CVE-2025-20377

Summary

A vulnerability in the API subsystem of Cisco Unified Intelligence Center could allow an authenticated, remote attacker to obtain sensitive information from an affected system.

This vulnerability is due to improper validation of requests to certain API endpoints. An attacker could exploit this vulnerability by sending a valid request to a specific API endpoint within the affected system. A successful exploit could allow a low-privileged user to view sensitive information on the affected system that should be restricted. To exploit this vulnerability, the attacker must have valid user credentials on the affected system.

Affected Software

VendorProductVersion RangeStatus
CiscoCisco Packaged Contact Center Enterprise12.5(1)affected
CiscoCisco Packaged Contact Center Enterprise11.0(1)affected
CiscoCisco Packaged Contact Center Enterprise12.0(1)affected
CiscoCisco Packaged Contact Center Enterprise11.0(2)affected
CiscoCisco Packaged Contact Center Enterprise11.5(1)affected
CiscoCisco Packaged Contact Center Enterprise10.5(1)affected
CiscoCisco Packaged Contact Center Enterprise10.5(2)affected
CiscoCisco Packaged Contact Center Enterprise11.6(2)affected
CiscoCisco Packaged Contact Center Enterprise10.5(1)_ES7affected
CiscoCisco Packaged Contact Center Enterprise11.6(1)affected
CiscoCisco Packaged Contact Center Enterprise10.5(2)_ES8affected
CiscoCisco Packaged Contact Center Enterprise12.6(1)affected
CiscoCisco Packaged Contact Center Enterprise12.5(2)affected
CiscoCisco Packaged Contact Center Enterprise12.6(2)affected
CiscoCisco Packaged Contact Center Enterprise15.0(1)affected
CiscoCisco Unified Contact Center Enterprise12.6(1)ES3affected
CiscoCisco Unified Contact Center Enterprise12.6(1)ES1affected
CiscoCisco Unified Contact Center Enterprise12.6(1)affected
CiscoCisco Unified Contact Center Enterprise12.6(1)ES2affected
CiscoCisco Unified Contact Center Enterprise12.6(1)SecurityPatchaffected
CiscoCisco Unified Contact Center Enterprise12.5(1)ES1affected
CiscoCisco Unified Contact Center Enterprise12.5(1)affected
CiscoCisco Unified Contact Center Enterprise12.6(1)ES4affected
CiscoCisco Unified Contact Center Enterprise11.0(1)affected
CiscoCisco Unified Contact Center Enterprise10.5(1)affected
CiscoCisco Unified Contact Center Enterprise12.0(1)affected
CiscoCisco Unified Contact Center Enterprise10.5affected
CiscoCisco Unified Contact Center Enterprise11.0affected
CiscoCisco Unified Contact Center Enterprise11.5affected
CiscoCisco Unified Contact Center Enterprise12.6(2)affected
CiscoCisco Unified Contact Center Enterprise12.6(2)ES1affected
CiscoCisco Unified Contact Center Enterprise12.6(2)ES2affected
CiscoCisco Unified Contact Center Enterprise15.0(1)affected
CiscoCisco Unified Contact Center Enterprise12.6(2)ES3affected
CiscoCisco Unified Contact Center Enterprise15.0(1)ET01affected
CiscoCisco Unified Contact Center Enterprise15.0(1)_SP1affected
CiscoCisco Unified Contact Center Express10.5(1)SU1affected
CiscoCisco Unified Contact Center Express10.6(1)affected
CiscoCisco Unified Contact Center Express11.6(1)affected
CiscoCisco Unified Contact Center Express10.6(1)SU1affected
CiscoCisco Unified Contact Center Express10.6(1)SU3affected
CiscoCisco Unified Contact Center Express11.6(2)affected
CiscoCisco Unified Contact Center Express12.0(1)affected
CiscoCisco Unified Contact Center Express11.0(1)SU1affected
CiscoCisco Unified Contact Center Express11.5(1)SU1affected
CiscoCisco Unified Contact Center Express10.5(1)affected
CiscoCisco Unified Contact Center Express12.5(1)affected
CiscoCisco Unified Contact Center Express12.5(1)SU1affected
CiscoCisco Unified Contact Center Express12.5(1)SU2affected
CiscoCisco Unified Contact Center Express12.5(1)SU3affected
CiscoCisco Unified Contact Center Express12.5(1)_SU03_ES01affected
CiscoCisco Unified Contact Center Express12.5(1)_SU03_ES02affected
CiscoCisco Unified Contact Center Express12.5(1)_SU02_ES03affected
CiscoCisco Unified Contact Center Express12.5(1)_SU02_ES04affected
