
"description": "Deserialization of Untrusted Data",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-06-04T16:18:04.091Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-uccx-multi-UhOTvPGL",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-uccx-multi-UhOTvPGL"
}
],
"source": {
"advisory": "cisco-sa-uccx-multi-UhOTvPGL",
"defects": [
"CSCwk24108"
],
"discovery": "EXTERNAL"
},
"title": "Cisco Unified Contact Center Express Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2025-20276",
"datePublished": "2025-06-04T16:18:04.091Z",
"dateReserved": "2024-10-10T19:15:13.246Z",
"dateUpdated": "2026-02-26T18:27:35.729Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-20275 (GCVE-0-2025-20275)
Vulnerability from nvd ā Published: 2025-06-04 16:18 ā Updated: 2026-02-26 18:27
VLAI
Title
Cisco Unified Contact Center Express Editor Remote Code Execution Vulnerability
Summary
A vulnerability in the file opening process of Cisco Unified Contact Center Express (Unified CCX) Editor could allow an unauthenticated attacker to execute arbitrary code on an affected device.
This vulnerability is due to insecure deserialization of Java objects by the affected software. An attacker could exploit this vulnerability by persuading an authenticated, local user to open a crafted .aef file. A successful exploit could allow the attacker to execute arbitrary code on the host that is running the editor application with the privileges of the user who launched it.
Severity
5.3 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-502 - Deserialization of Untrusted Data
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Cisco | Cisco Unified Contact Center Express |
Affected:
10.6(1)
Affected: 10.5(1)SU1 Affected: 10.6(1)SU3 Affected: 12.0(1) Affected: 10.0(1)SU1 Affected: 10.6(1)SU1 Affected: 11.0(1)SU1 Affected: 11.5(1)SU1 Affected: 10.5(1) Affected: 11.6(1) Affected: 11.6(2) Affected: 12.5(1) Affected: 12.5(1)SU1 Affected: 12.5(1)SU2 Affected: 12.5(1)SU3 Affected: 12.5(1)_SU03_ES01 Affected: 12.5(1)_SU03_ES02 Affected: 12.5(1)_SU02_ES03 Affected: 12.5(1)_SU02_ES04 Affected: 12.5(1)_SU02_ES02 Affected: 12.5(1)_SU01_ES02 Affected: 12.5(1)_SU01_ES03 Affected: 12.5(1)_SU02_ES01 Affected: 11.6(2)ES07 Affected: 11.6(2)ES08 Affected: 12.5(1)_SU01_ES01 Affected: 12.0(1)ES04 Affected: 12.5(1)ES02 Affected: 12.5(1)ES03 Affected: 11.6(2)ES06 Affected: 12.5(1)ES01 Affected: 12.0(1)ES03 Affected: 12.0(1)ES01 Affected: 11.6(2)ES05 Affected: 12.0(1)ES02 Affected: 11.6(2)ES04 Affected: 11.6(2)ES03 Affected: 11.6(2)ES02 Affected: 11.6(2)ES01 Affected: 10.6(1)SU3ES03 Affected: 11.0(1)SU1ES03 Affected: 10.6(1)SU3ES01 Affected: 10.5(1)SU1ES10 Affected: 10.0(1)SU1ES04 Affected: 11.5(1)SU1ES03 Affected: 11.6(1)ES02 Affected: 11.5(1)ES01 Affected: 9.0(2)SU3ES04 Affected: 10.6(1)SU2 Affected: 10.6(1)SU2ES04 Affected: 11.6(1)ES01 Affected: 10.6(1)SU3ES02 Affected: 11.5(1)SU1ES02 Affected: 11.5(1)SU1ES01 Affected: 8.5(1) Affected: 11.0(1)SU1ES02 Affected: 12.5(1)_SU03_ES03 Affected: 12.5(1)_SU03_ES04 Affected: 12.5(1)_SU03_ES05 Affected: 12.5(1)_SU03_ES06 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-20275",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-06-05T03:55:26.998509Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-26T18:27:36.134Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Cisco Unified Contact Center Express",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "10.6(1)"
},
{
"status": "affected",
"version": "10.5(1)SU1"
},
{
"status": "affected",
"version": "10.6(1)SU3"
},
{
"status": "affected",
"version": "12.0(1)"
},
{
"status": "affected",
"version": "10.0(1)SU1"
},
{
"status": "affected",
"version": "10.6(1)SU1"
},
{
"status": "affected",
"version": "11.0(1)SU1"
},
{
"status": "affected",
"version": "11.5(1)SU1"
},
{
"status": "affected",
"version": "10.5(1)"
},
{
"status": "affected",
"version": "11.6(1)"
},
{
"status": "affected",
"version": "11.6(2)"
},
{
"status": "affected",
"version": "12.5(1)"
},
{
"status": "affected",
"version": "12.5(1)SU1"
},
{
"status": "affected",
"version": "12.5(1)SU2"
},
{
"status": "affected",
"version": "12.5(1)SU3"
},
{
"status": "affected",
"version": "12.5(1)_SU03_ES01"
},
{
"status": "affected",
"version": "12.5(1)_SU03_ES02"
},
{
"status": "affected",
"version": "12.5(1)_SU02_ES03"
},
{
"status": "affected",
"version": "12.5(1)_SU02_ES04"
},
{
"status": "affected",
"version": "12.5(1)_SU02_ES02"
},
{
"status": "affected",
"version": "12.5(1)_SU01_ES02"
},
{
"status": "affected",
"version": "12.5(1)_SU01_ES03"
},
{
"status": "affected",
"version": "12.5(1)_SU02_ES01"
},
{
"status": "affected",
"version": "11.6(2)ES07"
},
{
"status": "affected",
"version": "11.6(2)ES08"
},
{
"status": "affected",
"version": "12.5(1)_SU01_ES01"
},
{
"status": "affected",
"version": "12.0(1)ES04"
},
{
"status": "affected",
"version": "12.5(1)ES02"
},
{
"status": "affected",
"version": "12.5(1)ES03"
},
{
"status": "affected",
"version": "11.6(2)ES06"
},
{
"status": "affected",
"version": "12.5(1)ES01"
},
{
"status": "affected",
"version": "12.0(1)ES03"
},
{
"status": "affected",
"version": "12.0(1)ES01"
},
{
"status": "affected",
"version": "11.6(2)ES05"
},
{
"status": "affected",
"version": "12.0(1)ES02"
},
{
"status": "affected",
"version": "11.6(2)ES04"
},
{
"status": "affected",
"version": "11.6(2)ES03"
},
{
"status": "affected",
"version": "11.6(2)ES02"
},
{
"status": "affected",
"version": "11.6(2)ES01"
},
{
"status": "affected",
"version": "10.6(1)SU3ES03"
},
{
"status": "affected",
"version": "11.0(1)SU1ES03"
},
{
"status": "affected",
"version": "10.6(1)SU3ES01"
},
{
"status": "affected",
"version": "10.5(1)SU1ES10"
},
{
"status": "affected",
"version": "10.0(1)SU1ES04"
},
{
"status": "affected",
"version": "11.5(1)SU1ES03"
},
{
"status": "affected",
"version": "11.6(1)ES02"
},
{
"status": "affected",
"version": "11.5(1)ES01"
},
{
"status": "affected",
"version": "9.0(2)SU3ES04"
},
{
"status": "affected",
"version": "10.6(1)SU2"
},
{
"status": "affected",
"version": "10.6(1)SU2ES04"
},
{
"status": "affected",
"version": "11.6(1)ES01"
},
{
"status": "affected",
"version": "10.6(1)SU3ES02"
},
{
"status": "affected",
"version": "11.5(1)SU1ES02"
},
{
"status": "affected",
"version": "11.5(1)SU1ES01"
},
{
"status": "affected",
"version": "8.5(1)"
},
{
"status": "affected",
"version": "11.0(1)SU1ES02"
},
{
"status": "affected",
"version": "12.5(1)_SU03_ES03"
},
{
"status": "affected",
"version": "12.5(1)_SU03_ES04"
},
{
"status": "affected",
"version": "12.5(1)_SU03_ES05"
},
{
"status": "affected",
"version": "12.5(1)_SU03_ES06"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the file opening process of Cisco Unified Contact Center Express (Unified CCX) Editor could allow an unauthenticated attacker to execute arbitrary code on an affected device.\u0026nbsp;\r\n\r\nThis vulnerability is due to insecure deserialization of Java objects by the affected software. An attacker could exploit this vulnerability by persuading an authenticated, local user to open a crafted .aef file. A successful exploit could allow the attacker to execute arbitrary code on the host that is running the editor application with the privileges of the user who launched it."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-502",
"description": "Deserialization of Untrusted Data",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-06-04T16:18:03.810Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-uccx-editor-rce-ezyYZte8",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-uccx-editor-rce-ezyYZte8"
}
],
"source": {
"advisory": "cisco-sa-uccx-editor-rce-ezyYZte8",
"defects": [
"CSCwk24113"
],
"discovery": "EXTERNAL"
},
"title": "Cisco Unified Contact Center Express Editor Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2025-20275",
"datePublished": "2025-06-04T16:18:03.810Z",
"dateReserved": "2024-10-10T19:15:13.246Z",
"dateUpdated": "2026-02-26T18:27:36.134Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-20129 (GCVE-0-2025-20129)
Vulnerability from nvd ā Published: 2025-06-04 16:17 ā Updated: 2025-06-04 18:20
VLAI
Title
Cisco Customer Collaboration Platform Information Disclosure Vulnerability
Summary
A vulnerability in the web-based chat interface of Cisco Customer Collaboration Platform (CCP), formerly Cisco SocialMiner, could allow an unauthenticated, remote attacker to persuade users to disclose sensitive data.
This vulnerability is due to improper sanitization of HTTP requests that are sent to the web-based chat interface. An attacker could exploit this vulnerability by sending crafted HTTP requests to the chat interface of a targeted user on a vulnerable server. A successful exploit could allow the attacker to redirect chat traffic to a server that is under their control, resulting in sensitive information being redirected to the attacker.
Severity
4.3 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor
Assigner
References
1 reference
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Cisco | Cisco SocialMiner |
Affected:
12.5(1)ES01
Affected: 10.5(1) Affected: 11.6(1) Affected: 10.6(1) Affected: 12.0(1)ES04 Affected: 10.6(2) Affected: 12.5(1) Affected: 11.6(2) Affected: 12.0(1) Affected: 12.0(1)ES02 Affected: 11.0(1) Affected: 11.5(1) Affected: 11.5(1)SU1 Affected: 12.0(1)ES03 Affected: 12.5(1)SU3 Affected: 12.5(1)SU1 Affected: 12.5(1)SU2 |
|
| Cisco | Cisco Unified Contact Center Express |
Affected:
10.6(1)
Affected: 10.5(1)SU1 Affected: 10.6(1)SU3 Affected: 12.0(1) Affected: 10.0(1)SU1 Affected: 10.6(1)SU1 Affected: 11.0(1)SU1 Affected: 11.5(1)SU1 Affected: 10.5(1) Affected: 11.6(1) Affected: 11.6(2) Affected: 12.5(1) Affected: 12.5(1)SU1 Affected: 12.5(1)SU2 Affected: 12.5(1)SU3 Affected: 12.5(1)_SU03_ES01 Affected: 12.5(1)_SU03_ES02 Affected: 12.5(1)_SU02_ES03 Affected: 12.5(1)_SU02_ES04 Affected: 12.5(1)_SU02_ES02 Affected: 12.5(1)_SU01_ES02 Affected: 12.5(1)_SU01_ES03 Affected: 12.5(1)_SU02_ES01 Affected: 11.6(2)ES07 Affected: 11.6(2)ES08 Affected: 12.5(1)_SU01_ES01 Affected: 12.0(1)ES04 Affected: 12.5(1)ES02 Affected: 12.5(1)ES03 Affected: 11.6(2)ES06 Affected: 12.5(1)ES01 Affected: 12.0(1)ES03 Affected: 12.0(1)ES01 Affected: 11.6(2)ES05 Affected: 12.0(1)ES02 Affected: 11.6(2)ES04 Affected: 11.6(2)ES03 Affected: 11.6(2)ES02 Affected: 11.6(2)ES01 Affected: 10.6(1)SU3ES03 Affected: 11.0(1)SU1ES03 Affected: 10.6(1)SU3ES01 Affected: 10.5(1)SU1ES10 Affected: 10.0(1)SU1ES04 Affected: 11.5(1)SU1ES03 Affected: 11.6(1)ES02 Affected: 11.5(1)ES01 Affected: 9.0(2)SU3ES04 Affected: 10.6(1)SU2 Affected: 10.6(1)SU2ES04 Affected: 11.6(1)ES01 Affected: 10.6(1)SU3ES02 Affected: 11.5(1)SU1ES02 Affected: 11.5(1)SU1ES01 Affected: 8.5(1) Affected: 11.0(1)SU1ES02 Affected: 12.5(1)_SU03_ES03 Affected: 12.5(1)_SU03_ES04 Affected: 12.5(1)_SU03_ES05 Affected: 12.5(1)_SU03_ES06 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-20129",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-06-04T18:13:19.983909Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-06-04T18:20:18.190Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Cisco SocialMiner",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "12.5(1)ES01"
},
{
"status": "affected",
"version": "10.5(1)"
},
{
"status": "affected",
"version": "11.6(1)"
},
{
"status": "affected",
"version": "10.6(1)"
},
{
"status": "affected",
"version": "12.0(1)ES04"
},
{
"status": "affected",
"version": "10.6(2)"
},
{
"status": "affected",
"version": "12.5(1)"
},
{
"status": "affected",
"version": "11.6(2)"
},
{
"status": "affected",
"version": "12.0(1)"
},
{
"status": "affected",
"version": "12.0(1)ES02"
},
{
"status": "affected",
"version": "11.0(1)"
},
{
"status": "affected",
"version": "11.5(1)"
},
{
"status": "affected",
"version": "11.5(1)SU1"
},
{
"status": "affected",
"version": "12.0(1)ES03"
},
{
"status": "affected",
"version": "12.5(1)SU3"
},
{
"status": "affected",
"version": "12.5(1)SU1"
},
{
"status": "affected",
"version": "12.5(1)SU2"
}
]
},
{
"defaultStatus": "unknown",
"product": "Cisco Unified Contact Center Express",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "10.6(1)"
},
{
"status": "affected",
"version": "10.5(1)SU1"
},
{
"status": "affected",
"version": "10.6(1)SU3"
},
{
"status": "affected",
"version": "12.0(1)"
},
{
"status": "affected",
"version": "10.0(1)SU1"
},
{
"status": "affected",
"version": "10.6(1)SU1"
},
{
"status": "affected",
"version": "11.0(1)SU1"
},
{
"status": "affected",
"version": "11.5(1)SU1"
},
{
"status": "affected",
"version": "10.5(1)"
},
{
"status": "affected",
"version": "11.6(1)"
},
{
"status": "affected",
"version": "11.6(2)"
},
{
"status": "affected",
"version": "12.5(1)"
},
{
"status": "affected",
"version": "12.5(1)SU1"
},
{
"status": "affected",
"version": "12.5(1)SU2"
},
{
"status": "affected",
"version": "12.5(1)SU3"
},
{
"status": "affected",
"version": "12.5(1)_SU03_ES01"
},
{
"status": "affected",
"version": "12.5(1)_SU03_ES02"
},
{
"status": "affected",
"version": "12.5(1)_SU02_ES03"
},
{
"status": "affected",
"version": "12.5(1)_SU02_ES04"
},
{
"status": "affected",
"version": "12.5(1)_SU02_ES02"
},
{
"status": "affected",
"version": "12.5(1)_SU01_ES02"
},
{
"status": "affected",
"version": "12.5(1)_SU01_ES03"
},
{
"status": "affected",
"version": "12.5(1)_SU02_ES01"
},
{
"status": "affected",
"version": "11.6(2)ES07"
},
{
"status": "affected",
"version": "11.6(2)ES08"
},
{
"status": "affected",
"version": "12.5(1)_SU01_ES01"
},
{
"status": "affected",
"version": "12.0(1)ES04"
},
{
"status": "affected",
"version": "12.5(1)ES02"
},
{
"status": "affected",
"version": "12.5(1)ES03"
},
{
"status": "affected",
"version": "11.6(2)ES06"
},
{
"status": "affected",
"version": "12.5(1)ES01"
},
{
"status": "affected",
"version": "12.0(1)ES03"
},
{
"status": "affected",
"version": "12.0(1)ES01"
},
{
"status": "affected",
"version": "11.6(2)ES05"
},
{
"status": "affected",
"version": "12.0(1)ES02"
},
{
"status": "affected",
"version": "11.6(2)ES04"
},
{
"status": "affected",
"version": "11.6(2)ES03"
},
{
"status": "affected",
"version": "11.6(2)ES02"
},
{
"status": "affected",
"version": "11.6(2)ES01"
},
{
"status": "affected",
"version": "10.6(1)SU3ES03"
},
{
"status": "affected",
"version": "11.0(1)SU1ES03"
},
{
"status": "affected",
"version": "10.6(1)SU3ES01"
},
{
"status": "affected",
"version": "10.5(1)SU1ES10"
},
{
"status": "affected",
"version": "10.0(1)SU1ES04"
},
{
"status": "affected",
"version": "11.5(1)SU1ES03"
},
{
"status": "affected",
"version": "11.6(1)ES02"
},
{
"status": "affected",
"version": "11.5(1)ES01"
},
{
"status": "affected",
"version": "9.0(2)SU3ES04"
},
{
"status": "affected",
"version": "10.6(1)SU2"
},
{
"status": "affected",
"version": "10.6(1)SU2ES04"
},
{
"status": "affected",
"version": "11.6(1)ES01"
},
{
"status": "affected",
"version": "10.6(1)SU3ES02"
},
{
"status": "affected",
"version": "11.5(1)SU1ES02"
},
{
"status": "affected",
"version": "11.5(1)SU1ES01"
},
{
"status": "affected",
"version": "8.5(1)"
},
{
"status": "affected",
"version": "11.0(1)SU1ES02"
},
{
"status": "affected",
"version": "12.5(1)_SU03_ES03"
},
{
"status": "affected",
"version": "12.5(1)_SU03_ES04"
},
{
"status": "affected",
"version": "12.5(1)_SU03_ES05"
},
{
"status": "affected",
"version": "12.5(1)_SU03_ES06"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based chat interface of Cisco Customer Collaboration Platform (CCP), formerly Cisco SocialMiner, could allow an unauthenticated, remote attacker to persuade users to disclose sensitive data.\r\n\r\nThis vulnerability is due to improper sanitization of HTTP requests that are sent to the web-based chat interface. An attacker could exploit this vulnerability by sending crafted HTTP requests to the chat interface of a targeted user on a vulnerable server. A successful exploit could allow the attacker to redirect chat traffic to a server that is under their control, resulting in sensitive information being redirected to the attacker."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is aware that proof-of-concept exploit code is available for the vulnerability described in this advisory.\r\n\r\nThe Cisco PSIRT is not aware of any malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "Exposure of Sensitive Information to an Unauthorized Actor",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-06-04T16:17:27.318Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-ccp-info-disc-ZyGerQpd",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ccp-info-disc-ZyGerQpd"
}
],
"source": {
"advisory": "cisco-sa-ccp-info-disc-ZyGerQpd",
"defects": [
"CSCwh43988"
],
"discovery": "EXTERNAL"
},
"title": "Cisco Customer Collaboration Platform Information Disclosure Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2025-20129",
"datePublished": "2025-06-04T16:17:27.318Z",
"dateReserved": "2024-10-10T19:15:13.212Z",
"dateUpdated": "2025-06-04T18:20:18.190Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2026-20117 (GCVE-0-2026-20117)
Vulnerability from cvelistv5 ā Published: 2026-03-11 16:31 ā Updated: 2026-03-11 17:20
VLAI
Title
Multiple Cisco Contact Center Products Cross-Site Scripting Vulnerabilities
Summary
A vulnerability in the web-based management interface of Cisco Unified Contact Center Express (Unified CCX) could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface.
This vulnerability exists because the web-based management interface of an affected system does not sufficiently validate user-supplied input. An attacker could exploit this vulnerability by injecting malicious code into specific pages of the interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information.
