CVE Details
Basic Information
| Title |
CVE-2025-20114 |
| Type |
cve |
| Published |
2025-05-21T17:15:55 |
| Last Seen |
2025-05-21T17:24:49 |
CVSS Information
| Base Score |
4.3 (MEDIUM) |
| Attack Vector |
NETWORK |
| Attack Complexity |
LOW |
| Privileges Required |
LOW |
| User Interaction |
NONE |
| Scope |
UNCHANGED |
| Confidentiality Impact |
LOW |
| Integrity Impact |
NONE |
| Availability Impact |
NONE |
AI Analysis
| AI Description |
|
| AI Severity |
|
| Vendor |
|
| Product |
|
| Affected Version |
|
Additional Information
| CVE List |
CVE-2025-20114 |
| CWE List |
CWE-639 |
| Bulletin Family |
cve |
Description
A vulnerability in the API of Cisco Unified Intelligence Center could allow an authenticated, remote attacker to perform a horizontal privilege escalation attack on an affected system.
This vulnerability is due to insufficient validation of user-supplied parameters in API requests. An attacker could exploit this vulnerability by submitting crafted API requests to an affected system to execute an insecure direct object reference attack. A successful exploit could allow the attacker to access specific data that is associated with different users on the affected system.
CVSS Score Summary
Base Score: %!f(string=#) (MEDIUM)
View Full CVE Details