CiscoCisco Unified Contact Center Express12.5(1)_SU02_ES02affected
CiscoCisco Unified Contact Center Express12.5(1)_SU01_ES02affected
CiscoCisco Unified Contact Center Express12.5(1)_SU01_ES03affected
CiscoCisco Unified Contact Center Express12.5(1)_SU02_ES01affected
CiscoCisco Unified Contact Center Express11.6(2)ES07affected
CiscoCisco Unified Contact Center Express11.6(2)ES08affected
CiscoCisco Unified Contact Center Express12.5(1)_SU01_ES01affected
CiscoCisco Unified Contact Center Express12.0(1)ES04affected
CiscoCisco Unified Contact Center Express12.5(1)ES02affected
CiscoCisco Unified Contact Center Express12.5(1)ES03affected
CiscoCisco Unified Contact Center Express11.6(2)ES06affected
CiscoCisco Unified Contact Center Express12.5(1)ES01affected
CiscoCisco Unified Contact Center Express12.0(1)ES03affected
CiscoCisco Unified Contact Center Express12.0(1)ES01affected
CiscoCisco Unified Contact Center Express11.6(2)ES05affected
CiscoCisco Unified Contact Center Express12.0(1)ES02affected
CiscoCisco Unified Contact Center Express11.6(2)ES04affected
CiscoCisco Unified Contact Center Express11.6(2)ES03affected
CiscoCisco Unified Contact Center Express11.6(2)ES02affected
CiscoCisco Unified Contact Center Express11.6(2)ES01affected
CiscoCisco Unified Contact Center Express10.6(1)SU3ES03affected
CiscoCisco Unified Contact Center Express11.0(1)SU1ES03affected
CiscoCisco Unified Contact Center Express10.6(1)SU3ES01affected
CiscoCisco Unified Contact Center Express10.5(1)SU1ES10affected
CiscoCisco Unified Contact Center Express11.5(1)SU1ES03affected
CiscoCisco Unified Contact Center Express11.6(1)ES02affected
CiscoCisco Unified Contact Center Express11.5(1)ES01affected
CiscoCisco Unified Contact Center Express10.6(1)SU2affected
CiscoCisco Unified Contact Center Express10.6(1)SU2ES04affected
CiscoCisco Unified Contact Center Express11.6(1)ES01affected
CiscoCisco Unified Contact Center Express10.6(1)SU3ES02affected
CiscoCisco Unified Contact Center Express11.5(1)SU1ES02affected
CiscoCisco Unified Contact Center Express11.5(1)SU1ES01affected
CiscoCisco Unified Contact Center Express11.0(1)SU1ES02affected
CiscoCisco Unified Contact Center Express12.5(1)_SU03_ES03affected
CiscoCisco Unified Contact Center Express12.5(1)_SU03_ES04affected
CiscoCisco Unified Contact Center Express12.5(1)_SU03_ES05affected
CiscoCisco Unified Contact Center ExpressUCCX 15.0.1affected
CiscoCisco Unified Contact Center Express12.5(1)_SU03_ES06affected
CiscoCisco Unified Intelligence Center11.6(1)affected
CiscoCisco Unified Intelligence Center10.5(1)affected
CiscoCisco Unified Intelligence Center11.0(1)affected
CiscoCisco Unified Intelligence Center11.5(1)affected
CiscoCisco Unified Intelligence Center12.0(1)affected
CiscoCisco Unified Intelligence Center12.5(1)affected
CiscoCisco Unified Intelligence Center11.0(2)affected
CiscoCisco Unified Intelligence Center12.6(1)affected
CiscoCisco Unified Intelligence Center12.5(1)SUaffected
CiscoCisco Unified Intelligence Center12.6(1)_ETaffected
CiscoCisco Unified Intelligence Center12.6(1)_ES05_ETaffected
CiscoCisco Unified Intelligence Center11.0(3)affected
CiscoCisco Unified Intelligence Center12.6(2)affected
CiscoCisco Unified Intelligence Center12.6(2)_504_Issue_ETaffected
CiscoCisco Unified Intelligence Center12.6.1_ExcelIssue_ETaffected
CiscoCisco Unified Intelligence Center12.6(2)_Permalink_ETaffected
CiscoCisco Unified Intelligence Center12.6.2_CSCwk19536_ETaffected
CiscoCisco Unified Intelligence Center12.6.2_CSCwm96922_ETaffected
CiscoCisco Unified Intelligence Center12.6.2_Amq_OOS_ETaffected
CiscoCisco Unified Intelligence Center12.5(2)ET_CSCwi79933affected
CiscoCisco Unified Intelligence Center12.6(2)_ETaffected
CiscoCisco Unified Intelligence Center12.6.2_CSCwn48501_ETaffected
CiscoCisco Unified Intelligence Center15.0(1)affected
CiscoCisco Unified Intelligence Center12.6.2_CSCwp61293_ETaffected
CiscoCisco Unified Intelligence Center12.6.2_CSCwp92614_ETaffected

Weaknesses

  • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References