Severity
6.1 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Cisco | Cisco Unified Contact Center Express |
Affected:
10.5(1)SU1
Affected: 10.6(1) Affected: 11.6(1) Affected: 10.6(1)SU1 Affected: 10.6(1)SU3 Affected: 11.6(2) Affected: 12.0(1) Affected: 11.0(1)SU1 Affected: 11.5(1)SU1 Affected: 10.5(1) Affected: 12.5(1) Affected: 12.5(1)SU1 Affected: 12.5(1)SU2 Affected: 12.5(1)SU3 Affected: 12.5(1)_SU03_ES01 Affected: 12.5(1)_SU03_ES02 Affected: 12.5(1)_SU02_ES03 Affected: 12.5(1)_SU02_ES04 Affected: 12.5(1)_SU02_ES02 Affected: 12.5(1)_SU01_ES02 Affected: 12.5(1)_SU01_ES03 Affected: 12.5(1)_SU02_ES01 Affected: 11.6(2)ES07 Affected: 11.6(2)ES08 Affected: 12.5(1)_SU01_ES01 Affected: 12.0(1)ES04 Affected: 12.5(1)ES02 Affected: 12.5(1)ES03 Affected: 11.6(2)ES06 Affected: 12.5(1)ES01 Affected: 12.0(1)ES03 Affected: 12.0(1)ES01 Affected: 11.6(2)ES05 Affected: 12.0(1)ES02 Affected: 11.6(2)ES04 Affected: 11.6(2)ES03 Affected: 11.6(2)ES02 Affected: 11.6(2)ES01 Affected: 10.6(1)SU3ES03 Affected: 11.0(1)SU1ES03 Affected: 10.6(1)SU3ES01 Affected: 10.5(1)SU1ES10 Affected: 11.5(1)SU1ES03 Affected: 11.6(1)ES02 Affected: 11.5(1)ES01 Affected: 10.6(1)SU2 Affected: 10.6(1)SU2ES04 Affected: 11.6(1)ES01 Affected: 10.6(1)SU3ES02 Affected: 11.5(1)SU1ES02 Affected: 11.5(1)SU1ES01 Affected: 11.0(1)SU1ES02 Affected: 12.5(1)_SU03_ES03 Affected: 12.5(1)_SU03_ES04 Affected: 12.5(1)_SU03_ES05 Affected: UCCX 15.0.1 Affected: 12.5(1)_SU03_ES06 Affected: 12.5(1)_SU03_ES07 Affected: 15.0(1) Affected: 15.0(1)ES01 Affected: 15.0(1)ES-MSOauth Affected: 1501_ES01_CSCws06843 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-20117",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-11T17:05:14.798354Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-03-11T17:20:21.169Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Cisco Unified Contact Center Express",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "10.5(1)SU1"
},
{
"status": "affected",
"version": "10.6(1)"
},
{
"status": "affected",
"version": "11.6(1)"
},
{
"status": "affected",
"version": "10.6(1)SU1"
},
{
"status": "affected",
"version": "10.6(1)SU3"
},
{
"status": "affected",
"version": "11.6(2)"
},
{
"status": "affected",
"version": "12.0(1)"
},
{
"status": "affected",
"version": "11.0(1)SU1"
},
{
"status": "affected",
"version": "11.5(1)SU1"
},
{
"status": "affected",
"version": "10.5(1)"
},
{
"status": "affected",
"version": "12.5(1)"
},
{
"status": "affected",
"version": "12.5(1)SU1"
},
{
"status": "affected",
"version": "12.5(1)SU2"
},
{
"status": "affected",
"version": "12.5(1)SU3"
},
{
"status": "affected",
"version": "12.5(1)_SU03_ES01"
},
{
"status": "affected",
"version": "12.5(1)_SU03_ES02"
},
{
"status": "affected",
"version": "12.5(1)_SU02_ES03"
},
{
"status": "affected",
"version": "12.5(1)_SU02_ES04"
},
{
"status": "affected",
"version": "12.5(1)_SU02_ES02"
},
{
"status": "affected",
"version": "12.5(1)_SU01_ES02"
},
{
"status": "affected",
"version": "12.5(1)_SU01_ES03"
},
{
"status": "affected",
"version": "12.5(1)_SU02_ES01"
},
{
"status": "affected",
"version": "11.6(2)ES07"
},
{
"status": "affected",
"version": "11.6(2)ES08"
},
{
"status": "affected",
"version": "12.5(1)_SU01_ES01"
},
{
"status": "affected",
"version": "12.0(1)ES04"
},
{
"status": "affected",
"version": "12.5(1)ES02"
},
{
"status": "affected",
"version": "12.5(1)ES03"
},
{
"status": "affected",
"version": "11.6(2)ES06"
},
{
"status": "affected",
"version": "12.5(1)ES01"
},
{
"status": "affected",
"version": "12.0(1)ES03"
},
{
"status": "affected",
"version": "12.0(1)ES01"
},
{
"status": "affected",
"version": "11.6(2)ES05"
},
{
"status": "affected",
"version": "12.0(1)ES02"
},
{
"status": "affected",
"version": "11.6(2)ES04"
},
{
"status": "affected",
"version": "11.6(2)ES03"
},
{
"status": "affected",
"version": "11.6(2)ES02"
},
{
"status": "affected",
"version": "11.6(2)ES01"
},
{
"status": "affected",
"version": "10.6(1)SU3ES03"
},
{
"status": "affected",
"version": "11.0(1)SU1ES03"
},
{
"status": "affected",
"version": "10.6(1)SU3ES01"
},
{
"status": "affected",
"version": "10.5(1)SU1ES10"
},
{
"status": "affected",
"version": "11.5(1)SU1ES03"
},
{
"status": "affected",
"version": "11.6(1)ES02"
},
{
"status": "affected",
"version": "11.5(1)ES01"
},
{
"status": "affected",
"version": "10.6(1)SU2"
},
{
"status": "affected",
"version": "10.6(1)SU2ES04"
},
{
"status": "affected",
"version": "11.6(1)ES01"
},
{
"status": "affected",
"version": "10.6(1)SU3ES02"
},
{
"status": "affected",
"version": "11.5(1)SU1ES02"
},
{
"status": "affected",
"version": "11.5(1)SU1ES01"
},
{
"status": "affected",
"version": "11.0(1)SU1ES02"
},
{
"status": "affected",
"version": "12.5(1)_SU03_ES03"
},
{
"status": "affected",
"version": "12.5(1)_SU03_ES04"
},
{
"status": "affected",
"version": "12.5(1)_SU03_ES05"
},
{
"status": "affected",
"version": "UCCX 15.0.1"
},
{
"status": "affected",
"version": "12.5(1)_SU03_ES06"
},
{
"status": "affected",
"version": "12.5(1)_SU03_ES07"
},
{
"status": "affected",
"version": "15.0(1)"
},
{
"status": "affected",
"version": "15.0(1)ES01"
},
{
"status": "affected",
"version": "15.0(1)ES-MSOauth"
},
{
"status": "affected",
"version": "1501_ES01_CSCws06843"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based management interface of Cisco Unified Contact Center Express (Unified CCX) could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface.\r\n\r\nThis vulnerability exists because the web-based management interface of an affected system does not sufficiently validate user-supplied input. An attacker could exploit this vulnerability by injecting malicious code into specific pages of the interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-11T16:31:26.560Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-cc-xss-MrNAH5Jh",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cc-xss-MrNAH5Jh"
}
],
"source": {
"advisory": "cisco-sa-cc-xss-MrNAH5Jh",
"defects": [
"CSCwq46126"
],
"discovery": "EXTERNAL"
},
"title": "Multiple Cisco Contact Center Products Cross-Site Scripting Vulnerabilities"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2026-20117",
"datePublished": "2026-03-11T16:31:26.560Z",
"dateReserved": "2025-10-08T11:59:15.376Z",
"dateUpdated": "2026-03-11T17:20:21.169Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-20116 (GCVE-0-2026-20116)
Vulnerability from cvelistv5 ā Published: 2026-03-11 16:31 ā Updated: 2026-03-11 17:20
VLAI
Title
Multiple Cisco Contact Center Products Cross-Site Scripting Vulnerabilities
Summary
A vulnerability in the web-based management interface of Cisco Finesse, Cisco Packaged Contact Center Enterprise (Packaged CCE), Cisco Unified Contact Center Enterprise (Unified CCE), Cisco Unified Contact Center Express (Unified CCX), and Cisco Unified Intelligence Center could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface.
This vulnerability exists because the web-based management interface of an affected system does not sufficiently validate user-supplied input. An attacker could exploit this vulnerability by injecting malicious code into specific pages of the interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information.
Severity
6.1 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Cisco | Cisco Unified Contact Center Express |
Affected:
10.5(1)SU1
Affected: 10.6(1) Affected: 11.6(1) Affected: 10.6(1)SU1 Affected: 10.6(1)SU3 Affected: 11.6(2) Affected: 12.0(1) Affected: 11.0(1)SU1 Affected: 11.5(1)SU1 Affected: 10.5(1) Affected: 12.5(1) Affected: 12.5(1)SU1 Affected: 12.5(1)SU2 Affected: 12.5(1)SU3 Affected: 12.5(1)_SU03_ES01 Affected: 12.5(1)_SU03_ES02 Affected: 12.5(1)_SU02_ES03 Affected: 12.5(1)_SU02_ES04 Affected: 12.5(1)_SU02_ES02 Affected: 12.5(1)_SU01_ES02 Affected: 12.5(1)_SU01_ES03 Affected: 12.5(1)_SU02_ES01 Affected: 11.6(2)ES07 Affected: 11.6(2)ES08 Affected: 12.5(1)_SU01_ES01 Affected: 12.0(1)ES04 Affected: 12.5(1)ES02 Affected: 12.5(1)ES03 Affected: 11.6(2)ES06 Affected: 12.5(1)ES01 Affected: 12.0(1)ES03 Affected: 12.0(1)ES01 Affected: 11.6(2)ES05 Affected: 12.0(1)ES02 Affected: 11.6(2)ES04 Affected: 11.6(2)ES03 Affected: 11.6(2)ES02 Affected: 11.6(2)ES01 Affected: 10.6(1)SU3ES03 Affected: 11.0(1)SU1ES03 Affected: 10.6(1)SU3ES01 Affected: 10.5(1)SU1ES10 Affected: 11.5(1)SU1ES03 Affected: 11.6(1)ES02 Affected: 11.5(1)ES01 Affected: 10.6(1)SU2 Affected: 10.6(1)SU2ES04 Affected: 11.6(1)ES01 Affected: 10.6(1)SU3ES02 Affected: 11.5(1)SU1ES02 Affected: 11.5(1)SU1ES01 Affected: 11.0(1)SU1ES02 Affected: 12.5(1)_SU03_ES03 Affected: 12.5(1)_SU03_ES04 Affected: 12.5(1)_SU03_ES05 Affected: UCCX 15.0.1 Affected: 12.5(1)_SU03_ES06 Affected: 12.5(1)_SU03_ES07 Affected: 15.0(1) Affected: 15.0(1)ES01 Affected: 15.0(1)ES-MSOauth Affected: 1501_ES01_CSCws06843 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-20116",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-11T17:05:00.232053Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-03-11T17:20:21.361Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Cisco Unified Contact Center Express",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "10.5(1)SU1"
},
{
"status": "affected",
"version": "10.6(1)"
},
{
"status": "affected",
"version": "11.6(1)"
},
{
"status": "affected",
"version": "10.6(1)SU1"
},
{
"status": "affected",
"version": "10.6(1)SU3"
},
{
"status": "affected",
"version": "11.6(2)"
},
{
"status": "affected",
"version": "12.0(1)"
},
{
"status": "affected",
"version": "11.0(1)SU1"
},
{
"status": "affected",
"version": "11.5(1)SU1"
},
{
"status": "affected",
"version": "10.5(1)"
},
{
"status": "affected",
"version": "12.5(1)"
},
{
"status": "affected",
"version": "12.5(1)SU1"
},
{
"status": "affected",
"version": "12.5(1)SU2"
},
{
"status": "affected",
"version": "12.5(1)SU3"
},
{
"status": "affected",
"version": "12.5(1)_SU03_ES01"
},
{
"status": "affected",
"version": "12.5(1)_SU03_ES02"
},
{
"status": "affected",
"version": "12.5(1)_SU02_ES03"
},
{
"status": "affected",
"version": "12.5(1)_SU02_ES04"
},
{
"status": "affected",
"version": "12.5(1)_SU02_ES02"
},
{
"status": "affected",
"version": "12.5(1)_SU01_ES02"
},
{
"status": "affected",
"version": "12.5(1)_SU01_ES03"
},
{
"status": "affected",
"version": "12.5(1)_SU02_ES01"
},
{
"status": "affected",
"version": "11.6(2)ES07"
},
{
"status": "affected",
"version": "11.6(2)ES08"
},
{
"status": "affected",
"version": "12.5(1)_SU01_ES01"
},
{
"status": "affected",
"version": "12.0(1)ES04"
},
{
"status": "affected",
"version": "12.5(1)ES02"
},
{
"status": "affected",
"version": "12.5(1)ES03"
},
{
"status": "affected",
"version": "11.6(2)ES06"
},
{
"status": "affected",
"version": "12.5(1)ES01"
},
{
"status": "affected",
"version": "12.0(1)ES03"
},
{
"status": "affected",
"version": "12.0(1)ES01"
},
{
"status": "affected",
"version": "11.6(2)ES05"
},
{
"status": "affected",
"version": "12.0(1)ES02"
},
{
"status": "affected",
"version": "11.6(2)ES04"
},
{
"status": "affected",
"version": "11.6(2)ES03"
},
{
"status": "affected",
"version": "11.6(2)ES02"
},
{
"status": "affected",
"version": "11.6(2)ES01"
},
{
"status": "affected",
"version": "10.6(1)SU3ES03"
},
{
"status": "affected",
"version": "11.0(1)SU1ES03"
},
{
"status": "affected",
"version": "10.6(1)SU3ES01"
},
{
"status": "affected",
"version": "10.5(1)SU1ES10"
},
{
"status": "affected",
"version": "11.5(1)SU1ES03"
},
{
"status": "affected",
"version": "11.6(1)ES02"
},
{
"status": "affected",
"version": "11.5(1)ES01"
},
{
"status": "affected",
"version": "10.6(1)SU2"
},
{
"status": "affected",
"version": "10.6(1)SU2ES04"
},
{
"status": "affected",
"version": "11.6(1)ES01"
},
{
"status": "affected",
"version": "10.6(1)SU3ES02"
},
{
"status": "affected",
"version": "11.5(1)SU1ES02"
},
{
"status": "affected",
"version": "11.5(1)SU1ES01"
},
{
"status": "affected",
"version": "11.0(1)SU1ES02"
},
{
"status": "affected",
"version": "12.5(1)_SU03_ES03"
},
{
"status": "affected",
"version": "12.5(1)_SU03_ES04"
},
{
"status": "affected",
"version": "12.5(1)_SU03_ES05"
},
{
"status": "affected",
"version": "UCCX 15.0.1"
},
{
"status": "affected",
"version": "12.5(1)_SU03_ES06"
},
{
"status": "affected",
"version": "12.5(1)_SU03_ES07"
},
{
"status": "affected",
"version": "15.0(1)"
},
{
"status": "affected",
"version": "15.0(1)ES01"
},
{
"status": "affected",
"version": "15.0(1)ES-MSOauth"
},
{
"status": "affected",
"version": "1501_ES01_CSCws06843"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based management interface of\u0026nbsp; Cisco Finesse, Cisco Packaged Contact Center Enterprise (Packaged CCE), Cisco Unified Contact Center Enterprise (Unified CCE), Cisco Unified Contact Center Express (Unified CCX), and Cisco Unified Intelligence Center could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface.\r\n\r\nThis vulnerability exists because the web-based management interface of an affected system does not sufficiently validate user-supplied input. An attacker could exploit this vulnerability by injecting malicious code into specific pages of the interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-11T16:31:23.070Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-cc-xss-MrNAH5Jh",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cc-xss-MrNAH5Jh"
}
],
"source": {
"advisory": "cisco-sa-cc-xss-MrNAH5Jh",
"defects": [
"CSCwq36593"
],
"discovery": "EXTERNAL"
},
"title": "Multiple Cisco Contact Center Products Cross-Site Scripting Vulnerabilities"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2026-20116",
"datePublished": "2026-03-11T16:31:23.070Z",
"dateReserved": "2025-10-08T11:59:15.376Z",
"dateUpdated": "2026-03-11T17:20:21.361Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-20377 (GCVE-0-2025-20377)
Vulnerability from cvelistv5 ā Published: 2025-11-05 16:31 ā Updated: 2025-11-21 14:23
VLAI
Title
Cisco Unified Intelligence Center API Information Disclosure Vulnerability
Summary
A vulnerability in the API subsystem of Cisco Unified Intelligence Center could allow an authenticated, remote attacker to obtain sensitive information from an affected system.
This vulnerability is due to improper validation of requests to certain API endpoints. An attacker could exploit this vulnerability by sending a valid request to a specific API endpoint within the affected system. A successful exploit could allow a low-privileged user to view sensitive information on the affected system that should be restricted. To exploit this vulnerability, the attacker must have valid user credentials on the affected system.
Severity
4.3 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor
Assigner
References
1 reference
Impacted products
4 products
| Vendor | Product | Version | |
|---|---|---|---|
| Cisco | Cisco Packaged Contact Center Enterprise |
Affected:
12.5(1)
Affected: 11.0(1) Affected: 12.0(1) Affected: 11.0(2) Affected: 11.5(1) Affected: 10.5(1) Affected: 10.5(2) Affected: 11.6(2) Affected: 10.5(1)_ES7 Affected: 11.6(1) Affected: 10.5(2)_ES8 Affected: 12.6(1) Affected: 12.5(2) Affected: 12.6(2) Affected: 15.0(1) |
|
| Cisco | Cisco Unified Contact Center Enterprise |
Affected:
12.6(1)ES3
Affected: 12.6(1)ES1 Affected: 12.6(1) Affected: 12.6(1)ES2 Affected: 12.6(1)SecurityPatch Affected: 12.5(1)ES1 Affected: 12.5(1) Affected: 12.6(1)ES4 Affected: 11.0(1) Affected: 10.5(1) Affected: 12.0(1) Affected: 10.5 Affected: 11.0 Affected: 11.5 Affected: 12.6(2) Affected: 12.6(2)ES1 Affected: 12.6(2)ES2 Affected: 15.0(1) Affected: 12.6(2)ES3 Affected: 15.0(1)ET01 Affected: 15.0(1)_SP1 |
|
| Cisco | Cisco Unified Contact Center Express |
Affected:
10.5(1)SU1
Affected: 10.6(1) Affected: 11.6(1) Affected: 10.6(1)SU1 Affected: 10.6(1)SU3 Affected: 11.6(2) Affected: 12.0(1) Affected: 11.0(1)SU1 Affected: 11.5(1)SU1 Affected: 10.5(1) Affected: 12.5(1) Affected: 12.5(1)SU1 Affected: 12.5(1)SU2 Affected: 12.5(1)SU3 Affected: 12.5(1)_SU03_ES01 Affected: 12.5(1)_SU03_ES02 Affected: 12.5(1)_SU02_ES03 Affected: 12.5(1)_SU02_ES04 Affected: 12.5(1)_SU02_ES02 Affected: 12.5(1)_SU01_ES02 Affected: 12.5(1)_SU01_ES03 Affected: 12.5(1)_SU02_ES01 Affected: 11.6(2)ES07 Affected: 11.6(2)ES08 Affected: 12.5(1)_SU01_ES01 Affected: 12.0(1)ES04 Affected: 12.5(1)ES02 Affected: 12.5(1)ES03 Affected: 11.6(2)ES06 Affected: 12.5(1)ES01 Affected: 12.0(1)ES03 Affected: 12.0(1)ES01 Affected: 11.6(2)ES05 Affected: 12.0(1)ES02 Affected: 11.6(2)ES04 Affected: 11.6(2)ES03 Affected: 11.6(2)ES02 Affected: 11.6(2)ES01 Affected: 10.6(1)SU3ES03 Affected: 11.0(1)SU1ES03 Affected: 10.6(1)SU3ES01 Affected: 10.5(1)SU1ES10 Affected: 11.5(1)SU1ES03 Affected: 11.6(1)ES02 Affected: 11.5(1)ES01 Affected: 10.6(1)SU2 Affected: 10.6(1)SU2ES04 Affected: 11.6(1)ES01 Affected: 10.6(1)SU3ES02 Affected: 11.5(1)SU1ES02 Affected: 11.5(1)SU1ES01 Affected: 11.0(1)SU1ES02 Affected: 12.5(1)_SU03_ES03 Affected: 12.5(1)_SU03_ES04 Affected: 12.5(1)_SU03_ES05 Affected: UCCX 15.0.1 Affected: 12.5(1)_SU03_ES06 |
|
| Cisco | Cisco Unified Intelligence Center |
Affected:
11.6(1)
Affected: 10.5(1) Affected: 11.0(1) Affected: 11.5(1) Affected: 12.0(1) Affected: 12.5(1) Affected: 11.0(2) Affected: 12.6(1) Affected: 12.5(1)SU Affected: 12.6(1)_ET Affected: 12.6(1)_ES05_ET Affected: 11.0(3) Affected: 12.6(2) Affected: 12.6(2)_504_Issue_ET Affected: 12.6.1_ExcelIssue_ET Affected: 12.6(2)_Permalink_ET Affected: 12.6.2_CSCwk19536_ET Affected: 12.6.2_CSCwm96922_ET Affected: 12.6.2_Amq_OOS_ET Affected: 12.5(2)ET_CSCwi79933 Affected: 12.6(2)_ET Affected: 12.6.2_CSCwn48501_ET Affected: 15.0(1) Affected: 12.6.2_CSCwp61293_ET Affected: 12.6.2_CSCwp92614_ET |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-20377",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-11-05T20:13:55.442333Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-11-05T20:14:05.911Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Cisco Packaged Contact Center Enterprise",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "12.5(1)"
},
{
"status": "affected",
"version": "11.0(1)"
},
{
"status": "affected",
"version": "12.0(1)"
},
{
"status": "affected",
"version": "11.0(2)"
},
{
"status": "affected",
"version": "11.5(1)"
},
{
"status": "affected",
"version": "10.5(1)"
},
{
"status": "affected",
"version": "10.5(2)"
},
{
"status": "affected",
"version": "11.6(2)"
},
{
"status": "affected",
"version": "10.5(1)_ES7"
},
{
"status": "affected",
"version": "11.6(1)"
},
{
"status": "affected",
"version": "10.5(2)_ES8"
},
{
"status": "affected",
"version": "12.6(1)"
},
{
"status": "affected",
"version": "12.5(2)"
},
{
"status": "affected",
"version": "12.6(2)"
},
{
"status": "affected",
"version": "15.0(1)"
}
]
},
{
"defaultStatus": "unknown",
"product": "Cisco Unified Contact Center Enterprise",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "12.6(1)ES3"
},
{
"status": "affected",
"version": "12.6(1)ES1"
},
{
"status": "affected",
"version": "12.6(1)"
},
{
"status": "affected",
"version": "12.6(1)ES2"
},
{
"status": "affected",
"version": "12.6(1)SecurityPatch"
},
{
"status": "affected",
"version": "12.5(1)ES1"
},
{
"status": "affected",
"version": "12.5(1)"
},
{
"status": "affected",
"version": "12.6(1)ES4"
},
{
"status": "affected",
"version": "11.0(1)"
},
{
"status": "affected",
"version": "10.5(1)"
},
{
"status": "affected",
"version": "12.0(1)"
},
{
"status": "affected",
"version": "10.5"
},
{
"status": "affected",
"version": "11.0"
},
{
"status": "affected",
"version": "11.5"
},
{
"status": "affected",
"version": "12.6(2)"
},
{
"status": "affected",
"version": "12.6(2)ES1"
},
{
"status": "affected",
"version": "12.6(2)ES2"
},
{
"status": "affected",
"version": "15.0(1)"
},
{
"status": "affected",
"version": "12.6(2)ES3"
},
{
"status": "affected",
"version": "15.0(1)ET01"
},
{
"status": "affected",
"version": "15.0(1)_SP1"
}
]
},
{
"defaultStatus": "unknown",
"product": "Cisco Unified Contact Center Express",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "10.5(1)SU1"
},
{
"status": "affected",
"version": "10.6(1)"
},
{
"status": "affected",
"version": "11.6(1)"
},
{
"status": "affected",
"version": "10.6(1)SU1"
},
{
"status": "affected",
"version": "10.6(1)SU3"
},
{
"status": "affected",
"version": "11.6(2)"
},
{
"status": "affected",
"version": "12.0(1)"
},
{
"status": "affected",
"version": "11.0(1)SU1"
},
{
"status": "affected",
"version": "11.5(1)SU1"
},
{
"status": "affected",
"version": "10.5(1)"
},
{
"status": "affected",
"version": "12.5(1)"
},
{
"status": "affected",
"version": "12.5(1)SU1"
},
{
"status": "affected",
"version": "12.5(1)SU2"
},
{
"status": "affected",
"version": "12.5(1)SU3"
},
{
"status": "affected",
"version": "12.5(1)_SU03_ES01"
},
{
"status": "affected",
"version": "12.5(1)_SU03_ES02"
},
{
"status": "affected",
"version": "12.5(1)_SU02_ES03"
},
{
"status": "affected",
"version": "12.5(1)_SU02_ES04"
},
{
"status": "affected",
"version": "12.5(1)_SU02_ES02"
},
{
"status": "affected",
"version": "12.5(1)_SU01_ES02"
},
{
"status": "affected",
"version": "12.5(1)_SU01_ES03"
},
{
"status": "affected",
"version": "12.5(1)_SU02_ES01"
},
{
"status": "affected",
"version": "11.6(2)ES07"
},
{
"status": "affected",
"version": "11.6(2)ES08"
},
{
"status": "affected",
"version": "12.5(1)_SU01_ES01"
},
{
"status": "affected",
"version": "12.0(1)ES04"
},
{
"status": "affected",
"version": "12.5(1)ES02"
},
{
"status": "affected",
"version": "12.5(1)ES03"
},
{
"status": "affected",
"version": "11.6(2)ES06"
},
{
"status": "affected",
"version": "12.5(1)ES01"
},
{
"status": "affected",
"version": "12.0(1)ES03"
},
{
"status": "affected",
"version": "12.0(1)ES01"
},
{
"status": "affected",
"version": "11.6(2)ES05"
},
{
"status": "affected",
"version": "12.0(1)ES02"
},
{
"status": "affected",
"version": "11.6(2)ES04"
},
{
"status": "affected",
"version": "11.6(2)ES03"
},
{
"status": "affected",
"version": "11.6(2)ES02"
},
{
"status": "affected",
"version": "11.6(2)ES01"
},
{
"status": "affected",
"version": "10.6(1)SU3ES03"
},
{
"status": "affected",
"version": "11.0(1)SU1ES03"
},
{
"status": "affected",
"version": "10.6(1)SU3ES01"
},
{
"status": "affected",
"version": "10.5(1)SU1ES10"
},
{
"status": "affected",
"version": "11.5(1)SU1ES03"
},
{
"status": "affected",
"version": "11.6(1)ES02"
},
{
"status": "affected",
"version": "11.5(1)ES01"
},
{
"status": "affected",
"version": "10.6(1)SU2"
},
{
"status": "affected",
"version": "10.6(1)SU2ES04"
},
{
"status": "affected",
"version": "11.6(1)ES01"
},
{
"status": "affected",
"version": "10.6(1)SU3ES02"
},
{
"status": "affected",
"version": "11.5(1)SU1ES02"
},
{
"status": "affected",
"version": "11.5(1)SU1ES01"
},
{
"status": "affected",
"version": "11.0(1)SU1ES02"
},
{
"status": "affected",
"version": "12.5(1)_SU03_ES03"
},
{
"status": "affected",
"version": "12.5(1)_SU03_ES04"
},
{
"status": "affected",
"version": "12.5(1)_SU03_ES05"
},
{
"status": "affected",
"version": "UCCX 15.0.1"
},
{
"status": "affected",
"version": "12.5(1)_SU03_ES06"
}
]
},
{
"defaultStatus": "unknown",
"product": "Cisco Unified Intelligence Center",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "11.6(1)"
},
{
"status": "affected",
"version": "10.5(1)"
},
{
"status": "affected",
"version": "11.0(1)"
},
{
"status": "affected",
"version": "11.5(1)"
},
{
"status": "affected",
"version": "12.0(1)"
},
{
"status": "affected",
"version": "12.5(1)"
},
{
"status": "affected",
"version": "11.0(2)"
},
{
"status": "affected",
"version": "12.6(1)"
},
{
"status": "affected",
"version": "12.5(1)SU"
},
{
"status": "affected",
"version": "12.6(1)_ET"
},
{
"status": "affected",
"version": "12.6(1)_ES05_ET"
},
{
"status": "affected",
"version": "11.0(3)"
},
{
"status": "affected",
"version": "12.6(2)"
},
{
"status": "affected",
"version": "12.6(2)_504_Issue_ET"
},
{
"status": "affected",
"version": "12.6.1_ExcelIssue_ET"
},
{
"status": "affected",
"version": "12.6(2)_Permalink_ET"
},
{
"status": "affected",
"version": "12.6.2_CSCwk19536_ET"
},
{
"status": "affected",
"version": "12.6.2_CSCwm96922_ET"
},
{
"status": "affected",
"version": "12.6.2_Amq_OOS_ET"
},
{
"status": "affected",
"version": "12.5(2)ET_CSCwi79933"
},
{
"status": "affected",
"version": "12.6(2)_ET"
},
{
"status": "affected",
"version": "12.6.2_CSCwn48501_ET"
},
{
"status": "affected",
"version": "15.0(1)"
},
{
"status": "affected",
"version": "12.6.2_CSCwp61293_ET"
},
{
"status": "affected",
"version": "12.6.2_CSCwp92614_ET"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the API subsystem of Cisco Unified Intelligence Center could allow an authenticated, remote attacker to obtain sensitive information from an affected system.\r\n\r\nThis vulnerability is due to improper validation of requests to certain API endpoints. An attacker could exploit this vulnerability by sending a valid request to a specific API endpoint within the affected system. A successful exploit could allow a low-privileged user to view sensitive information on the affected system that should be restricted. To exploit this vulnerability, the attacker must have valid user credentials on the affected system."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "Exposure of Sensitive Information to an Unauthorized Actor",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-21T14:23:13.993Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-cc-mult-vuln-gK4TFXSn",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cc-mult-vuln-gK4TFXSn"
}
],
"source": {
"advisory": "cisco-sa-cc-mult-vuln-gK4TFXSn",
"defects": [
"CSCwo38545"
],
"discovery": "EXTERNAL"
},
"title": "Cisco Unified Intelligence Center API Information Disclosure Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2025-20377",
"datePublished": "2025-11-05T16:31:52.595Z",
"dateReserved": "2024-10-10T19:15:13.263Z",
"dateUpdated": "2025-11-21T14:23:13.993Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-20375 (GCVE-0-2025-20375)
Vulnerability from cvelistv5 ā Published: 2025-11-05 16:31 ā Updated: 2026-02-26 17:47
VLAI
Title
Cisco Unified Contact Center Express Arbitrary File Upload Vulnerability
Summary
A vulnerability in the web UI of Cisco Unified CCX could allow an authenticated, remote attacker to upload and execute arbitrary files.
This vulnerability is due to an insufficient input validation associated to specific UI features. An attacker could exploit this vulnerability by uploading a crafted file to the web UI. A successful exploit could allow the attacker to upload arbitrary files to a vulnerable system and execute them, gaining access to the underlying operating system. To exploit this vulnerability, the attacker must have valid administrative credentials.
Severity
6.5 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-434 - Unrestricted Upload of File with Dangerous Type
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Cisco | Cisco Unified Contact Center Express |
Affected:
10.5(1)SU1
Affected: 10.6(1) Affected: 11.6(1) Affected: 10.6(1)SU1 Affected: 10.6(1)SU3 Affected: 11.6(2) Affected: 12.0(1) Affected: 11.0(1)SU1 Affected: 11.5(1)SU1 Affected: 10.5(1) Affected: 12.5(1) Affected: 12.5(1)SU1 Affected: 12.5(1)SU2 Affected: 12.5(1)SU3 Affected: 12.5(1)_SU03_ES01 Affected: 12.5(1)_SU03_ES02 Affected: 12.5(1)_SU02_ES03 Affected: 12.5(1)_SU02_ES04 Affected: 12.5(1)_SU02_ES02 Affected: 12.5(1)_SU01_ES02 Affected: 12.5(1)_SU01_ES03 Affected: 12.5(1)_SU02_ES01 Affected: 11.6(2)ES07 Affected: 11.6(2)ES08 Affected: 12.5(1)_SU01_ES01 Affected: 12.0(1)ES04 Affected: 12.5(1)ES02 Affected: 12.5(1)ES03 Affected: 11.6(2)ES06 Affected: 12.5(1)ES01 Affected: 12.0(1)ES03 Affected: 12.0(1)ES01 Affected: 11.6(2)ES05 Affected: 12.0(1)ES02 Affected: 11.6(2)ES04 Affected: 11.6(2)ES03 Affected: 11.6(2)ES02 Affected: 11.6(2)ES01 Affected: 10.6(1)SU3ES03 Affected: 11.0(1)SU1ES03 Affected: 10.6(1)SU3ES01 Affected: 10.5(1)SU1ES10 Affected: 11.5(1)SU1ES03 Affected: 11.6(1)ES02 Affected: 11.5(1)ES01 Affected: 10.6(1)SU2 Affected: 10.6(1)SU2ES04 Affected: 11.6(1)ES01 Affected: 10.6(1)SU3ES02 Affected: 11.5(1)SU1ES02 Affected: 11.5(1)SU1ES01 Affected: 11.0(1)SU1ES02 Affected: 12.5(1)_SU03_ES03 Affected: 12.5(1)_SU03_ES04 Affected: 12.5(1)_SU03_ES05 Affected: UCCX 15.0.1 Affected: 12.5(1)_SU03_ES06 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-20375",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-11-06T04:55:46.573406Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-26T17:47:14.139Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Cisco Unified Contact Center Express",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "10.5(1)SU1"
},
{
"status": "affected",
"version": "10.6(1)"
},
{
"status": "affected",
"version": "11.6(1)"
},
{
"status": "affected",
"version": "10.6(1)SU1"
},
{
"status": "affected",
"version": "10.6(1)SU3"
},
{
"status": "affected",
"version": "11.6(2)"
},
{
"status": "affected",
"version": "12.0(1)"
},
{
"status": "affected",
"version": "11.0(1)SU1"
},
{
"status": "affected",
"version": "11.5(1)SU1"
},
{
"status": "affected",
"version": "10.5(1)"
},
{
"status": "affected",
"version": "12.5(1)"
},
{
"status": "affected",
"version": "12.5(1)SU1"
},
{
"status": "affected",
"version": "12.5(1)SU2"
},
{
"status": "affected",
"version": "12.5(1)SU3"
},
{
"status": "affected",
"version": "12.5(1)_SU03_ES01"
},
{
"status": "affected",
"version": "12.5(1)_SU03_ES02"
},
{
"status": "affected",
"version": "12.5(1)_SU02_ES03"
},
{
"status": "affected",
"version": "12.5(1)_SU02_ES04"
},
{
"status": "affected",
"version": "12.5(1)_SU02_ES02"
},
{
"status": "affected",
"version": "12.5(1)_SU01_ES02"
},
{
"status": "affected",
"version": "12.5(1)_SU01_ES03"
},
{
"status": "affected",
"version": "12.5(1)_SU02_ES01"
},
{
"status": "affected",
"version": "11.6(2)ES07"
},
{
"status": "affected",
"version": "11.6(2)ES08"
},
{
"status": "affected",
"version": "12.5(1)_SU01_ES01"
},
{
"status": "affected",
"version": "12.0(1)ES04"
},
{
"status": "affected",
"version": "12.5(1)ES02"
},
{
"status": "affected",
"version": "12.5(1)ES03"
},
{
"status": "affected",
"version": "11.6(2)ES06"
},
{
"status": "affected",
"version": "12.5(1)ES01"
},
{
"status": "affected",
"version": "12.0(1)ES03"
},
{
"status": "affected",
"version": "12.0(1)ES01"
},
{
"status": "affected",
"version": "11.6(2)ES05"
},
{
"status": "affected",
"version": "12.0(1)ES02"
},
{
"status": "affected",
"version": "11.6(2)ES04"
},
{
"status": "affected",
"version": "11.6(2)ES03"
},
{
"status": "affected",
"version": "11.6(2)ES02"
},
{
"status": "affected",
"version": "11.6(2)ES01"
},
{
"status": "affected",
"version": "10.6(1)SU3ES03"
},
{
"status": "affected",
"version": "11.0(1)SU1ES03"
},
{
"status": "affected",
"version": "10.6(1)SU3ES01"
},
{
"status": "affected",
"version": "10.5(1)SU1ES10"
},
{
"status": "affected",
"version": "11.5(1)SU1ES03"
},
{
"status": "affected",
"version": "11.6(1)ES02"
},
{
"status": "affected",
"version": "11.5(1)ES01"
},
{
"status": "affected",
"version": "10.6(1)SU2"
},
{
"status": "affected",
"version": "10.6(1)SU2ES04"
},
{
"status": "affected",
"version": "11.6(1)ES01"
},
{
"status": "affected",
"version": "10.6(1)SU3ES02"
},
{
"status": "affected",
"version": "11.5(1)SU1ES02"
},
{
"status": "affected",
"version": "11.5(1)SU1ES01"
},
{
"status": "affected",
"version": "11.0(1)SU1ES02"
},
{
"status": "affected",
"version": "12.5(1)_SU03_ES03"
},
{
"status": "affected",
"version": "12.5(1)_SU03_ES04"
},
{
"status": "affected",
"version": "12.5(1)_SU03_ES05"
},
{
"status": "affected",
"version": "UCCX 15.0.1"
},
{
"status": "affected",
"version": "12.5(1)_SU03_ES06"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web UI of Cisco Unified CCX could allow an authenticated, remote attacker to upload and execute arbitrary files.\r\n\r\nThis vulnerability is due to an insufficient input validation associated to specific UI features. An attacker could exploit this vulnerability by uploading a crafted file to the web UI. A successful exploit could allow the attacker to upload arbitrary files to a vulnerable system and execute them, gaining access to the underlying operating system. To exploit this vulnerability, the attacker must have valid administrative credentials."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-434",
"description": "Unrestricted Upload of File with Dangerous Type",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-05T16:31:43.035Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-cc-mult-vuln-gK4TFXSn",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cc-mult-vuln-gK4TFXSn"
}
],
"source": {
"advisory": "cisco-sa-cc-mult-vuln-gK4TFXSn",
"defects": [
"CSCwq36645"
],
"discovery": "EXTERNAL"
},
"title": "Cisco Unified Contact Center Express Arbitrary File Upload Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2025-20375",
"datePublished": "2025-11-05T16:31:43.035Z",
"dateReserved": "2024-10-10T19:15:13.262Z",
"dateUpdated": "2026-02-26T17:47:14.139Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-20376 (GCVE-0-2025-20376)
Vulnerability from cvelistv5 ā Published: 2025-11-05 16:31 ā Updated: 2026-02-26 17:47
VLAI
Title
Cisco Unified Contact Center Express Remote Code Execution Vulnerability
Summary
A vulnerability in the web UI of Cisco Unified CCX could allow an authenticated, remote attacker to upload and execute arbitrary files.
This vulnerability is due to an insufficient input validation associated to file upload mechanisms. An attacker could exploit this vulnerability by uploading a malicious file to the web UI and executing it. A successful exploit could allow the attacker to execute arbitrary commands on the underlying system and elevate privileges to root. To exploit this vulnerability, the attacker must have valid administrative credentials.
Severity
6.5 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-434 - Unrestricted Upload of File with Dangerous Type
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Cisco | Cisco Unified Contact Center Express |
Affected:
10.5(1)SU1
Affected: 10.6(1) Affected: 11.6(1) Affected: 10.6(1)SU1 Affected: 10.6(1)SU3 Affected: 11.6(2) Affected: 12.0(1) Affected: 11.0(1)SU1 Affected: 11.5(1)SU1 Affected: 10.5(1) Affected: 12.5(1) Affected: 12.5(1)SU1 Affected: 12.5(1)SU2 Affected: 12.5(1)SU3 Affected: 12.5(1)_SU03_ES01 Affected: 12.5(1)_SU03_ES02 Affected: 12.5(1)_SU02_ES03 Affected: 12.5(1)_SU02_ES04 Affected: 12.5(1)_SU02_ES02 Affected: 12.5(1)_SU01_ES02 Affected: 12.5(1)_SU01_ES03 Affected: 12.5(1)_SU02_ES01 Affected: 11.6(2)ES07 Affected: 11.6(2)ES08 Affected: 12.5(1)_SU01_ES01 Affected: 12.0(1)ES04 Affected: 12.5(1)ES02 Affected: 12.5(1)ES03 Affected: 11.6(2)ES06 Affected: 12.5(1)ES01 Affected: 12.0(1)ES03 Affected: 12.0(1)ES01 Affected: 11.6(2)ES05 Affected: 12.0(1)ES02 Affected: 11.6(2)ES04 Affected: 11.6(2)ES03 Affected: 11.6(2)ES02 Affected: 11.6(2)ES01 Affected: 10.6(1)SU3ES03 Affected: 11.0(1)SU1ES03 Affected: 10.6(1)SU3ES01 Affected: 10.5(1)SU1ES10 Affected: 11.5(1)SU1ES03 Affected: 11.6(1)ES02 Affected: 11.5(1)ES01 Affected: 10.6(1)SU2 Affected: 10.6(1)SU2ES04 Affected: 11.6(1)ES01 Affected: 10.6(1)SU3ES02 Affected: 11.5(1)SU1ES02 Affected: 11.5(1)SU1ES01 Affected: 11.0(1)SU1ES02 Affected: 12.5(1)_SU03_ES03 Affected: 12.5(1)_SU03_ES04 Affected: 12.5(1)_SU03_ES05 Affected: UCCX 15.0.1 Affected: 12.5(1)_SU03_ES06 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-20376",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-11-06T04:55:45.488528Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-26T17:47:14.572Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Cisco Unified Contact Center Express",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "10.5(1)SU1"
},
{
"status": "affected",
"version": "10.6(1)"
},
{
"status": "affected",
"version": "11.6(1)"
},
{
"status": "affected",
"version": "10.6(1)SU1"
},
{
"status": "affected",
"version": "10.6(1)SU3"
},
{
"status": "affected",
"version": "11.6(2)"
},
{
"status": "affected",
"version": "12.0(1)"
},
{
"status": "affected",
"version": "11.0(1)SU1"
},
{
"status": "affected",
"version": "11.5(1)SU1"
},
{
"status": "affected",
"version": "10.5(1)"
},
{
"status": "affected",
"version": "12.5(1)"
},
{
"status": "affected",
"version": "12.5(1)SU1"
},
{
"status": "affected",
"version": "12.5(1)SU2"
},
{
"status": "affected",
"version": "12.5(1)SU3"
},
{
"status": "affected",
"version": "12.5(1)_SU03_ES01"
},
{
"status": "affected",
"version": "12.5(1)_SU03_ES02"
},
{
"status": "affected",
"version": "12.5(1)_SU02_ES03"
},
{
"status": "affected",
"version": "12.5(1)_SU02_ES04"
},
{
"status": "affected",
"version": "12.5(1)_SU02_ES02"
},
{
"status": "affected",
"version": "12.5(1)_SU01_ES02"
},
{
"status": "affected",
"version": "12.5(1)_SU01_ES03"
},
{
"status": "affected",
"version": "12.5(1)_SU02_ES01"
},
{
"status": "affected",
"version": "11.6(2)ES07"
},
{
"status": "affected",
"version": "11.6(2)ES08"
},
{
"status": "affected",
"version": "12.5(1)_SU01_ES01"
},
{
"status": "affected",
"version": "12.0(1)ES04"
},
{
"status": "affected",
"version": "12.5(1)ES02"
},
{
"status": "affected",
"version": "12.5(1)ES03"
},
{
"status": "affected",
"version": "11.6(2)ES06"
},
{
"status": "affected",
"version": "12.5(1)ES01"
},
{
"status": "affected",
"version": "12.0(1)ES03"
},
{
"status": "affected",
"version": "12.0(1)ES01"
},
{
"status": "affected",
"version": "11.6(2)ES05"
},
{
"status": "affected",
"version": "12.0(1)ES02"
},
{
"status": "affected",
"version": "11.6(2)ES04"
},
{
"status": "affected",
"version": "11.6(2)ES03"
},
{
"status": "affected",
"version": "11.6(2)ES02"
},
{
"status": "affected",
"version": "11.6(2)ES01"
},
{
"status": "affected",
"version": "10.6(1)SU3ES03"
},
{
"status": "affected",
"version": "11.0(1)SU1ES03"
},
{
"status": "affected",
"version": "10.6(1)SU3ES01"
},
{
"status": "affected",
"version": "10.5(1)SU1ES10"
},
{
"status": "affected",
"version": "11.5(1)SU1ES03"
},
{
"status": "affected",
"version": "11.6(1)ES02"
},
{
"status": "affected",
"version": "11.5(1)ES01"
},
{
"status": "affected",
"version": "10.6(1)SU2"
},
{
"status": "affected",
"version": "10.6(1)SU2ES04"
},
{
"status": "affected",
"version": "11.6(1)ES01"
},
{
"status": "affected",
"version": "10.6(1)SU3ES02"
},
{
"status": "affected",
"version": "11.5(1)SU1ES02"
},
{
"status": "affected",
"version": "11.5(1)SU1ES01"
},
{
"status": "affected",
"version": "11.0(1)SU1ES02"
},
{
"status": "affected",
"version": "12.5(1)_SU03_ES03"
},
{
"status": "affected",
"version": "12.5(1)_SU03_ES04"
},
{
"status": "affected",
"version": "12.5(1)_SU03_ES05"
},
{
"status": "affected",
"version": "UCCX 15.0.1"
},
{
"status": "affected",
"version": "12.5(1)_SU03_ES06"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web UI of Cisco Unified CCX could allow an authenticated, remote attacker to upload and execute arbitrary files.\r\n\r\nThis vulnerability is due to an insufficient input validation associated to file upload mechanisms. An attacker could exploit this vulnerability by uploading a malicious file to the web UI and executing it. A successful exploit could allow the attacker to execute arbitrary commands on the underlying system and elevate privileges to root. To exploit this vulnerability, the attacker must have valid administrative credentials."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-434",
"description": "Unrestricted Upload of File with Dangerous Type",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-05T16:31:38.793Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-cc-mult-vuln-gK4TFXSn",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cc-mult-vuln-gK4TFXSn"
}
],
"source": {
"advisory": "cisco-sa-cc-mult-vuln-gK4TFXSn",
"defects": [
"CSCwq36567"
],
"discovery": "EXTERNAL"
},
"title": "Cisco Unified Contact Center Express Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2025-20376",
"datePublished": "2025-11-05T16:31:38.793Z",
"dateReserved": "2024-10-10T19:15:13.262Z",
"dateUpdated": "2026-02-26T17:47:14.572Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-20374 (GCVE-0-2025-20374)
Vulnerability from cvelistv5 ā Published: 2025-11-05 16:31 ā Updated: 2025-11-05 20:11
VLAI
Title
Cisco Unified Contact Center Express Arbitrary File Download Vulnerability
Summary
A vulnerability in the web UI of Cisco Unified CCX could allow an authenticated, remote attacker to perform a directory traversal and access arbitrary resources.
This vulnerability is due to an insufficient input validation associated to specific UI features. An attacker could exploit this vulnerability by sending a crafted request to the web UI. A successful exploit could allow the attacker to gain read access to arbitrary files on the underlying operating system. To exploit this vulnerability, the attacker must have valid administrative credentials.
Severity
4.9 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Cisco | Cisco Unified Contact Center Express |
Affected:
10.5(1)SU1
Affected: 10.6(1) Affected: 11.6(1) Affected: 10.6(1)SU1 Affected: 10.6(1)SU3 Affected: 11.6(2) Affected: 12.0(1) Affected: 11.0(1)SU1 Affected: 11.5(1)SU1 Affected: 10.5(1) Affected: 12.5(1) Affected: 12.5(1)SU1 Affected: 12.5(1)SU2 Affected: 12.5(1)SU3 Affected: 12.5(1)_SU03_ES01 Affected: 12.5(1)_SU03_ES02 Affected: 12.5(1)_SU02_ES03 Affected: 12.5(1)_SU02_ES04 Affected: 12.5(1)_SU02_ES02 Affected: 12.5(1)_SU01_ES02 Affected: 12.5(1)_SU01_ES03 Affected: 12.5(1)_SU02_ES01 Affected: 11.6(2)ES07 Affected: 11.6(2)ES08 Affected: 12.5(1)_SU01_ES01 Affected: 12.0(1)ES04 Affected: 12.5(1)ES02 Affected: 12.5(1)ES03 Affected: 11.6(2)ES06 Affected: 12.5(1)ES01 Affected: 12.0(1)ES03 Affected: 12.0(1)ES01 Affected: 11.6(2)ES05 Affected: 12.0(1)ES02 Affected: 11.6(2)ES04 Affected: 11.6(2)ES03 Affected: 11.6(2)ES02 Affected: 11.6(2)ES01 Affected: 10.6(1)SU3ES03 Affected: 11.0(1)SU1ES03 Affected: 10.6(1)SU3ES01 Affected: 10.5(1)SU1ES10 Affected: 11.5(1)SU1ES03 Affected: 11.6(1)ES02 Affected: 11.5(1)ES01 Affected: 10.6(1)SU2 Affected: 10.6(1)SU2ES04 Affected: 11.6(1)ES01 Affected: 10.6(1)SU3ES02 Affected: 11.5(1)SU1ES02 Affected: 11.5(1)SU1ES01 Affected: 11.0(1)SU1ES02 Affected: 12.5(1)_SU03_ES03 Affected: 12.5(1)_SU03_ES04 Affected: 12.5(1)_SU03_ES05 Affected: UCCX 15.0.1 Affected: 12.5(1)_SU03_ES06 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-20374",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-11-05T20:10:38.672178Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-11-05T20:11:12.630Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Cisco Unified Contact Center Express",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "10.5(1)SU1"
},
{
"status": "affected",
"version": "10.6(1)"
},
{
"status": "affected",
"version": "11.6(1)"
},
{
"status": "affected",
"version": "10.6(1)SU1"
},
{
"status": "affected",
"version": "10.6(1)SU3"
},
{
"status": "affected",
"version": "11.6(2)"
},
{
"status": "affected",
"version": "12.0(1)"
},
{
"status": "affected",
"version": "11.0(1)SU1"
},
{
"status": "affected",
"version": "11.5(1)SU1"
},
{
"status": "affected",
"version": "10.5(1)"
},
{
"status": "affected",
"version": "12.5(1)"
},
{
"status": "affected",
"version": "12.5(1)SU1"
},
{
"status": "affected",
"version": "12.5(1)SU2"
},
{
"status": "affected",
"version": "12.5(1)SU3"
},
{
"status": "affected",
"version": "12.5(1)_SU03_ES01"
},
{
"status": "affected",
"version": "12.5(1)_SU03_ES02"
},
{
"status": "affected",
"version": "12.5(1)_SU02_ES03"
},
{
"status": "affected",
"version": "12.5(1)_SU02_ES04"
},
{
"status": "affected",
"version": "12.5(1)_SU02_ES02"
},
{
"status": "affected",
"version": "12.5(1)_SU01_ES02"
},
{
"status": "affected",
"version": "12.5(1)_SU01_ES03"
},
{
"status": "affected",
"version": "12.5(1)_SU02_ES01"
},
{
"status": "affected",
"version": "11.6(2)ES07"
},
{
"status": "affected",
"version": "11.6(2)ES08"
},
{
"status": "affected",
"version": "12.5(1)_SU01_ES01"
},
{
"status": "affected",
"version": "12.0(1)ES04"
},
{
"status": "affected",
"version": "12.5(1)ES02"
},
{
"status": "affected",
"version": "12.5(1)ES03"
},
{
"status": "affected",
"version": "11.6(2)ES06"
},
{
"status": "affected",
"version": "12.5(1)ES01"
},
{
"status": "affected",
"version": "12.0(1)ES03"
},
{
"status": "affected",
"version": "12.0(1)ES01"
},
{
"status": "affected",
"version": "11.6(2)ES05"
},
{
"status": "affected",
"version": "12.0(1)ES02"
},
{
"status": "affected",
"version": "11.6(2)ES04"
},
{
"status": "affected",
"version": "11.6(2)ES03"
},
{
"status": "affected",
"version": "11.6(2)ES02"
},
{
"status": "affected",
"version": "11.6(2)ES01"
},
{
"status": "affected",
"version": "10.6(1)SU3ES03"
},
{
"status": "affected",
"version": "11.0(1)SU1ES03"
},
{
"status": "affected",
"version": "10.6(1)SU3ES01"
},
{
"status": "affected",
"version": "10.5(1)SU1ES10"
},
{
"status": "affected",
"version": "11.5(1)SU1ES03"
},
{
"status": "affected",
"version": "11.6(1)ES02"
},
{
"status": "affected",
"version": "11.5(1)ES01"
},
{
"status": "affected",
"version": "10.6(1)SU2"
},
{
"status": "affected",
"version": "10.6(1)SU2ES04"
},
{
"status": "affected",
"version": "11.6(1)ES01"
},
{
"status": "affected",
"version": "10.6(1)SU3ES02"
},
{
"status": "affected",
"version": "11.5(1)SU1ES02"
},
{
"status": "affected",
"version": "11.5(1)SU1ES01"
},
{
"status": "affected",
"version": "11.0(1)SU1ES02"
},
{
"status": "affected",
"version": "12.5(1)_SU03_ES03"
},
{
"status": "affected",
"version": "12.5(1)_SU03_ES04"
},
{
"status": "affected",
"version": "12.5(1)_SU03_ES05"
},
{
"status": "affected",
"version": "UCCX 15.0.1"
},
{
"status": "affected",
"version": "12.5(1)_SU03_ES06"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web UI of Cisco Unified CCX could allow an authenticated, remote attacker to perform a directory traversal and access arbitrary resources.\r\n\r\nThis vulnerability is due to an insufficient input validation associated to specific UI features. An attacker could exploit this vulnerability by sending a crafted request to the web UI. A successful exploit could allow the attacker to gain read access to arbitrary files on the underlying operating system.\u0026nbsp;To exploit this vulnerability, the attacker must have valid administrative credentials."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-05T16:31:23.862Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-cc-mult-vuln-gK4TFXSn",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cc-mult-vuln-gK4TFXSn"
}
],
"source": {
"advisory": "cisco-sa-cc-mult-vuln-gK4TFXSn",
"defects": [
"CSCwq36596"
],
"discovery": "EXTERNAL"
},
"title": "Cisco Unified Contact Center Express Arbitrary File Download Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2025-20374",
"datePublished": "2025-11-05T16:31:23.862Z",
"dateReserved": "2024-10-10T19:15:13.262Z",
"dateUpdated": "2025-11-05T20:11:12.630Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-20358 (GCVE-0-2025-20358)
Vulnerability from cvelistv5 ā Published: 2025-11-05 16:31 ā Updated: 2026-02-26 17:47
VLAI
Title
Cisco Unified Contact Center Express Editor Authentication Bypass Vulnerability
Summary
A vulnerability in the Contact Center Express (CCX) Editor application of Cisco Unified CCX could allow an unauthenticated, remote attacker to bypass authentication and obtain administrative permissions pertaining to script creation and execution.
This vulnerability is due to improper authentication mechanisms in the communication between the CCX Editor and an affected Unified CCX server. An attacker could exploit this vulnerability by redirecting the authentication flow to a malicious server and tricking the CCX Editor into believing the authentication was successful. A successful exploit could allow the attacker to create and execute arbitrary scripts on the underlying operating system of an affected Unified CCX server, as an internal non-root user account.
Severity
9.4 (Critical)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-306 - Missing Authentication for Critical Function
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Cisco | Cisco Unified Contact Center Express |
Affected:
10.5(1)SU1
Affected: 10.6(1) Affected: 11.6(1) Affected: 10.6(1)SU1 Affected: 10.6(1)SU3 Affected: 11.6(2) Affected: 12.0(1) Affected: 11.0(1)SU1 Affected: 11.5(1)SU1 Affected: 10.5(1) Affected: 12.5(1) Affected: 12.5(1)SU1 Affected: 12.5(1)SU2 Affected: 12.5(1)SU3 Affected: 12.5(1)_SU03_ES01 Affected: 12.5(1)_SU03_ES02 Affected: 12.5(1)_SU02_ES03 Affected: 12.5(1)_SU02_ES04 Affected: 12.5(1)_SU02_ES02 Affected: 12.5(1)_SU01_ES02 Affected: 12.5(1)_SU01_ES03 Affected: 12.5(1)_SU02_ES01 Affected: 11.6(2)ES07 Affected: 11.6(2)ES08 Affected: 12.5(1)_SU01_ES01 Affected: 12.0(1)ES04 Affected: 12.5(1)ES02 Affected: 12.5(1)ES03 Affected: 11.6(2)ES06 Affected: 12.5(1)ES01 Affected: 12.0(1)ES03 Affected: 12.0(1)ES01 Affected: 11.6(2)ES05 Affected: 12.0(1)ES02 Affected: 11.6(2)ES04 Affected: 11.6(2)ES03 Affected: 11.6(2)ES02 Affected: 11.6(2)ES01 Affected: 10.6(1)SU3ES03 Affected: 11.0(1)SU1ES03 Affected: 10.6(1)SU3ES01 Affected: 10.5(1)SU1ES10 Affected: 11.5(1)SU1ES03 Affected: 11.6(1)ES02 Affected: 11.5(1)ES01 Affected: 10.6(1)SU2 Affected: 10.6(1)SU2ES04 Affected: 11.6(1)ES01 Affected: 10.6(1)SU3ES02 Affected: 11.5(1)SU1ES02 Affected: 11.5(1)SU1ES01 Affected: 11.0(1)SU1ES02 Affected: 12.5(1)_SU03_ES03 Affected: 12.5(1)_SU03_ES04 Affected: 12.5(1)_SU03_ES05 Affected: UCCX 15.0.1 Affected: 12.5(1)_SU03_ES06 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-20358",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-11-06T04:55:44.323949Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-26T17:47:14.895Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Cisco Unified Contact Center Express",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "10.5(1)SU1"
},
{
"status": "affected",
"version": "10.6(1)"
},
{
"status": "affected",
"version": "11.6(1)"
},
{
"status": "affected",
"version": "10.6(1)SU1"
},
{
"status": "affected",
"version": "10.6(1)SU3"
},
{
"status": "affected",
"version": "11.6(2)"
},
{
"status": "affected",
"version": "12.0(1)"
},
{
"status": "affected",
"version": "11.0(1)SU1"
},
{
"status": "affected",
"version": "11.5(1)SU1"
},
{
"status": "affected",
"version": "10.5(1)"
},
{
"status": "affected",
"version": "12.5(1)"
},
{
"status": "affected",
"version": "12.5(1)SU1"
},
{
"status": "affected",
"version": "12.5(1)SU2"
},
{
"status": "affected",
"version": "12.5(1)SU3"
},
{
"status": "affected",
"version": "12.5(1)_SU03_ES01"
},
{
"status": "affected",
"version": "12.5(1)_SU03_ES02"
},
{
"status": "affected",
"version": "12.5(1)_SU02_ES03"
},
{
"status": "affected",
"version": "12.5(1)_SU02_ES04"
},
{
"status": "affected",
"version": "12.5(1)_SU02_ES02"
},
{
"status": "affected",
"version": "12.5(1)_SU01_ES02"
},
{
"status": "affected",
"version": "12.5(1)_SU01_ES03"
},
{
"status": "affected",
"version": "12.5(1)_SU02_ES01"
},
{
"status": "affected",
"version": "11.6(2)ES07"
},
{
"status": "affected",
"version": "11.6(2)ES08"
},
{
"status": "affected",
"version": "12.5(1)_SU01_ES01"
},
{
"status": "affected",
"version": "12.0(1)ES04"
},
{
"status": "affected",
"version": "12.5(1)ES02"
},
{
"status": "affected",
"version": "12.5(1)ES03"
},
{
"status": "affected",
"version": "11.6(2)ES06"
},
{
"status": "affected",
"version": "12.5(1)ES01"
},
{
"status": "affected",
"version": "12.0(1)ES03"
},
{
"status": "affected",
"version": "12.0(1)ES01"
},
{
"status": "affected",
"version": "11.6(2)ES05"
},
{
"status": "affected",
"version": "12.0(1)ES02"
},
{
"status": "affected",
"version": "11.6(2)ES04"
},
{
"status": "affected",
"version": "11.6(2)ES03"
},
{
"status": "affected",
"version": "11.6(2)ES02"
},
{
"status": "affected",
"version": "11.6(2)ES01"
},
{
"status": "affected",
"version": "10.6(1)SU3ES03"
},
{
"status": "affected",
"version": "11.0(1)SU1ES03"
},
{
"status": "affected",
"version": "10.6(1)SU3ES01"
},
{
"status": "affected",
"version": "10.5(1)SU1ES10"
},
{
"status": "affected",
"version": "11.5(1)SU1ES03"
},
{
"status": "affected",
"version": "11.6(1)ES02"
},
{
"status": "affected",
"version": "11.5(1)ES01"
},
{
"status": "affected",
"version": "10.6(1)SU2"
},
{
"status": "affected",
"version": "10.6(1)SU2ES04"
},
{
"status": "affected",
"version": "11.6(1)ES01"
},
{
"status": "affected",
"version": "10.6(1)SU3ES02"
},
{
"status": "affected",
"version": "11.5(1)SU1ES02"
},
{
"status": "affected",
"version": "11.5(1)SU1ES01"
},
{
"status": "affected",
"version": "11.0(1)SU1ES02"
},
{
"status": "affected",
"version": "12.5(1)_SU03_ES03"
},
{
"status": "affected",
"version": "12.5(1)_SU03_ES04"
},
{
"status": "affected",
"version": "12.5(1)_SU03_ES05"
},
{
"status": "affected",
"version": "UCCX 15.0.1"
},
{
"status": "affected",
"version": "12.5(1)_SU03_ES06"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the Contact Center Express (CCX) Editor application of Cisco Unified CCX could allow an unauthenticated, remote attacker to bypass authentication and obtain administrative permissions pertaining to script creation and execution.\r\n\r\nThis vulnerability is due to improper authentication mechanisms in the communication between the CCX Editor and an affected Unified CCX server. An attacker could exploit this vulnerability by redirecting the authentication flow to a malicious server and tricking the CCX Editor into believing the authentication was successful. A successful exploit could allow the attacker to create and execute arbitrary scripts on the underlying operating system of an affected Unified CCX server, as an internal non-root user account."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 9.4,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-306",
"description": "Missing Authentication for Critical Function",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-05T16:31:23.210Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-cc-unauth-rce-QeN8h7mQ",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cc-unauth-rce-QeN8h7mQ"
}
],
"source": {
"advisory": "cisco-sa-cc-unauth-rce-QeN8h7mQ",
"defects": [
"CSCwq36573"
],
"discovery": "EXTERNAL"
},
"title": "Cisco Unified Contact Center Express Editor Authentication Bypass Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2025-20358",
"datePublished": "2025-11-05T16:31:23.210Z",
"dateReserved": "2024-10-10T19:15:13.257Z",
"dateUpdated": "2026-02-26T17:47:14.895Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-20354 (GCVE-0-2025-20354)
Vulnerability from cvelistv5 ā Published: 2025-11-05 16:31 ā Updated: 2026-02-26 17:47
VLAI
Title
Cisco Unified Contact Center Express Remote Code Execution Vulnerability
Summary
A vulnerability in the Java Remote Method Invocation (RMI) process of Cisco Unified CCX could allow an unauthenticated, remote attacker to upload arbitrary files and execute arbitrary commands with root permissions on an affected system.
This vulnerability is due to improper authentication mechanisms that are associated to specific Cisco Unified CCX features. An attacker could exploit this vulnerability by uploading a crafted file to an affected system through the Java RMI process. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system and elevate privileges to root.
Severity
9.8 (Critical)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-434 - Unrestricted Upload of File with Dangerous Type
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Cisco | Cisco Unified Contact Center Express |
Affected:
10.5(1)SU1
Affected: 10.6(1) Affected: 11.6(1) Affected: 10.6(1)SU1 Affected: 10.6(1)SU3 Affected: 11.6(2) Affected: 12.0(1) Affected: 11.0(1)SU1 Affected: 11.5(1)SU1 Affected: 10.5(1) Affected: 12.5(1) Affected: 12.5(1)SU1 Affected: 12.5(1)SU2 Affected: 12.5(1)SU3 Affected: 12.5(1)_SU03_ES01 Affected: 12.5(1)_SU03_ES02 Affected: 12.5(1)_SU02_ES03 Affected: 12.5(1)_SU02_ES04 Affected: 12.5(1)_SU02_ES02 Affected: 12.5(1)_SU01_ES02 Affected: 12.5(1)_SU01_ES03 Affected: 12.5(1)_SU02_ES01 Affected: 11.6(2)ES07 Affected: 11.6(2)ES08 Affected: 12.5(1)_SU01_ES01 Affected: 12.0(1)ES04 Affected: 12.5(1)ES02 Affected: 12.5(1)ES03 Affected: 11.6(2)ES06 Affected: 12.5(1)ES01 Affected: 12.0(1)ES03 Affected: 12.0(1)ES01 Affected: 11.6(2)ES05 Affected: 12.0(1)ES02 Affected: 11.6(2)ES04 Affected: 11.6(2)ES03 Affected: 11.6(2)ES02 Affected: 11.6(2)ES01 Affected: 10.6(1)SU3ES03 Affected: 11.0(1)SU1ES03 Affected: 10.6(1)SU3ES01 Affected: 10.5(1)SU1ES10 Affected: 11.5(1)SU1ES03 Affected: 11.6(1)ES02 Affected: 11.5(1)ES01 Affected: 10.6(1)SU2 Affected: 10.6(1)SU2ES04 Affected: 11.6(1)ES01 Affected: 10.6(1)SU3ES02 Affected: 11.5(1)SU1ES02 Affected: 11.5(1)SU1ES01 Affected: 11.0(1)SU1ES02 Affected: 12.5(1)_SU03_ES03 Affected: 12.5(1)_SU03_ES04 Affected: 12.5(1)_SU03_ES05 Affected: UCCX 15.0.1 Affected: 12.5(1)_SU03_ES06 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-20354",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-11-06T04:55:43.370246Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-26T17:47:15.433Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Cisco Unified Contact Center Express",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "10.5(1)SU1"
},
{
"status": "affected",
"version": "10.6(1)"
},
{
"status": "affected",
"version": "11.6(1)"
},
{
"status": "affected",
"version": "10.6(1)SU1"
},
{
"status": "affected",
"version": "10.6(1)SU3"
},
{
"status": "affected",
"version": "11.6(2)"
},
{
"status": "affected",
"version": "12.0(1)"
},
{
"status": "affected",
"version": "11.0(1)SU1"
},
{
"status": "affected",
"version": "11.5(1)SU1"
},
{
"status": "affected",
"version": "10.5(1)"
},
{
"status": "affected",
"version": "12.5(1)"
},
{
"status": "affected",
"version": "12.5(1)SU1"
},
{
"status": "affected",
"version": "12.5(1)SU2"
},
{
"status": "affected",
"version": "12.5(1)SU3"
},
{
"status": "affected",
"version": "12.5(1)_SU03_ES01"
},
{
"status": "affected",
"version": "12.5(1)_SU03_ES02"
},
{
"status": "affected",
"version": "12.5(1)_SU02_ES03"
},
{
"status": "affected",
"version": "12.5(1)_SU02_ES04"
},
{
"status": "affected",
"version": "12.5(1)_SU02_ES02"
},
{
"status": "affected",
"version": "12.5(1)_SU01_ES02"
},
{
"status": "affected",
"version": "12.5(1)_SU01_ES03"
},
{
"status": "affected",
"version": "12.5(1)_SU02_ES01"
},
{
"status": "affected",
"version": "11.6(2)ES07"
},
{
"status": "affected",
"version": "11.6(2)ES08"
},
{
"status": "affected",
"version": "12.5(1)_SU01_ES01"
},
{
"status": "affected",
"version": "12.0(1)ES04"
},
{
"status": "affected",
"version": "12.5(1)ES02"
},
{
"status": "affected",
"version": "12.5(1)ES03"
},
{
"status": "affected",
"version": "11.6(2)ES06"
},
{
"status": "affected",
"version": "12.5(1)ES01"
},
{
"status": "affected",
"version": "12.0(1)ES03"
},
{
"status": "affected",
"version": "12.0(1)ES01"
},
{
"status": "affected",
"version": "11.6(2)ES05"
},
{
"status": "affected",
"version": "12.0(1)ES02"
},
{
"status": "affected",
"version": "11.6(2)ES04"
},
{
"status": "affected",
"version": "11.6(2)ES03"
},
{
"status": "affected",
"version": "11.6(2)ES02"
},
{
"status": "affected",
"version": "11.6(2)ES01"
},
{
"status": "affected",
"version": "10.6(1)SU3ES03"
},
{
"status": "affected",
"version": "11.0(1)SU1ES03"
},
{
"status": "affected",
"version": "10.6(1)SU3ES01"
},
{
"status": "affected",
"version": "10.5(1)SU1ES10"
},
{
"status": "affected",
"version": "11.5(1)SU1ES03"
},
{
"status": "affected",
"version": "11.6(1)ES02"
},
{
"status": "affected",
"version": "11.5(1)ES01"
},
{
"status": "affected",
"version": "10.6(1)SU2"
},
{
"status": "affected",
"version": "10.6(1)SU2ES04"
},
{
"status": "affected",
"version": "11.6(1)ES01"
},
{
"status": "affected",
"version": "10.6(1)SU3ES02"
},
{
"status": "affected",
"version": "11.5(1)SU1ES02"
},
{
"status": "affected",
"version": "11.5(1)SU1ES01"
},
{
"status": "affected",
"version": "11.0(1)SU1ES02"
},
{
"status": "affected",
"version": "12.5(1)_SU03_ES03"
},
{
"status": "affected",
"version": "12.5(1)_SU03_ES04"
},
{
"status": "affected",
"version": "12.5(1)_SU03_ES05"
},
{
"status": "affected",
"version": "UCCX 15.0.1"
},
{
"status": "affected",
"version": "12.5(1)_SU03_ES06"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the Java Remote Method Invocation (RMI) process of Cisco Unified CCX could allow an unauthenticated, remote attacker to upload arbitrary files and execute arbitrary commands with root permissions on an affected system.\r\n\r\nThis vulnerability is due to improper authentication mechanisms that are associated to specific Cisco Unified CCX features. An attacker could exploit this vulnerability by uploading a crafted file to an affected system through the Java RMI process. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system and elevate privileges to root."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-434",
"description": "Unrestricted Upload of File with Dangerous Type",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-05T16:31:14.821Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-cc-unauth-rce-QeN8h7mQ",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cc-unauth-rce-QeN8h7mQ"
}
],
"source": {
"advisory": "cisco-sa-cc-unauth-rce-QeN8h7mQ",
"defects": [
"CSCwq36528"
],
"discovery": "EXTERNAL"
},
"title": "Cisco Unified Contact Center Express Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2025-20354",
"datePublished": "2025-11-05T16:31:14.821Z",
"dateReserved": "2024-10-10T19:15:13.257Z",
"dateUpdated": "2026-02-26T17:47:15.433Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-20288 (GCVE-0-2025-20288)
Vulnerability from cvelistv5 ā Published: 2025-07-16 16:16 ā Updated: 2025-07-18 14:30
VLAI
Title
Cisco Unified Intelligence Center Server-Side Request Forgery Vulnerability
Summary
A vulnerability in the web-based management interface of Cisco Unified Intelligence Center could allow an unauthenticated, remote attacker to conduct a server-side request forgery (SSRF) attack through an affected device.
This vulnerability is due to improper input validation for specific HTTP requests. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected device. A successful exploit could allow the attacker to send arbitrary network requests that are sourced from the affected device.
Severity
5.8 (Medium)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-918 - Server-Side Request Forgery (SSRF)
Assigner
References
1 reference
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Cisco | Cisco Unified Contact Center Express |
Affected:
10.6(1)
Affected: 10.5(1)SU1 Affected: 10.6(1)SU3 Affected: 12.0(1) Affected: 10.6(1)SU1 Affected: 11.0(1)SU1 Affected: 11.5(1)SU1 Affected: 10.5(1) Affected: 11.6(1) Affected: 11.6(2) Affected: 12.5(1) Affected: 12.5(1)SU1 Affected: 12.5(1)SU2 Affected: 12.5(1)SU3 Affected: 12.5(1)_SU03_ES01 Affected: 12.5(1)_SU03_ES02 Affected: 12.5(1)_SU02_ES03 Affected: 12.5(1)_SU02_ES04 Affected: 12.5(1)_SU02_ES02 Affected: 12.5(1)_SU01_ES02 Affected: 12.5(1)_SU01_ES03 Affected: 12.5(1)_SU02_ES01 Affected: 11.6(2)ES07 Affected: 11.6(2)ES08 Affected: 12.5(1)_SU01_ES01 Affected: 12.0(1)ES04 Affected: 12.5(1)ES02 Affected: 12.5(1)ES03 Affected: 11.6(2)ES06 Affected: 12.5(1)ES01 Affected: 12.0(1)ES03 Affected: 12.0(1)ES01 Affected: 11.6(2)ES05 Affected: 12.0(1)ES02 Affected: 11.6(2)ES04 Affected: 11.6(2)ES03 Affected: 11.6(2)ES02 Affected: 11.6(2)ES01 Affected: 10.6(1)SU3ES03 Affected: 11.0(1)SU1ES03 Affected: 10.6(1)SU3ES01 Affected: 10.5(1)SU1ES10 Affected: 11.5(1)SU1ES03 Affected: 11.6(1)ES02 Affected: 11.5(1)ES01 Affected: 10.6(1)SU2 Affected: 10.6(1)SU2ES04 Affected: 11.6(1)ES01 Affected: 10.6(1)SU3ES02 Affected: 11.5(1)SU1ES02 Affected: 11.5(1)SU1ES01 Affected: 11.0(1)SU1ES02 Affected: 12.5(1)_SU03_ES03 Affected: 12.5(1)_SU03_ES04 Affected: 12.5(1)_SU03_ES05 Affected: 12.5(1)_SU03_ES06 |
|
| Cisco | Cisco Unified Intelligence Center |
Affected:
11.6(1)
Affected: 10.5(1) Affected: 11.0(1) Affected: 11.5(1) Affected: 12.0(1) Affected: 12.5(1) Affected: 11.0(2) Affected: 12.6(1) Affected: 12.5(1)SU Affected: 12.6(1)_ET Affected: 12.6(1)_ES05_ET Affected: 11.0(3) Affected: 12.6(2) Affected: 12.6(2)_504_Issue_ET Affected: 12.6.1_ExcelIssue_ET Affected: 12.6(2)_Permalink_ET Affected: 12.6.2_CSCwk19536_ET Affected: 12.6.2_CSCwm96922_ET Affected: 12.6.2_Amq_OOS_ET Affected: 12.5(2)ET_CSCwi79933 Affected: 12.6(2)_ET Affected: 12.6.2_CSCwn48501_ET |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-20288",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-18T14:30:07.079145Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-07-18T14:30:15.794Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Cisco Unified Contact Center Express",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "10.6(1)"
},
{
"status": "affected",
"version": "10.5(1)SU1"
},
{
"status": "affected",
"version": "10.6(1)SU3"
},
{
"status": "affected",
"version": "12.0(1)"
},
{
"status": "affected",
"version": "10.6(1)SU1"
},
{
"status": "affected",
"version": "11.0(1)SU1"
},
{
"status": "affected",
"version": "11.5(1)SU1"
},
{
"status": "affected",
"version": "10.5(1)"
},
{
"status": "affected",
"version": "11.6(1)"
},
{
"status": "affected",
"version": "11.6(2)"
},
{
"status": "affected",
"version": "12.5(1)"
},
{
"status": "affected",
"version": "12.5(1)SU1"
},
{
"status": "affected",
"version": "12.5(1)SU2"
},
{
"status": "affected",
"version": "12.5(1)SU3"
},
{
"status": "affected",
"version": "12.5(1)_SU03_ES01"
},
{
"status": "affected",
"version": "12.5(1)_SU03_ES02"
},
{
"status": "affected",
"version": "12.5(1)_SU02_ES03"
},
{
"status": "affected",
"version": "12.5(1)_SU02_ES04"
},
{
"status": "affected",
"version": "12.5(1)_SU02_ES02"
},
{
"status": "affected",
"version": "12.5(1)_SU01_ES02"
},
{
"status": "affected",
"version": "12.5(1)_SU01_ES03"
},
{
"status": "affected",
"version": "12.5(1)_SU02_ES01"
},
{
"status": "affected",
"version": "11.6(2)ES07"
},
{
"status": "affected",
"version": "11.6(2)ES08"
},
{
"status": "affected",
"version": "12.5(1)_SU01_ES01"
},
{
"status": "affected",
"version": "12.0(1)ES04"
},
{
"status": "affected",
"version": "12.5(1)ES02"
},
{
"status": "affected",
"version": "12.5(1)ES03"
},
{
"status": "affected",
"version": "11.6(2)ES06"
},
{
"status": "affected",
"version": "12.5(1)ES01"
},
{
"status": "affected",
"version": "12.0(1)ES03"
},
{
"status": "affected",
"version": "12.0(1)ES01"
},
{
"status": "affected",
"version": "11.6(2)ES05"
},
{
"status": "affected",
"version": "12.0(1)ES02"
},
{
"status": "affected",
"version": "11.6(2)ES04"
},
{
"status": "affected",
"version": "11.6(2)ES03"
},
{
"status": "affected",
"version": "11.6(2)ES02"
},
{
"status": "affected",
"version": "11.6(2)ES01"
},
{
"status": "affected",
"version": "10.6(1)SU3ES03"
},
{
"status": "affected",
"version": "11.0(1)SU1ES03"
},
{
"status": "affected",
"version": "10.6(1)SU3ES01"
},
{
"status": "affected",
"version": "10.5(1)SU1ES10"
},
{
"status": "affected",
"version": "11.5(1)SU1ES03"
},
{
"status": "affected",
"version": "11.6(1)ES02"
},
{
"status": "affected",
"version": "11.5(1)ES01"
},
{
"status": "affected",
"version": "10.6(1)SU2"
},
{
"status": "affected",
"version": "10.6(1)SU2ES04"
},
{
"status": "affected",
"version": "11.6(1)ES01"
},
{
"status": "affected",
"version": "10.6(1)SU3ES02"
},
{
"status": "affected",
"version": "11.5(1)SU1ES02"
},
{
"status": "affected",
"version": "11.5(1)SU1ES01"
},
{
"status": "affected",
"version": "11.0(1)SU1ES02"
},
{
"status": "affected",
"version": "12.5(1)_SU03_ES03"
},
{
"status": "affected",
"version": "12.5(1)_SU03_ES04"
},
{
"status": "affected",
"version": "12.5(1)_SU03_ES05"
},
{
"status": "affected",
"version": "12.5(1)_SU03_ES06"
}
]
},
{
"defaultStatus": "unknown",
"product": "Cisco Unified Intelligence Center",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "11.6(1)"
},
{
"status": "affected",
"version": "10.5(1)"
},
{
"status": "affected",
"version": "11.0(1)"
},
{
"status": "affected",
"version": "11.5(1)"
},
{
"status": "affected",
"version": "12.0(1)"
},
{
"status": "affected",
"version": "12.5(1)"
},
{
"status": "affected",
"version": "11.0(2)"
},
{
"status": "affected",
"version": "12.6(1)"
},
{
"status": "affected",
"version": "12.5(1)SU"
},
{
"status": "affected",
"version": "12.6(1)_ET"
},
{
"status": "affected",
"version": "12.6(1)_ES05_ET"
},
{
"status": "affected",
"version": "11.0(3)"
},
{
"status": "affected",
"version": "12.6(2)"
},
{
"status": "affected",
"version": "12.6(2)_504_Issue_ET"
},
{
"status": "affected",
"version": "12.6.1_ExcelIssue_ET"
},
{
"status": "affected",
"version": "12.6(2)_Permalink_ET"
},
{
"status": "affected",
"version": "12.6.2_CSCwk19536_ET"
},
{
"status": "affected",
"version": "12.6.2_CSCwm96922_ET"
},
{
"status": "affected",
"version": "12.6.2_Amq_OOS_ET"
},
{
"status": "affected",
"version": "12.5(2)ET_CSCwi79933"
},
{
"status": "affected",
"version": "12.6(2)_ET"
},
{
"status": "affected",
"version": "12.6.2_CSCwn48501_ET"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based management interface of Cisco Unified Intelligence Center could allow an unauthenticated, remote attacker to conduct a server-side request forgery (SSRF) attack through an affected device.\r\n\r\nThis vulnerability is due to improper input validation for specific HTTP requests. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected device. A successful exploit could allow the attacker to send arbitrary network requests that are sourced from the affected device."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-918",
"description": "Server-Side Request Forgery (SSRF)",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-16T16:16:55.622Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-cuis-ssrf-JSuDjeV",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cuis-ssrf-JSuDjeV"
}
],
"source": {
"advisory": "cisco-sa-cuis-ssrf-JSuDjeV",
"defects": [
"CSCwn34672"
],
"discovery": "EXTERNAL"
},
"title": "Cisco Unified Intelligence Center Server-Side Request Forgery Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2025-20288",
"datePublished": "2025-07-16T16:16:55.622Z",
"dateReserved": "2024-10-10T19:15:13.251Z",
"dateUpdated": "2025-07-18T14:30:15.794Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-20274 (GCVE-0-2025-20274)
Vulnerability from cvelistv5 ā Published: 2025-07-16 16:16 ā Updated: 2026-02-26 17:50
VLAI
Title
Cisco Unified Intelligence Center Arbitrary File Upload Vulnerability
Summary
A vulnerability in the web-based management interface of Cisco Unified Intelligence Center could allow an authenticated, remote attacker to upload arbitrary files to an affected device.
This vulnerability is due to improper validation of files that are uploaded to the web-based management interface. An attacker could exploit this vulnerability by uploading arbitrary files to an affected device. A successful exploit could allow the attacker to store malicious files on the system and execute arbitrary commands on the operating system. The Security Impact Rating (SIR) of this advisory has been raised to High because an attacker could elevate privileges to root. To exploit this vulnerability, the attacker must have valid credentials for a user account with at least the role of Report Designer.
Severity
6.3 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-434 - Unrestricted Upload of File with Dangerous Type
Assigner
References
1 reference
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Cisco | Cisco Unified Contact Center Express |
Affected:
10.6(1)
Affected: 10.5(1)SU1 Affected: 10.6(1)SU3 Affected: 12.0(1) Affected: 10.6(1)SU1 Affected: 11.0(1)SU1 Affected: 11.5(1)SU1 Affected: 10.5(1) Affected: 11.6(1) Affected: 11.6(2) Affected: 12.5(1) Affected: 12.5(1)SU1 Affected: 12.5(1)SU2 Affected: 12.5(1)SU3 Affected: 12.5(1)_SU03_ES01 Affected: 12.5(1)_SU03_ES02 Affected: 12.5(1)_SU02_ES03 Affected: 12.5(1)_SU02_ES04 Affected: 12.5(1)_SU02_ES02 Affected: 12.5(1)_SU01_ES02 Affected: 12.5(1)_SU01_ES03 Affected: 12.5(1)_SU02_ES01 Affected: 11.6(2)ES07 Affected: 11.6(2)ES08 Affected: 12.5(1)_SU01_ES01 Affected: 12.0(1)ES04 Affected: 12.5(1)ES02 Affected: 12.5(1)ES03 Affected: 11.6(2)ES06 Affected: 12.5(1)ES01 Affected: 12.0(1)ES03 Affected: 12.0(1)ES01 Affected: 11.6(2)ES05 Affected: 12.0(1)ES02 Affected: 11.6(2)ES04 Affected: 11.6(2)ES03 Affected: 11.6(2)ES02 Affected: 11.6(2)ES01 Affected: 10.6(1)SU3ES03 Affected: 11.0(1)SU1ES03 Affected: 10.6(1)SU3ES01 Affected: 10.5(1)SU1ES10 Affected: 11.5(1)SU1ES03 Affected: 11.6(1)ES02 Affected: 11.5(1)ES01 Affected: 10.6(1)SU2 Affected: 10.6(1)SU2ES04 Affected: 11.6(1)ES01 Affected: 10.6(1)SU3ES02 Affected: 11.5(1)SU1ES02 Affected: 11.5(1)SU1ES01 Affected: 11.0(1)SU1ES02 Affected: 12.5(1)_SU03_ES03 Affected: 12.5(1)_SU03_ES04 Affected: 12.5(1)_SU03_ES05 Affected: 12.5(1)_SU03_ES06 |
|
| Cisco | Cisco Unified Intelligence Center |
Affected:
11.6(1)
Affected: 10.5(1) Affected: 11.0(1) Affected: 11.5(1) Affected: 12.0(1) Affected: 12.5(1) Affected: 11.0(2) Affected: 12.6(1) Affected: 12.5(1)SU Affected: 12.6(1)_ET Affected: 12.6(1)_ES05_ET Affected: 11.0(3) Affected: 12.6(2) Affected: 12.6(2)_504_Issue_ET Affected: 12.6.1_ExcelIssue_ET Affected: 12.6(2)_Permalink_ET Affected: 12.6.2_CSCwk19536_ET Affected: 12.6.2_CSCwm96922_ET Affected: 12.6.2_Amq_OOS_ET Affected: 12.5(2)ET_CSCwi79933 Affected: 12.6(2)_ET Affected: 12.6.2_CSCwn48501_ET |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-20274",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-17T03:55:54.247665Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-26T17:50:31.824Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Cisco Unified Contact Center Express",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "10.6(1)"
},
{
"status": "affected",
"version": "10.5(1)SU1"
},
{
"status": "affected",
"version": "10.6(1)SU3"
},
{
"status": "affected",
"version": "12.0(1)"
},
{
"status": "affected",
"version": "10.6(1)SU1"
},
{
"status": "affected",
"version": "11.0(1)SU1"
},
{
"status": "affected",
"version": "11.5(1)SU1"
},
{
"status": "affected",
"version": "10.5(1)"
},
{
"status": "affected",
"version": "11.6(1)"
},
{
"status": "affected",
"version": "11.6(2)"
},
{
"status": "affected",
"version": "12.5(1)"
},
{
"status": "affected",
"version": "12.5(1)SU1"
},
{
"status": "affected",
"version": "12.5(1)SU2"
},
{
"status": "affected",
"version": "12.5(1)SU3"
},
{
"status": "affected",
"version": "12.5(1)_SU03_ES01"
},
{
"status": "affected",
"version": "12.5(1)_SU03_ES02"
},
{
"status": "affected",
"version": "12.5(1)_SU02_ES03"
},
{
"status": "affected",
"version": "12.5(1)_SU02_ES04"
},
{
"status": "affected",
"version": "12.5(1)_SU02_ES02"
},
{
"status": "affected",
"version": "12.5(1)_SU01_ES02"
},
{
"status": "affected",
"version": "12.5(1)_SU01_ES03"
},
{
"status": "affected",
"version": "12.5(1)_SU02_ES01"
},
{
"status": "affected",
"version": "11.6(2)ES07"
},
{
"status": "affected",
"version": "11.6(2)ES08"
},
{
"status": "affected",
"version": "12.5(1)_SU01_ES01"
},
{
"status": "affected",
"version": "12.0(1)ES04"
},
{
"status": "affected",
"version": "12.5(1)ES02"
},
{
"status": "affected",
"version": "12.5(1)ES03"
},
{
"status": "affected",
"version": "11.6(2)ES06"
},
{
"status": "affected",
"version": "12.5(1)ES01"
},
{
"status": "affected",
"version": "12.0(1)ES03"
},
{
"status": "affected",
"version": "12.0(1)ES01"
},
{
"status": "affected",
"version": "11.6(2)ES05"
},
{
"status": "affected",
"version": "12.0(1)ES02"
},
{
"status": "affected",
"version": "11.6(2)ES04"
},
{
"status": "affected",
"version": "11.6(2)ES03"
},
{
"status": "affected",
"version": "11.6(2)ES02"
},
{
"status": "affected",
"version": "11.6(2)ES01"
},
{
"status": "affected",
"version": "10.6(1)SU3ES03"
},
{
"status": "affected",
"version": "11.0(1)SU1ES03"
},
{
"status": "affected",
"version": "10.6(1)SU3ES01"
},
{
"status": "affected",
"version": "10.5(1)SU1ES10"
},
{
"status": "affected",
"version": "11.5(1)SU1ES03"
},
{
"status": "affected",
"version": "11.6(1)ES02"
},
{
"status": "affected",
"version": "11.5(1)ES01"
},
{
"status": "affected",
"version": "10.6(1)SU2"
},
{
"status": "affected",
"version": "10.6(1)SU2ES04"
},
{
"status": "affected",
"version": "11.6(1)ES01"
},
{
"status": "affected",
"version": "10.6(1)SU3ES02"
},
{
"status": "affected",
"version": "11.5(1)SU1ES02"
},
{
"status": "affected",
"version": "11.5(1)SU1ES01"
},
{
"status": "affected",
"version": "11.0(1)SU1ES02"
},
{
"status": "affected",
"version": "12.5(1)_SU03_ES03"
},
{
"status": "affected",
"version": "12.5(1)_SU03_ES04"
},
{
"status": "affected",
"version": "12.5(1)_SU03_ES05"
},
{
"status": "affected",
"version": "12.5(1)_SU03_ES06"
}
]
},
{
"defaultStatus": "unknown",
"product": "Cisco Unified Intelligence Center",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "11.6(1)"
},
{
"status": "affected",
"version": "10.5(1)"
},
{
"status": "affected",
"version": "11.0(1)"
},
{
"status": "affected",
"version": "11.5(1)"
},
{
"status": "affected",
"version": "12.0(1)"
},
{
"status": "affected",
"version": "12.5(1)"
},
{
"status": "affected",
"version": "11.0(2)"
},
{
"status": "affected",
"version": "12.6(1)"
},
{
"status": "affected",
"version": "12.5(1)SU"
},
{
"status": "affected",
"version": "12.6(1)_ET"
},
{
"status": "affected",
"version": "12.6(1)_ES05_ET"
},
{
"status": "affected",
"version": "11.0(3)"
},
{
"status": "affected",
"version": "12.6(2)"
},
{
"status": "affected",
"version": "12.6(2)_504_Issue_ET"
},
{
"status": "affected",
"version": "12.6.1_ExcelIssue_ET"
},
{
"status": "affected",
"version": "12.6(2)_Permalink_ET"
},
{
"status": "affected",
"version": "12.6.2_CSCwk19536_ET"
},
{
"status": "affected",
"version": "12.6.2_CSCwm96922_ET"
},
{
"status": "affected",
"version": "12.6.2_Amq_OOS_ET"
},
{
"status": "affected",
"version": "12.5(2)ET_CSCwi79933"
},
{
"status": "affected",
"version": "12.6(2)_ET"
},
{
"status": "affected",
"version": "12.6.2_CSCwn48501_ET"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based management interface of Cisco Unified Intelligence Center could allow an authenticated, remote attacker to upload arbitrary files to an affected device.\r\n\r\nThis vulnerability is due to improper validation of files that are uploaded to the web-based management interface. An attacker could exploit this vulnerability by uploading arbitrary files to an affected device. A successful exploit could allow the attacker to store malicious files on the system and execute arbitrary commands on the operating system. The Security Impact Rating (SIR) of this advisory has been raised to High because an attacker could elevate privileges to root. To exploit this vulnerability, the attacker must have valid credentials for a user account with at least the role of Report Designer."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-434",
"description": "Unrestricted Upload of File with Dangerous Type",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-16T16:16:28.874Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-cuis-file-upload-UhNEtStm",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cuis-file-upload-UhNEtStm"
}
],
"source": {
"advisory": "cisco-sa-cuis-file-upload-UhNEtStm",
"defects": [
"CSCwn18794"
],
"discovery": "INTERNAL"
},
"title": "Cisco Unified Intelligence Center Arbitrary File Upload Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2025-20274",
"datePublished": "2025-07-16T16:16:28.874Z",
"dateReserved": "2024-10-10T19:15:13.246Z",
"dateUpdated": "2026-02-26T17:50:31.824Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-20278 (GCVE-0-2025-20278)
Vulnerability from cvelistv5 ā Published: 2025-06-04 16:18 ā Updated: 2026-02-26 17:51
VLAI
Title
Cisco Unified Communications Products Command Injection Vulnerability
Summary
A vulnerability in the CLI of multiple Cisco Unified Communications products could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system of an affected device as the root user.
This vulnerability is due to improper validation of user-supplied command arguments. An attacker could exploit this vulnerability by executing crafted commands on the CLI of an affected device. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system of an affected device as the root user. To exploit this vulnerability, the attacker must have valid administrative credentials.
Severity
6 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-77 - Improper Neutralization of Special Elements used in a Command ('Command Injection')
Assigner
References
1 reference
Impacted products
8 products
| Vendor | Product | Version | |
|---|---|---|---|
| Cisco | Cisco Finesse |
Affected:
11.0(1)ES_Rollback
Affected: 10.5(1)ES4 Affected: 11.6(1)ES3 Affected: 11.0(1)ES2 Affected: 12.0(1)ES2 Affected: 10.5(1)ES3 Affected: 11.0(1) Affected: 11.6(1)FIPS Affected: 11.6(1)ES4 Affected: 11.0(1)ES3 Affected: 10.5(1)ES6 Affected: 11.0(1)ES7 Affected: 11.5(1)ES4 Affected: 10.5(1)ES8 Affected: 11.5(1) Affected: 11.6(1) Affected: 10.5(1)ES10 Affected: 11.6(1)ES2 Affected: 11.6(1)ES Affected: 11.0(1)ES6 Affected: 11.0(1)ES4 Affected: 12.0(1) Affected: 11.6(1)ES7 Affected: 10.5(1)ES7 Affected: 11.6(1)ES8 Affected: 11.5(1)ES1 Affected: 11.6(1)ES1 Affected: 11.5(1)ES5 Affected: 11.0(1)ES1 Affected: 10.5(1) Affected: 11.6(1)ES6 Affected: 10.5(1)ES2 Affected: 12.0(1)ES1 Affected: 11.0(1)ES5 Affected: 10.5(1)ES5 Affected: 11.5(1)ES3 Affected: 11.5(1)ES2 Affected: 10.5(1)ES9 Affected: 11.6(1)ES5 Affected: 11.6(1)ES9 Affected: 11.5(1)ES6 Affected: 10.5(1)ES1 Affected: 12.5(1) Affected: 12.0(1)ES3 Affected: 11.6(1)ES10 Affected: 12.5(1)ES1 Affected: 12.5(1)ES2 Affected: 12.0(1)ES4 Affected: 12.5(1)ES3 Affected: 12.0(1)ES5 Affected: 12.5(1)ES4 Affected: 12.0(1)ES6 Affected: 12.5(1)ES5 Affected: 12.5(1)ES6 Affected: 12.0(1)ES7 Affected: 12.6(1) Affected: 12.5(1)ES7 Affected: 11.6(1)ES11 Affected: 12.6(1)ES1 Affected: 12.0(1)ES8 Affected: 12.5(1)ES8 Affected: 12.6(1)ES2 Affected: 12.6(1)ES3 Affected: 12.6(1)ES4 Affected: 12.6(1)ES5 Affected: 12.5(2) Affected: 12.5(1)_SU Affected: 12.5(1)SU Affected: 12.6(1)ES6 Affected: 12.5(1)SU ES1 Affected: 12.6(1)ES7 Affected: 12.6(1)ES7_ET Affected: 12.6(2) Affected: 12.6(1)ES8 Affected: 12.6(1)ES9 Affected: 12.6(2)ES1 Affected: 12.6(1)ES10 Affected: 12.5(1)SU ES2 Affected: 12.6(1)ES11 Affected: 12.6(2)ES2 Affected: 12.6(2)ES3 Affected: 12.5(1)SU ES3 Affected: 12.6(2)ES4 Affected: 12.6(2)ES5 |
|
| Cisco | Cisco SocialMiner |
Affected:
12.5(1)ES01
Affected: 10.5(1) Affected: 11.6(1) Affected: 10.6(1) Affected: 12.0(1)ES04 Affected: 10.6(2) Affected: 12.5(1) Affected: 11.6(2) Affected: 12.0(1) Affected: 12.0(1)ES02 Affected: 11.0(1) Affected: 11.5(1) Affected: 11.5(1)SU1 Affected: 12.0(1)ES03 Affected: 12.5(1)SU3 Affected: 12.5(1)SU1 Affected: 12.5(1)SU2 |
|
| Cisco | Cisco Unified Communications Manager |
Affected:
12.5(1)SU2
Affected: 12.5(1)SU1 Affected: 12.5(1) Affected: 12.5(1)SU3 Affected: 12.5(1)SU4 Affected: 14 Affected: 12.5(1)SU5 Affected: 14SU1 Affected: 12.5(1)SU6 Affected: 14SU2 Affected: 12.5(1)SU7 Affected: 12.5(1)SU7a Affected: 14SU3 Affected: 12.5(1)SU8 Affected: 12.5(1)SU8a Affected: 15 Affected: 15SU1 Affected: 14SU4 Affected: 14SU4a Affected: 15SU1a Affected: 12.5(1)SU9 |
|
| Cisco | Cisco Unified Communications Manager IM and Presence Service |
Affected:
12.5(1)
Affected: 12.5(1)SU1 Affected: 12.5(1)SU2 Affected: 12.5(1)SU3 Affected: 12.5(1)SU4 Affected: 14 Affected: 12.5(1)SU5 Affected: 14SU1 Affected: 12.5(1)SU6 Affected: 14SU2 Affected: 14SU2a Affected: 12.5(1)SU7 Affected: 14SU3 Affected: 12.5(1)SU8 Affected: 15 Affected: Recovery ISO Affected: 15SU1 Affected: 14SU4 Affected: 12.5(1)SU9 |
|
| Cisco | Cisco Unified Contact Center Express |
Affected:
10.6(1)
Affected: 10.5(1)SU1 Affected: 10.6(1)SU3 Affected: 12.0(1) Affected: 10.0(1)SU1 Affected: 10.6(1)SU1 Affected: 11.0(1)SU1 Affected: 11.5(1)SU1 Affected: 10.5(1) Affected: 11.6(1) Affected: 11.6(2) Affected: 12.5(1) Affected: 12.5(1)SU1 Affected: 12.5(1)SU2 Affected: 12.5(1)SU3 Affected: 12.5(1)_SU03_ES01 Affected: 12.5(1)_SU03_ES02 Affected: 12.5(1)_SU02_ES03 Affected: 12.5(1)_SU02_ES04 Affected: 12.5(1)_SU02_ES02 Affected: 12.5(1)_SU01_ES02 Affected: 12.5(1)_SU01_ES03 Affected: 12.5(1)_SU02_ES01 Affected: 11.6(2)ES07 Affected: 11.6(2)ES08 Affected: 12.5(1)_SU01_ES01 Affected: 12.0(1)ES04 Affected: 12.5(1)ES02 Affected: 12.5(1)ES03 Affected: 11.6(2)ES06 Affected: 12.5(1)ES01 Affected: 12.0(1)ES03 Affected: 12.0(1)ES01 Affected: 11.6(2)ES05 Affected: 12.0(1)ES02 Affected: 11.6(2)ES04 Affected: 11.6(2)ES03 Affected: 11.6(2)ES02 Affected: 11.6(2)ES01 Affected: 10.6(1)SU3ES03 Affected: 11.0(1)SU1ES03 Affected: 10.6(1)SU3ES01 Affected: 10.5(1)SU1ES10 Affected: 10.0(1)SU1ES04 Affected: 11.5(1)SU1ES03 Affected: 11.6(1)ES02 Affected: 11.5(1)ES01 Affected: 9.0(2)SU3ES04 Affected: 10.6(1)SU2 Affected: 10.6(1)SU2ES04 Affected: 11.6(1)ES01 Affected: 10.6(1)SU3ES02 Affected: 11.5(1)SU1ES02 Affected: 11.5(1)SU1ES01 Affected: 8.5(1) Affected: 11.0(1)SU1ES02 Affected: 12.5(1)_SU03_ES03 Affected: 12.5(1)_SU03_ES04 Affected: 12.5(1)_SU03_ES05 Affected: 12.5(1)_SU03_ES06 |
|
| Cisco | Cisco Unified Intelligence Center |
Affected:
11.6(1)
Affected: 10.5(1) Affected: 11.0(1) Affected: 11.5(1) Affected: 12.0(1) Affected: 12.5(1) Affected: 11.0(2) Affected: 12.6(1) Affected: 12.5(1)SU Affected: 12.6(1)_ET Affected: 12.6(1)_ES05_ET Affected: 11.0(3) Affected: 12.6(2) Affected: 12.6(2)_504_Issue_ET Affected: 12.6.1_ExcelIssue_ET Affected: 12.6(2)_Permalink_ET Affected: 12.6.2_CSCwk19536_ET Affected: 12.6.2_CSCwm96922_ET Affected: 12.6.2_Amq_OOS_ET Affected: 12.5(2)ET_CSCwi79933 Affected: 12.6(2)_ET Affected: 12.6.2_CSCwn48501_ET |
|
| Cisco | Cisco Unity Connection |
Affected:
12.5(1)
Affected: 12.5(1)SU1 Affected: 12.5(1)SU2 Affected: 12.5(1)SU3 Affected: 12.5(1)SU4 Affected: 14 Affected: 12.5(1)SU5 Affected: 14SU1 Affected: 12.5(1)SU6 Affected: 14SU2 Affected: 12.5(1)SU7 Affected: 14SU3 Affected: 12.5(1)SU8 Affected: 14SU3a Affected: 12.5(1)SU8a Affected: 15 Affected: 15SU1 Affected: 14SU4 Affected: 12.5(1)SU9 |
|
| Cisco | Cisco Virtualized Voice Browser |
Affected:
11.0(1)
Affected: 11.6(1)_ES84 Affected: 11.5(1)_ES54 Affected: 11.5(1)_ES27 Affected: 11.5(1) Affected: 11.5(1)ES36 Affected: 12.0(1)_ES01 Affected: 11.6(1)_ES85 Affected: 12.5(1)_ES05 Affected: 11.5(1)_ES32 Affected: 11.6(1)_ES83 Affected: 11.5(1)_ES29 Affected: 12.0(1)_ES06 Affected: 12.5(1) Affected: 12.0(1)_ES07 Affected: 11.6(1)_ES80 Affected: 12.0(1)_ES05 Affected: 11.5(1)_ES36 Affected: 11.5(1)_ES53 Affected: 12.5(1)_ES08 Affected: 11.5(1)ES43 Affected: 12.0(1)_ES03 Affected: 11.6(1)_ES86 Affected: 12.0(1)_ES04 Affected: 11.5(1)ES27 Affected: 12.5(1)_ES03 Affected: 11.6(1)_ES88 Affected: 12.5(1)_ES06 Affected: 11.6(1)_ES82 Affected: 11.6(1) Affected: 11.5(1)ES29 Affected: 12.5(1)_ES04 Affected: 12.5(1)_ES07 Affected: 11.6(1)_ES87 Affected: 11.6(1)_ES81 Affected: 12.0(1) Affected: 11.6(1)_ES22 Affected: 11.5(1)_ES43 Affected: 11.5(1)ES32 Affected: 12.0(1)_ES02 Affected: 12.5(1)_ES02 Affected: 12.6(1) Affected: 12.5(1)_ES09 Affected: 12.6(1)_ES01 Affected: 12.0(1)_ES08 Affected: 12.5(1)_ES10 Affected: 12.6(1)_ES02 Affected: 12.5(1)_ES11 Affected: 12.5(1)_ES12 Affected: 12.6(1)_ES03 Affected: 12.5(1)_ES13 Affected: 12.5(1)_ES14 Affected: 12.6(1)_ES04 Affected: 12.6(1)_ES05 Affected: 12.5(1)_ES15 Affected: 12.6(1)_ES06 Affected: 12.6(1)_ET Affected: 12.5(1)_ES16 Affected: 12.5(1)SU Affected: 12.5(1)_SU Affected: 12.5(1)_SU_ES01 Affected: 12.6(1)_ES07 Affected: 12.6(2) Affected: 12.5(1)_ES17 Affected: 12.6(1)_ES08 Affected: 12.6(1)_ES09 Affected: 12.6(1)_ES10 Affected: 12.5(1)_SU_ES02 Affected: 12.6(2)_ES01 Affected: 12.6(2)_ET01 Affected: 12.5(2)_ET Affected: 12.6(2)_ES02 Affected: 12.6(2)_ET_Streaming Affected: 12.6(2)ET_Transcribe Affected: 12.6(2)_ES03 Affected: 12.6(2)ET_NuanceMix Affected: 12.6(2)ET_FileUpload Affected: 12.6(2)_ET02 Affected: 12.6(2)_ES04 Affected: 12.6.2ET_RTPfallback Affected: 12.6.2ET_CSCwf55306 Affected: 12.6.2_ET_CSCwj36712 Affected: 12.5.2 ET-CSCwj33374 Affected: 12.5(1) SU ET Affected: 12.6(2)ET_CSCwj87296 Affected: 12.6(2)_ES05 Affected: 12.5.2_ET_CSCvz27014 Affected: 12.6(2)_ET Affected: 12.6.2-ET Affected: 12.6(2)ET_CSCwk83135 Affected: 12.6.2_ET_CX_ALAW Affected: 12.6.2-ET01-SSL Affected: 12.6(2)_ES06 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-20278",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-06-06T03:55:33.465322Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-26T17:51:08.371Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Cisco Finesse",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "11.0(1)ES_Rollback"
},
{
"status": "affected",
"version": "10.5(1)ES4"
},
{
"status": "affected",
"version": "11.6(1)ES3"
},
{
"status": "affected",
"version": "11.0(1)ES2"
},
{
"status": "affected",
"version": "12.0(1)ES2"
},
{
"status": "affected",
"version": "10.5(1)ES3"
},
{
"status": "affected",
"version": "11.0(1)"
},
{
"status": "affected",
"version": "11.6(1)FIPS"
},
{
"status": "affected",
"version": "11.6(1)ES4"
},
{
"status": "affected",
"version": "11.0(1)ES3"
},
{
"status": "affected",
"version": "10.5(1)ES6"
},
{
"status": "affected",
"version": "11.0(1)ES7"
},
{
"status": "affected",
"version": "11.5(1)ES4"
},
{
"status": "affected",
"version": "10.5(1)ES8"
},
{
"status": "affected",
"version": "11.5(1)"
},
{
"status": "affected",
"version": "11.6(1)"
},
{
"status": "affected",
"version": "10.5(1)ES10"
},
{
"status": "affected",
"version": "11.6(1)ES2"
},
{
"status": "affected",
"version": "11.6(1)ES"
},
{
"status": "affected",
"version": "11.0(1)ES6"
},
{
"status": "affected",
"version": "11.0(1)ES4"
},
{
"status": "affected",
"version": "12.0(1)"
},
{
"status": "affected",
"version": "11.6(1)ES7"
},
{
"status": "affected",
"version": "10.5(1)ES7"
},
{
"status": "affected",
"version": "11.6(1)ES8"
},
{
"status": "affected",
"version": "11.5(1)ES1"
},
{
"status": "affected",
"version": "11.6(1)ES1"
},
{
"status": "affected",
"version": "11.5(1)ES5"
},
{
"status": "affected",
"version": "11.0(1)ES1"
},
{
"status": "affected",
"version": "10.5(1)"
},
{
"status": "affected",
"version": "11.6(1)ES6"
},
{
"status": "affected",
"version": "10.5(1)ES2"
},
{
"status": "affected",
"version": "12.0(1)ES1"
},
{
"status": "affected",
"version": "11.0(1)ES5"
},
{
"status": "affected",
"version": "10.5(1)ES5"
},
{
"status": "affected",
"version": "11.5(1)ES3"
},
{
"status": "affected",
"version": "11.5(1)ES2"
},
{
"status": "affected",
"version": "10.5(1)ES9"
},
{
"status": "affected",
"version": "11.6(1)ES5"
},
{
"status": "affected",
"version": "11.6(1)ES9"
},
{
"status": "affected",
"version": "11.5(1)ES6"
},
{
"status": "affected",
"version": "10.5(1)ES1"
},
{
"status": "affected",
"version": "12.5(1)"
},
{
"status": "affected",
"version": "12.0(1)ES3"
},
{
"status": "affected",
"version": "11.6(1)ES10"
},
{
"status": "affected",
"version": "12.5(1)ES1"
},
{
"status": "affected",
"version": "12.5(1)ES2"
},
{
"status": "affected",
"version": "12.0(1)ES4"
},
{
"status": "affected",
"version": "12.5(1)ES3"
},
{
"status": "affected",
"version": "12.0(1)ES5"
},
{
"status": "affected",
"version": "12.5(1)ES4"
},
{
"status": "affected",
"version": "12.0(1)ES6"
},
{
"status": "affected",
"version": "12.5(1)ES5"
},
{
"status": "affected",
"version": "12.5(1)ES6"
},
{
"status": "affected",
"version": "12.0(1)ES7"
},
{
"status": "affected",
"version": "12.6(1)"
},
{
"status": "affected",
"version": "12.5(1)ES7"
},
{
"status": "affected",
"version": "11.6(1)ES11"
},
{
"status": "affected",
"version": "12.6(1)ES1"
},
{
"status": "affected",
"version": "12.0(1)ES8"
},
{
"status": "affected",
"version": "12.5(1)ES8"
},
{
"status": "affected",
"version": "12.6(1)ES2"
},
{
"status": "affected",
"version": "12.6(1)ES3"
},
{
"status": "affected",
"version": "12.6(1)ES4"
},
{
"status": "affected",
"version": "12.6(1)ES5"
},
{
"status": "affected",
"version": "12.5(2)"
},
{
"status": "affected",
"version": "12.5(1)_SU"
},
{
"status": "affected",
"version": "12.5(1)SU"
},
{
"status": "affected",
"version": "12.6(1)ES6"
},
{
"status": "affected",
"version": "12.5(1)SU ES1"
},
{
"status": "affected",
"version": "12.6(1)ES7"
},
{
"status": "affected",
"version": "12.6(1)ES7_ET"
},
{
"status": "affected",
"version": "12.6(2)"
},
{
"status": "affected",
"version": "12.6(1)ES8"
},
{
"status": "affected",
"version": "12.6(1)ES9"
},
{
"status": "affected",
"version": "12.6(2)ES1"
},
{
"status": "affected",
"version": "12.6(1)ES10"
},
{
"status": "affected",
"version": "12.5(1)SU ES2"
},
{
"status": "affected",
"version": "12.6(1)ES11"
},
{
"status": "affected",
"version": "12.6(2)ES2"
},
{
"status": "affected",
"version": "12.6(2)ES3"
},
{
"status": "affected",
"version": "12.5(1)SU ES3"
},
{
"status": "affected",
"version": "12.6(2)ES4"
},
{
"status": "affected",
"version": "12.6(2)ES5"
}
]
},
{
"defaultStatus": "unknown",
"product": "Cisco SocialMiner",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "12.5(1)ES01"
},
{
"status": "affected",
"version": "10.5(1)"
},
{
"status": "affected",
"version": "11.6(1)"
},
{
"status": "affected",
"version": "10.6(1)"
},
{
"status": "affected",
"version": "12.0(1)ES04"
},
{
"status": "affected",
"version": "10.6(2)"
},
{
"status": "affected",
"version": "12.5(1)"
},
{
"status": "affected",
"version": "11.6(2)"
},
{
"status": "affected",
"version": "12.0(1)"
},
{
"status": "affected",
"version": "12.0(1)ES02"
},
{
"status": "affected",
"version": "11.0(1)"
},
{
"status": "affected",
"version": "11.5(1)"
},
{
"status": "affected",
"version": "11.5(1)SU1"
},
{
"status": "affected",
"version": "12.0(1)ES03"
},
{
"status": "affected",
"version": "12.5(1)SU3"
},
{
"status": "affected",
"version": "12.5(1)SU1"
},
{
"status": "affected",
"version": "12.5(1)SU2"
}
]
},
{
"defaultStatus": "unknown",
"product": "Cisco Unified Communications Manager",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "12.5(1)SU2"
},
{
"status": "affected",
"version": "12.5(1)SU1"
},
{
"status": "affected",
"version": "12.5(1)"
},
{
"status": "affected",
"version": "12.5(1)SU3"
},
{
"status": "affected",
"version": "12.5(1)SU4"
},
{
"status": "affected",
"version": "14"
},
{
"status": "affected",
"version": "12.5(1)SU5"
},
{
"status": "affected",
"version": "14SU1"
},
{
"status": "affected",
"version": "12.5(1)SU6"
},
{
"status": "affected",
"version": "14SU2"
},
{
"status": "affected",
"version": "12.5(1)SU7"
},
{
"status": "affected",
"version": "12.5(1)SU7a"
},
{
"status": "affected",
"version": "14SU3"
},
{
"status": "affected",
"version": "12.5(1)SU8"
},
{
"status": "affected",
"version": "12.5(1)SU8a"
},
{
"status": "affected",
"version": "15"
},
{
"status": "affected",
"version": "15SU1"
},
{
"status": "affected",
"version": "14SU4"
},
{
"status": "affected",
"version": "14SU4a"
},
{
"status": "affected",
"version": "15SU1a"
},
{
"status": "affected",
"version": "12.5(1)SU9"
}
]
},
{
"defaultStatus": "unknown",
"product": "Cisco Unified Communications Manager IM and Presence Service",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "12.5(1)"
},
{
"status": "affected",
"version": "12.5(1)SU1"
},
{
"status": "affected",
"version": "12.5(1)SU2"
},
{
"status": "affected",
"version": "12.5(1)SU3"
},
{
"status": "affected",
"version": "12.5(1)SU4"
},
{
"status": "affected",
"version": "14"
},
{
"status": "affected",
"version": "12.5(1)SU5"
},
{
"status": "affected",
"version": "14SU1"
},
{
"status": "affected",
"version": "12.5(1)SU6"
},
{
"status": "affected",
"version": "14SU2"
},
{
"status": "affected",
"version": "14SU2a"
},
{
"status": "affected",
"version": "12.5(1)SU7"
},
{
"status": "affected",
"version": "14SU3"
},
{
"status": "affected",
"version": "12.5(1)SU8"
},
{
"status": "affected",
"version": "15"
},
{
"status": "affected",
"version": "Recovery ISO"
},
{
"status": "affected",
"version": "15SU1"
},
{
"status": "affected",
"version": "14SU4"
},
{
"status": "affected",
"version": "12.5(1)SU9"
}
]
},
{
"defaultStatus": "unknown",
"product": "Cisco Unified Contact Center Express",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "10.6(1)"
},
{
"status": "affected",
"version": "10.5(1)SU1"
},
{
"status": "affected",
"version": "10.6(1)SU3"
},
{
"status": "affected",
"version": "12.0(1)"
},
{
"status": "affected",
"version": "10.0(1)SU1"
},
{
"status": "affected",
"version": "10.6(1)SU1"
},
{
"status": "affected",
"version": "11.0(1)SU1"
},
{
"status": "affected",
"version": "11.5(1)SU1"
},
{
"status": "affected",
"version": "10.5(1)"
},
{
"status": "affected",
"version": "11.6(1)"
},
{
"status": "affected",
"version": "11.6(2)"
},
{
"status": "affected",
"version": "12.5(1)"
},
{
"status": "affected",
"version": "12.5(1)SU1"
},
{
"status": "affected",
"version": "12.5(1)SU2"
},
{
"status": "affected",
"version": "12.5(1)SU3"
},
{
"status": "affected",
"version": "12.5(1)_SU03_ES01"
},
{
"status": "affected",
"version": "12.5(1)_SU03_ES02"
},
{
"status": "affected",
"version": "12.5(1)_SU02_ES03"
},
{
"status": "affected",
"version": "12.5(1)_SU02_ES04"
},
{
"status": "affected",
"version": "12.5(1)_SU02_ES02"
},
{
"status": "affected",
"version": "12.5(1)_SU01_ES02"
},
{
"status": "affected",
"version": "12.5(1)_SU01_ES03"
},
{
"status": "affected",
"version": "12.5(1)_SU02_ES01"
},
{
"status": "affected",
"version": "11.6(2)ES07"
},
{
"status": "affected",
"version": "11.6(2)ES08"
},
{
"status": "affected",
"version": "12.5(1)_SU01_ES01"
},
{
"status": "affected",
"version": "12.0(1)ES04"
},
{
"status": "affected",
"version": "12.5(1)ES02"
},
{
"status": "affected",
"version": "12.5(1)ES03"
},
{
"status": "affected",
"version": "11.6(2)ES06"
},
{
"status": "affected",
"version": "12.5(1)ES01"
},
{
"status": "affected",
"version": "12.0(1)ES03"
},
{
"status": "affected",
"version": "12.0(1)ES01"
},
{
"status": "affected",
"version": "11.6(2)ES05"
},
{
"status": "affected",
"version": "12.0(1)ES02"
},
{
"status": "affected",
"version": "11.6(2)ES04"
},
{
"status": "affected",
"version": "11.6(2)ES03"
},
{
"status": "affected",
"version": "11.6(2)ES02"
},
{
"status": "affected",
"version": "11.6(2)ES01"
},
{
"status": "affected",
"version": "10.6(1)SU3ES03"
},
{
"status": "affected",
"version": "11.0(1)SU1ES03"
},
{
"status": "affected",
"version": "10.6(1)SU3ES01"
},
{
"status": "affected",
"version": "10.5(1)SU1ES10"
},
{
"status": "affected",
"version": "10.0(1)SU1ES04"
},
{
"status": "affected",
"version": "11.5(1)SU1ES03"
},
{
"status": "affected",
"version": "11.6(1)ES02"
},
{
"status": "affected",
"version": "11.5(1)ES01"
},
{
"status": "affected",
"version": "9.0(2)SU3ES04"
},
{
"status": "affected",
"version": "10.6(1)SU2"
},
{
"status": "affected",
"version": "10.6(1)SU2ES04"
},
{
"status": "affected",
"version": "11.6(1)ES01"
},
{
"status": "affected",
"version": "10.6(1)SU3ES02"
},
{
"status": "affected",
"version": "11.5(1)SU1ES02"
},
{
"status": "affected",
"version": "11.5(1)SU1ES01"
},
{
"status": "affected",
"version": "8.5(1)"
},
{
"status": "affected",
"version": "11.0(1)SU1ES02"
},
{
"status": "affected",
"version": "12.5(1)_SU03_ES03"
},
{
"status": "affected",
"version": "12.5(1)_SU03_ES04"
},
{
"status": "affected",
"version": "12.5(1)_SU03_ES05"
},
{
"status": "affected",
"version": "12.5(1)_SU03_ES06"
}
]
},
{
"defaultStatus": "unknown",
"product": "Cisco Unified Intelligence Center",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "11.6(1)"
},
{
"status": "affected",
"version": "10.5(1)"
},
{
"status": "affected",
"version": "11.0(1)"
},
{
"status": "affected",
"version": "11.5(1)"
},
{
"status": "affected",
"version": "12.0(1)"
},
{
"status": "affected",
"version": "12.5(1)"
},
{
"status": "affected",
"version": "11.0(2)"
},
{
"status": "affected",
"version": "12.6(1)"
},
{
"status": "affected",
"version": "12.5(1)SU"
},
{
"status": "affected",
"version": "12.6(1)_ET"
},
{
"status": "affected",
"version": "12.6(1)_ES05_ET"
},
{
"status": "affected",
"version": "11.0(3)"
},
{
"status": "affected",
"version": "12.6(2)"
},
{
"status": "affected",
"version": "12.6(2)_504_Issue_ET"
},
{
"status": "affected",
"version": "12.6.1_ExcelIssue_ET"
},
{
"status": "affected",
"version": "12.6(2)_Permalink_ET"
},
{
"status": "affected",
"version": "12.6.2_CSCwk19536_ET"
},
{
"status": "affected",
"version": "12.6.2_CSCwm96922_ET"
},
{
"status": "affected",
"version": "12.6.2_Amq_OOS_ET"
},
{
"status": "affected",
"version": "12.5(2)ET_CSCwi79933"
},
{
"status": "affected",
"version": "12.6(2)_ET"
},
{
"status": "affected",
"version": "12.6.2_CSCwn48501_ET"
}
]
},
{
"defaultStatus": "unknown",
"product": "Cisco Unity Connection",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "12.5(1)"
},
{
"status": "affected",
"version": "12.5(1)SU1"
},
{
"status": "affected",
"version": "12.5(1)SU2"
},
{
"status": "affected",
"version": "12.5(1)SU3"
},
{
"status": "affected",
"version": "12.5(1)SU4"
},
{
"status": "affected",
"version": "14"
},
{
"status": "affected",
"version": "12.5(1)SU5"
},
{
"status": "affected",
"version": "14SU1"
},
{
"status": "affected",
"version": "12.5(1)SU6"
},
{
"status": "affected",
"version": "14SU2"
},
{
"status": "affected",
"version": "12.5(1)SU7"
},
{
"status": "affected",
"version": "14SU3"
},
{
"status": "affected",
"version": "12.5(1)SU8"
},
{
"status": "affected",
"version": "14SU3a"
},
{
"status": "affected",
"version": "12.5(1)SU8a"
},
{
"status": "affected",
"version": "15"
},
{
"status": "affected",
"version": "15SU1"
},
{
"status": "affected",
"version": "14SU4"
},
{
"status": "affected",
"version": "12.5(1)SU9"
}
]
},
{
"defaultStatus": "unknown",
"product": "Cisco Virtualized Voice Browser",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "11.0(1)"
},
{
"status": "affected",
"version": "11.6(1)_ES84"
},
{
"status": "affected",
"version": "11.5(1)_ES54"
},
{
"status": "affected",
"version": "11.5(1)_ES27"
},
{
"status": "affected",
"version": "11.5(1)"
},
{
"status": "affected",
"version": "11.5(1)ES36"
},
{
"status": "affected",
"version": "12.0(1)_ES01"
},
{
"status": "affected",
"version": "11.6(1)_ES85"
},
{
"status": "affected",
"version": "12.5(1)_ES05"
},
{
"status": "affected",
"version": "11.5(1)_ES32"
},
{
"status": "affected",
"version": "11.6(1)_ES83"
},
{
"status": "affected",
"version": "11.5(1)_ES29"
},
{
"status": "affected",
"version": "12.0(1)_ES06"
},
{
"status": "affected",
"version": "12.5(1)"
},
{
"status": "affected",
"version": "12.0(1)_ES07"
},
{
"status": "affected",
"version": "11.6(1)_ES80"
},
{
"status": "affected",
"version": "12.0(1)_ES05"
},
{
"status": "affected",
"version": "11.5(1)_ES36"
},
{
"status": "affected",
"version": "11.5(1)_ES53"
},
{
"status": "affected",
"version": "12.5(1)_ES08"
},
{
"status": "affected",
"version": "11.5(1)ES43"
},
{
"status": "affected",
"version": "12.0(1)_ES03"
},
{
"status": "affected",
"version": "11.6(1)_ES86"
},
{
"status": "affected",
"version": "12.0(1)_ES04"
},
{
"status": "affected",
"version": "11.5(1)ES27"
},
{
"status": "affected",
"version": "12.5(1)_ES03"
},
{
"status": "affected",
"version": "11.6(1)_ES88"
},
{
"status": "affected",
"version": "12.5(1)_ES06"
},
{
"status": "affected",
"version": "11.6(1)_ES82"
},
{
"status": "affected",
"version": "11.6(1)"
},
{
"status": "affected",
"version": "11.5(1)ES29"
},
{
"status": "affected",
"version": "12.5(1)_ES04"
},
{
"status": "affected",
"version": "12.5(1)_ES07"
},
{
"status": "affected",
"version": "11.6(1)_ES87"
},
{
"status": "affected",
"version": "11.6(1)_ES81"
},
{
"status": "affected",
"version": "12.0(1)"
},
{
"status": "affected",
"version": "11.6(1)_ES22"
},
{
"status": "affected",
"version": "11.5(1)_ES43"
},
{
"status": "affected",
"version": "11.5(1)ES32"
},
{
"status": "affected",
"version": "12.0(1)_ES02"
},
{
"status": "affected",
"version": "12.5(1)_ES02"
},
{
"status": "affected",
"version": "12.6(1)"
},
{
"status": "affected",
"version": "12.5(1)_ES09"
},
{
"status": "affected",
"version": "12.6(1)_ES01"
},
{
"status": "affected",
"version": "12.0(1)_ES08"
},
{
"status": "affected",
"version": "12.5(1)_ES10"
},
{
"status": "affected",
"version": "12.6(1)_ES02"
},
{
"status": "affected",
"version": "12.5(1)_ES11"
},
{
"status": "affected",
"version": "12.5(1)_ES12"
},
{
"status": "affected",
"version": "12.6(1)_ES03"
},
{
"status": "affected",
"version": "12.5(1)_ES13"
},
{
"status": "affected",
"version": "12.5(1)_ES14"
},
{
"status": "affected",
"version": "12.6(1)_ES04"
},
{
"status": "affected",
"version": "12.6(1)_ES05"
},
{
"status": "affected",
"version": "12.5(1)_ES15"
},
{
"status": "affected",
"version": "12.6(1)_ES06"
},
{
"status": "affected",
"version": "12.6(1)_ET"
},
{
"status": "affected",
"version": "12.5(1)_ES16"
},
{
"status": "affected",
"version": "12.5(1)SU"
},
{
"status": "affected",
"version": "12.5(1)_SU"
},
{
"status": "affected",
"version": "12.5(1)_SU_ES01"
},
{
"status": "affected",
"version": "12.6(1)_ES07"
},
{
"status": "affected",
"version": "12.6(2)"
},
{
"status": "affected",
"version": "12.5(1)_ES17"
},
{
"status": "affected",
"version": "12.6(1)_ES08"
},
{
"status": "affected",
"version": "12.6(1)_ES09"
},
{
"status": "affected",
"version": "12.6(1)_ES10"
},
{
"status": "affected",
"version": "12.5(1)_SU_ES02"
},
{
"status": "affected",
"version": "12.6(2)_ES01"
},
{
"status": "affected",
"version": "12.6(2)_ET01"
},
{
"status": "affected",
"version": "12.5(2)_ET"
},
{
"status": "affected",
"version": "12.6(2)_ES02"
},
{
"status": "affected",
"version": "12.6(2)_ET_Streaming"
},
{
"status": "affected",
"version": "12.6(2)ET_Transcribe"
},
{
"status": "affected",
"version": "12.6(2)_ES03"
},
{
"status": "affected",
"version": "12.6(2)ET_NuanceMix"
},
{
"status": "affected",
"version": "12.6(2)ET_FileUpload"
},
{
"status": "affected",
"version": "12.6(2)_ET02"
},
{
"status": "affected",
"version": "12.6(2)_ES04"
},
{
"status": "affected",
"version": "12.6.2ET_RTPfallback"
},
{
"status": "affected",
"version": "12.6.2ET_CSCwf55306"
},
{
"status": "affected",
"version": "12.6.2_ET_CSCwj36712"
},
{
"status": "affected",
"version": "12.5.2 ET-CSCwj33374"
},
{
"status": "affected",
"version": "12.5(1) SU ET"
},
{
"status": "affected",
"version": "12.6(2)ET_CSCwj87296"
},
{
"status": "affected",
"version": "12.6(2)_ES05"
},
{
"status": "affected",
"version": "12.5.2_ET_CSCvz27014"
},
{
"status": "affected",
"version": "12.6(2)_ET"
},
{
"status": "affected",
"version": "12.6.2-ET"
},
{
"status": "affected",
"version": "12.6(2)ET_CSCwk83135"
},
{
"status": "affected",
"version": "12.6.2_ET_CX_ALAW"
},
{
"status": "affected",
"version": "12.6.2-ET01-SSL"
},
{
"status": "affected",
"version": "12.6(2)_ES06"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the CLI of multiple Cisco Unified Communications products could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system of an affected device as the root user.\r\n\r\nThis vulnerability is due to improper validation of user-supplied command arguments. An attacker could exploit this vulnerability by executing crafted commands on the CLI of an affected device. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system of an affected device as the root user. To exploit this vulnerability, the attacker must have valid administrative credentials."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-77",
"description": "Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-06-04T16:18:20.661Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-vos-command-inject-65s2UCYy",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-vos-command-inject-65s2UCYy"
}
],
"source": {
"advisory": "cisco-sa-vos-command-inject-65s2UCYy",
"defects": [
"CSCwk24029"
],
"discovery": "EXTERNAL"
},
"title": "Cisco Unified Communications Products Command Injection Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2025-20278",
"datePublished": "2025-06-04T16:18:20.661Z",
"dateReserved": "2024-10-10T19:15:13.246Z",
"dateUpdated": "2026-02-26T17:51:08.371Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-20279 (GCVE-0-2025-20279)
Vulnerability from cvelistv5 ā Published: 2025-06-04 16:18 ā Updated: 2025-06-04 18:19
VLAI
Title
Cisco Unifed Contact Center Express Stored Cross-Site Scripting Vulnerability
Summary
A vulnerability in the web-based management interface of Cisco Unified CCX could allow an authenticated, remote attacker to conduct a stored XSS attack on an affected system. To exploit this vulnerability, the attacker must have valid administrative credentials.
This vulnerability is due to improper sanitization of user input to the web-based management interface. An attacker could exploit this vulnerability by submitting a malicious script through the interface. A successful exploit could allow the attacker to conduct a stored XSS attack on the affected system.
Severity
4.8 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Cisco | Cisco Unified Contact Center Express |
Affected:
10.6(1)
Affected: 10.5(1)SU1 Affected: 10.6(1)SU3 Affected: 12.0(1) Affected: 10.0(1)SU1 Affected: 10.6(1)SU1 Affected: 11.0(1)SU1 Affected: 11.5(1)SU1 Affected: 10.5(1) Affected: 11.6(1) Affected: 11.6(2) Affected: 12.5(1) Affected: 12.5(1)SU1 Affected: 12.5(1)SU2 Affected: 12.5(1)SU3 Affected: 12.5(1)_SU03_ES01 Affected: 12.5(1)_SU03_ES02 Affected: 12.5(1)_SU02_ES03 Affected: 12.5(1)_SU02_ES04 Affected: 12.5(1)_SU02_ES02 Affected: 12.5(1)_SU01_ES02 Affected: 12.5(1)_SU01_ES03 Affected: 12.5(1)_SU02_ES01 Affected: 11.6(2)ES07 Affected: 11.6(2)ES08 Affected: 12.5(1)_SU01_ES01 Affected: 12.0(1)ES04 Affected: 12.5(1)ES02 Affected: 12.5(1)ES03 Affected: 11.6(2)ES06 Affected: 12.5(1)ES01 Affected: 12.0(1)ES03 Affected: 12.0(1)ES01 Affected: 11.6(2)ES05 Affected: 12.0(1)ES02 Affected: 11.6(2)ES04 Affected: 11.6(2)ES03 Affected: 11.6(2)ES02 Affected: 11.6(2)ES01 Affected: 10.6(1)SU3ES03 Affected: 11.0(1)SU1ES03 Affected: 10.6(1)SU3ES01 Affected: 10.5(1)SU1ES10 Affected: 10.0(1)SU1ES04 Affected: 11.5(1)SU1ES03 Affected: 11.6(1)ES02 Affected: 11.5(1)ES01 Affected: 9.0(2)SU3ES04 Affected: 10.6(1)SU2 Affected: 10.6(1)SU2ES04 Affected: 11.6(1)ES01 Affected: 10.6(1)SU3ES02 Affected: 11.5(1)SU1ES02 Affected: 11.5(1)SU1ES01 Affected: 8.5(1) Affected: 11.0(1)SU1ES02 Affected: 12.5(1)_SU03_ES03 Affected: 12.5(1)_SU03_ES04 Affected: 12.5(1)_SU03_ES05 Affected: 12.5(1)_SU03_ES06 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-20279",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-06-04T18:12:43.136839Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-06-04T18:19:30.697Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Cisco Unified Contact Center Express",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "10.6(1)"
},
{
"status": "affected",
"version": "10.5(1)SU1"
},
{
"status": "affected",
"version": "10.6(1)SU3"
},
{
"status": "affected",
"version": "12.0(1)"
},
{
"status": "affected",
"version": "10.0(1)SU1"
},
{
"status": "affected",
"version": "10.6(1)SU1"
},
{
"status": "affected",
"version": "11.0(1)SU1"
},
{
"status": "affected",
"version": "11.5(1)SU1"
},
{
"status": "affected",
"version": "10.5(1)"
},
{
"status": "affected",
"version": "11.6(1)"
},
{
"status": "affected",
"version": "11.6(2)"
},
{
"status": "affected",
"version": "12.5(1)"
},
{
"status": "affected",
"version": "12.5(1)SU1"
},
{
"status": "affected",
"version": "12.5(1)SU2"
},
{
"status": "affected",
"version": "12.5(1)SU3"
},
{
"status": "affected",
"version": "12.5(1)_SU03_ES01"
},
{
"status": "affected",
"version": "12.5(1)_SU03_ES02"
},
{
"status": "affected",
"version": "12.5(1)_SU02_ES03"
},
{
"status": "affected",
"version": "12.5(1)_SU02_ES04"
},
{
"status": "affected",
"version": "12.5(1)_SU02_ES02"
},
{
"status": "affected",
"version": "12.5(1)_SU01_ES02"
},
{
"status": "affected",
"version": "12.5(1)_SU01_ES03"
},
{
"status": "affected",
"version": "12.5(1)_SU02_ES01"
},
{
"status": "affected",
"version": "11.6(2)ES07"
},
{
"status": "affected",
"version": "11.6(2)ES08"
},
{
"status": "affected",
"version": "12.5(1)_SU01_ES01"
},
{
"status": "affected",
"version": "12.0(1)ES04"
},
{
"status": "affected",
"version": "12.5(1)ES02"
},
{
"status": "affected",
"version": "12.5(1)ES03"
},
{
"status": "affected",
"version": "11.6(2)ES06"
},
{
"status": "affected",
"version": "12.5(1)ES01"
},
{
"status": "affected",
"version": "12.0(1)ES03"
},
{
"status": "affected",
"version": "12.0(1)ES01"
},
{
"status": "affected",
"version": "11.6(2)ES05"
},
{
"status": "affected",
"version": "12.0(1)ES02"
},
{
"status": "affected",
"version": "11.6(2)ES04"
},
{
"status": "affected",
"version": "11.6(2)ES03"
},
{
"status": "affected",
"version": "11.6(2)ES02"
},
{
"status": "affected",
"version": "11.6(2)ES01"
},
{
"status": "affected",
"version": "10.6(1)SU3ES03"
},
{
"status": "affected",
"version": "11.0(1)SU1ES03"
},
{
"status": "affected",
"version": "10.6(1)SU3ES01"
},
{
"status": "affected",
"version": "10.5(1)SU1ES10"
},
{
"status": "affected",
"version": "10.0(1)SU1ES04"
},
{
"status": "affected",
"version": "11.5(1)SU1ES03"
},
{
"status": "affected",
"version": "11.6(1)ES02"
},
{
"status": "affected",
"version": "11.5(1)ES01"
},
{
"status": "affected",
"version": "9.0(2)SU3ES04"
},
{
"status": "affected",
"version": "10.6(1)SU2"
},
{
"status": "affected",
"version": "10.6(1)SU2ES04"
},
{
"status": "affected",
"version": "11.6(1)ES01"
},
{
"status": "affected",
"version": "10.6(1)SU3ES02"
},
{
"status": "affected",
"version": "11.5(1)SU1ES02"
},
{
"status": "affected",
"version": "11.5(1)SU1ES01"
},
{
"status": "affected",
"version": "8.5(1)"
},
{
"status": "affected",
"version": "11.0(1)SU1ES02"
},
{
"status": "affected",
"version": "12.5(1)_SU03_ES03"
},
{
"status": "affected",
"version": "12.5(1)_SU03_ES04"
},
{
"status": "affected",
"version": "12.5(1)_SU03_ES05"
},
{
"status": "affected",
"version": "12.5(1)_SU03_ES06"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based management interface of Cisco Unified CCX could allow an authenticated, remote attacker to conduct a stored XSS attack on an affected system. To exploit this vulnerability, the attacker must have valid administrative credentials.\r\n\r\nThis vulnerability is due to improper sanitization of user input to the web-based management interface. An attacker could exploit this vulnerability by submitting a malicious script through the interface. A successful exploit could allow the attacker to conduct a stored XSS attack on the affected system."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-06-04T16:18:20.643Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-uccx-multi-UhOTvPGL",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-uccx-multi-UhOTvPGL"
}
],
"source": {
"advisory": "cisco-sa-uccx-multi-UhOTvPGL",
"defects": [
"CSCwk24130"
],
"discovery": "EXTERNAL"
},
"title": "Cisco Unifed Contact Center Express Stored Cross-Site Scripting Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2025-20279",
"datePublished": "2025-06-04T16:18:20.643Z",
"dateReserved": "2024-10-10T19:15:13.246Z",
"dateUpdated": "2025-06-04T18:19:30.697Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-20277 (GCVE-0-2025-20277)
Vulnerability from cvelistv5 ā Published: 2025-06-04 16:18 ā Updated: 2026-02-26 18:27
VLAI
Title
Cisco Unified Contact Center Express Path Traversal Vulnerability
Summary
A vulnerability in the web-based management interface of Cisco Unified CCX could allow an authenticated, local attacker to execute arbitrary code on an affected device. To exploit this vulnerability, the attacker must have valid administrative credentials.
This vulnerability is due to improper limitation of a pathname to a restricted directory (path traversal). An attacker could exploit this vulnerability by sending a crafted web request to an affected device, followed by a specific command through an SSH session. A successful exploit could allow the attacker to execute arbitrary code on the underlying operating system of an affected device as a low-privilege user. A successful exploit could also allow the attacker to undertake further actions to elevate their privileges to root.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Cisco | Cisco Unified Contact Center Express |
Affected:
10.6(1)
Affected: 10.5(1)SU1 Affected: 10.6(1)SU3 Affected: 12.0(1) Affected: 10.0(1)SU1 Affected: 10.6(1)SU1 Affected: 11.0(1)SU1 Affected: 11.5(1)SU1 Affected: 10.5(1) Affected: 11.6(1) Affected: 11.6(2) Affected: 12.5(1) Affected: 12.5(1)SU1 Affected: 12.5(1)SU2 Affected: 12.5(1)SU3 Affected: 12.5(1)_SU03_ES01 Affected: 12.5(1)_SU03_ES02 Affected: 12.5(1)_SU02_ES03 Affected: 12.5(1)_SU02_ES04 Affected: 12.5(1)_SU02_ES02 Affected: 12.5(1)_SU01_ES02 Affected: 12.5(1)_SU01_ES03 Affected: 12.5(1)_SU02_ES01 Affected: 11.6(2)ES07 Affected: 11.6(2)ES08 Affected: 12.5(1)_SU01_ES01 Affected: 12.0(1)ES04 Affected: 12.5(1)ES02 Affected: 12.5(1)ES03 Affected: 11.6(2)ES06 Affected: 12.5(1)ES01 Affected: 12.0(1)ES03 Affected: 12.0(1)ES01 Affected: 11.6(2)ES05 Affected: 12.0(1)ES02 Affected: 11.6(2)ES04 Affected: 11.6(2)ES03 Affected: 11.6(2)ES02 Affected: 11.6(2)ES01 Affected: 10.6(1)SU3ES03 Affected: 11.0(1)SU1ES03 Affected: 10.6(1)SU3ES01 Affected: 10.5(1)SU1ES10 Affected: 10.0(1)SU1ES04 Affected: 11.5(1)SU1ES03 Affected: 11.6(1)ES02 Affected: 11.5(1)ES01 Affected: 9.0(2)SU3ES04 Affected: 10.6(1)SU2 Affected: 10.6(1)SU2ES04 Affected: 11.6(1)ES01 Affected: 10.6(1)SU3ES02 Affected: 11.5(1)SU1ES02 Affected: 11.5(1)SU1ES01 Affected: 8.5(1) Affected: 11.0(1)SU1ES02 Affected: 12.5(1)_SU03_ES03 Affected: 12.5(1)_SU03_ES04 Affected: 12.5(1)_SU03_ES05 Affected: 12.5(1)_SU03_ES06 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-20277",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-06-05T03:55:23.589420Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-26T18:27:35.377Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Cisco Unified Contact Center Express",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "10.6(1)"
},
{
"status": "affected",
"version": "10.5(1)SU1"
},
{
"status": "affected",
"version": "10.6(1)SU3"
},
{
"status": "affected",
"version": "12.0(1)"
},
{
"status": "affected",
"version": "10.0(1)SU1"
},
{
"status": "affected",
"version": "10.6(1)SU1"
},
{
"status": "affected",
"version": "11.0(1)SU1"
},
{
"status": "affected",
"version": "11.5(1)SU1"
},
{
"status": "affected",
"version": "10.5(1)"
},
{
"status": "affected",
"version": "11.6(1)"
},
{
"status": "affected",
"version": "11.6(2)"
},
{
"status": "affected",
"version": "12.5(1)"
},
{
"status": "affected",
"version": "12.5(1)SU1"
},
{
"status": "affected",
"version": "12.5(1)SU2"
},
{
"status": "affected",
"version": "12.5(1)SU3"
},
{
"status": "affected",
"version": "12.5(1)_SU03_ES01"
},
{
"status": "affected",
"version": "12.5(1)_SU03_ES02"
},
{
"status": "affected",
"version": "12.5(1)_SU02_ES03"
},
{
"status": "affected",
"version": "12.5(1)_SU02_ES04"
},
{
"status": "affected",
"version": "12.5(1)_SU02_ES02"
},
{
"status": "affected",
"version": "12.5(1)_SU01_ES02"
},
{
"status": "affected",
"version": "12.5(1)_SU01_ES03"
},
{
"status": "affected",
"version": "12.5(1)_SU02_ES01"
},
{
"status": "affected",
"version": "11.6(2)ES07"
},
{
"status": "affected",
"version": "11.6(2)ES08"
},
{
"status": "affected",
"version": "12.5(1)_SU01_ES01"
},
{
"status": "affected",
"version": "12.0(1)ES04"
},
{
"status": "affected",
"version": "12.5(1)ES02"
},
{
"status": "affected",
"version": "12.5(1)ES03"
},
{
"status": "affected",
"version": "11.6(2)ES06"
},
{
"status": "affected",
"version": "12.5(1)ES01"
},
{
"status": "affected",
"version": "12.0(1)ES03"
},
{
"status": "affected",
"version": "12.0(1)ES01"
},
{
"status": "affected",
"version": "11.6(2)ES05"
},
{
"status": "affected",
"version": "12.0(1)ES02"
},
{
"status": "affected",
"version": "11.6(2)ES04"
},
{
"status": "affected",
"version": "11.6(2)ES03"
},
{
"status": "affected",
"version": "11.6(2)ES02"
},
{
"status": "affected",
"version": "11.6(2)ES01"
},
{
"status": "affected",
"version": "10.6(1)SU3ES03"
},
{
"status": "affected",
"version": "11.0(1)SU1ES03"
},
{
"status": "affected",
"version": "10.6(1)SU3ES01"
},
{
"status": "affected",
"version": "10.5(1)SU1ES10"
},
{
"status": "affected",
"version": "10.0(1)SU1ES04"
},
{
"status": "affected",
"version": "11.5(1)SU1ES03"
},
{
"status": "affected",
"version": "11.6(1)ES02"
},
{
"status": "affected",
"version": "11.5(1)ES01"
},
{
"status": "affected",
"version": "9.0(2)SU3ES04"
},
{
"status": "affected",
"version": "10.6(1)SU2"
},
{
"status": "affected",
"version": "10.6(1)SU2ES04"
},
{
"status": "affected",
"version": "11.6(1)ES01"
},
{
"status": "affected",
"version": "10.6(1)SU3ES02"
},
{
"status": "affected",
"version": "11.5(1)SU1ES02"
},
{
"status": "affected",
"version": "11.5(1)SU1ES01"
},
{
"status": "affected",
"version": "8.5(1)"
},
{
"status": "affected",
"version": "11.0(1)SU1ES02"
},
{
"status": "affected",
"version": "12.5(1)_SU03_ES03"
},
{
"status": "affected",
"version": "12.5(1)_SU03_ES04"
},
{
"status": "affected",
"version": "12.5(1)_SU03_ES05"
},
{
"status": "affected",
"version": "12.5(1)_SU03_ES06"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based management interface of Cisco Unified CCX could allow an authenticated, local attacker to execute arbitrary code on an affected device. To exploit this vulnerability, the attacker must have valid administrative credentials.\r\n\r\nThis vulnerability is due to improper limitation of a pathname to a restricted directory (path traversal). An attacker could exploit this vulnerability by sending a crafted web request to an affected device, followed by a specific command through an SSH session. A successful exploit could allow the attacker to execute arbitrary code on the underlying operating system of an affected device as a low-privilege user. A successful exploit could also allow the attacker to undertake further actions to elevate their privileges to root."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 3.4,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-06-04T16:18:12.612Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-uccx-multi-UhOTvPGL",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-uccx-multi-UhOTvPGL"
}
],
"source": {
"advisory": "cisco-sa-uccx-multi-UhOTvPGL",
"defects": [
"CSCwk24068"
],
"discovery": "EXTERNAL"
},
"title": "Cisco Unified Contact Center Express Path Traversal Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2025-20277",
"datePublished": "2025-06-04T16:18:12.612Z",
"dateReserved": "2024-10-10T19:15:13.246Z",
"dateUpdated": "2026-02-26T18:27:35.377Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-20276 (GCVE-0-2025-20276)
Vulnerability from cvelistv5 ā Published: 2025-06-04 16:18 ā Updated: 2026-02-26 18:27
VLAI
Title
Cisco Unified Contact Center Express Remote Code Execution Vulnerability
Summary
A vulnerability in the web-based management interface of Cisco Unified CCX could allow an authenticated, remote attacker to execute arbitrary code on an affected device. To exploit this vulnerability, the attacker must have valid administrative credentials.
This vulnerability is due to insecure deserialization of Java objects by the affected software. An attacker could exploit this vulnerability by sending a crafted Java object to an affected device. A successful exploit could allow the attacker to execute arbitrary code on the underlying operating system of an affected device as a low-privilege user. A successful exploit could also allow the attacker to undertake further actions to elevate their privileges to root.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-502 - Deserialization of Untrusted Data
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Cisco | Cisco Unified Contact Center Express |
Affected:
10.6(1)
Affected: 10.5(1)SU1 Affected: 10.6(1)SU3 Affected: 12.0(1) Affected: 10.0(1)SU1 Affected: 10.6(1)SU1 Affected: 11.0(1)SU1 Affected: 11.5(1)SU1 Affected: 10.5(1) Affected: 11.6(1) Affected: 11.6(2) Affected: 12.5(1) Affected: 12.5(1)SU1 Affected: 12.5(1)SU2 Affected: 12.5(1)SU3 Affected: 12.5(1)_SU03_ES01 Affected: 12.5(1)_SU03_ES02 Affected: 12.5(1)_SU02_ES03 Affected: 12.5(1)_SU02_ES04 Affected: 12.5(1)_SU02_ES02 Affected: 12.5(1)_SU01_ES02 Affected: 12.5(1)_SU01_ES03 Affected: 12.5(1)_SU02_ES01 Affected: 11.6(2)ES07 Affected: 11.6(2)ES08 Affected: 12.5(1)_SU01_ES01 Affected: 12.0(1)ES04 Affected: 12.5(1)ES02 Affected: 12.5(1)ES03 Affected: 11.6(2)ES06 Affected: 12.5(1)ES01 Affected: 12.0(1)ES03 Affected: 12.0(1)ES01 Affected: 11.6(2)ES05 Affected: 12.0(1)ES02 Affected: 11.6(2)ES04 Affected: 11.6(2)ES03 Affected: 11.6(2)ES02 Affected: 11.6(2)ES01 Affected: 10.6(1)SU3ES03 Affected: 11.0(1)SU1ES03 Affected: 10.6(1)SU3ES01 Affected: 10.5(1)SU1ES10 Affected: 10.0(1)SU1ES04 Affected: 11.5(1)SU1ES03 Affected: 11.6(1)ES02 Affected: 11.5(1)ES01 Affected: 9.0(2)SU3ES04 Affected: 10.6(1)SU2 Affected: 10.6(1)SU2ES04 Affected: 11.6(1)ES01 Affected: 10.6(1)SU3ES02 Affected: 11.5(1)SU1ES02 Affected: 11.5(1)SU1ES01 Affected: 8.5(1) Affected: 11.0(1)SU1ES02 Affected: 12.5(1)_SU03_ES03 Affected: 12.5(1)_SU03_ES04 Affected: 12.5(1)_SU03_ES05 Affected: 12.5(1)_SU03_ES06 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-20276",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-06-05T03:55:28.044029Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-26T18:27:35.729Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Cisco Unified Contact Center Express",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "10.6(1)"
},
{
"status": "affected",
"version": "10.5(1)SU1"
},
{
"status": "affected",
"version": "10.6(1)SU3"
},
{
"status": "affected",
"version": "12.0(1)"
},
{
"status": "affected",
"version": "10.0(1)SU1"
},
{
"status": "affected",
"version": "10.6(1)SU1"
},
{
"status": "affected",
"version": "11.0(1)SU1"
},
{
"status": "affected",
"version": "11.5(1)SU1"
},
{
"status": "affected",
"version": "10.5(1)"
},
{
"status": "affected",
"version": "11.6(1)"
},
{
"status": "affected",
"version": "11.6(2)"
},
{
"status": "affected",
"version": "12.5(1)"
},
{
"status": "affected",
"version": "12.5(1)SU1"
},
{
"status": "affected",
"version": "12.5(1)SU2"
},
{
"status": "affected",
"version": "12.5(1)SU3"
},
{
"status": "affected",
"version": "12.5(1)_SU03_ES01"
},
{
"status": "affected",
"version": "12.5(1)_SU03_ES02"
},
{
"status": "affected",
"version": "12.5(1)_SU02_ES03"
},
{
"status": "affected",
"version": "12.5(1)_SU02_ES04"
},
{
"status": "affected",
"version": "12.5(1)_SU02_ES02"
},
{
"status": "affected",
"version": "12.5(1)_SU01_ES02"
},
{
"status": "affected",
"version": "12.5(1)_SU01_ES03"
},
{
"status": "affected",
"version": "12.5(1)_SU02_ES01"
},
{
"status": "affected",
"version": "11.6(2)ES07"
},
{
"status": "affected",
"version": "11.6(2)ES08"
},
{
"status": "affected",
"version": "12.5(1)_SU01_ES01"
},
{
"status": "affected",
"version": "12.0(1)ES04"
},
{
"status": "affected",
"version": "12.5(1)ES02"
},
{
"status": "affected",
"version": "12.5(1)ES03"
},
{
"status": "affected",
"version": "11.6(2)ES06"
},
{
"status": "affected",
"version": "12.5(1)ES01"
},
{
"status": "affected",
"version": "12.0(1)ES03"
},
{
"status": "affected",
"version": "12.0(1)ES01"
},
{
"status": "affected",
"version": "11.6(2)ES05"
},
{
"status": "affected",
"version": "12.0(1)ES02"
},
{
"status": "affected",
"version": "11.6(2)ES04"
},
{
"status": "affected",
"version": "11.6(2)ES03"
},
{
"status": "affected",
"version": "11.6(2)ES02"
},
{
"status": "affected",
"version": "11.6(2)ES01"
},
{
"status": "affected",
"version": "10.6(1)SU3ES03"
},
{
"status": "affected",
"version": "11.0(1)SU1ES03"
},
{
"status": "affected",
"version": "10.6(1)SU3ES01"
},
{
"status": "affected",
"version": "10.5(1)SU1ES10"
},
{
"status": "affected",
"version": "10.0(1)SU1ES04"
},
{
"status": "affected",
"version": "11.5(1)SU1ES03"
},
{
"status": "affected",
"version": "11.6(1)ES02"
},
{
"status": "affected",
"version": "11.5(1)ES01"
},
{
"status": "affected",
"version": "9.0(2)SU3ES04"
},
{
"status": "affected",
"version": "10.6(1)SU2"
},
{
"status": "affected",
"version": "10.6(1)SU2ES04"
},
{
"status": "affected",
"version": "11.6(1)ES01"
},
{
"status": "affected",
"version": "10.6(1)SU3ES02"
},
{
"status": "affected",
"version": "11.5(1)SU1ES02"
},
{
"status": "affected",
"version": "11.5(1)SU1ES01"
},
{
"status": "affected",
"version": "8.5(1)"
},
{
"status": "affected",
"version": "11.0(1)SU1ES02"
},
{
"status": "affected",
"version": "12.5(1)_SU03_ES03"
},
{
"status": "affected",
"version": "12.5(1)_SU03_ES04"
},
{
"status": "affected",
"version": "12.5(1)_SU03_ES05"
},
{
"status": "affected",
"version": "12.5(1)_SU03_ES06"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based management interface of Cisco Unified CCX could allow an authenticated, remote attacker to execute arbitrary code on an affected device. To exploit this vulnerability, the attacker must have valid administrative credentials.\u0026nbsp;\r\n\r\nThis vulnerability is due to insecure deserialization of Java objects by the affected software. An attacker could exploit this vulnerability by sending a crafted Java object to an affected device. A successful exploit could allow the attacker to execute arbitrary code on the underlying operating system of an affected device as a low-privilege user. A successful exploit could also allow the attacker to undertake further actions to elevate their privileges to root."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.8,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-502",
"description": "Deserialization of Untrusted Data",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-06-04T16:18:04.091Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-uccx-multi-UhOTvPGL",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-uccx-multi-UhOTvPGL"
}
],
"source": {
"advisory": "cisco-sa-uccx-multi-UhOTvPGL",
"defects": [
"CSCwk24108"
],
"discovery": "EXTERNAL"
},
"title": "Cisco Unified Contact Center Express Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2025-20276",
"datePublished": "2025-06-04T16:18:04.091Z",
"dateReserved": "2024-10-10T19:15:13.246Z",
"dateUpdated": "2026-02-26T18:27:35.729Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}