CVE Details
Basic Information
| Title |
CVE-2025-20113 |
| Type |
cve |
| Published |
2025-05-21T17:15:55 |
| Last Seen |
2025-05-21T17:24:50 |
CVSS Information
| Base Score |
7.1 (HIGH) |
| Attack Vector |
NETWORK |
| Attack Complexity |
LOW |
| Privileges Required |
LOW |
| User Interaction |
NONE |
| Scope |
UNCHANGED |
| Confidentiality Impact |
HIGH |
| Integrity Impact |
LOW |
| Availability Impact |
NONE |
AI Analysis
| AI Description |
A vulnerability in Cisco Unified Intelligence Center allows authenticated attackers to elevate privileges, potentially accessing or modifying sensitive data due to insufficient server-side validation. |
| AI Severity |
High |
| Vendor |
Cisco |
| Product |
Cisco Unified Intelligence Center |
| Affected Version |
Versions not specified in the data |
Additional Information
| CVE List |
CVE-2025-20113 |
| CWE List |
CWE-602 |
| Bulletin Family |
cve |
Description
A vulnerability in Cisco Unified Intelligence Center could allow an authenticated, remote attacker to elevate privileges to Administrator for a limited set of functions on an affected system.
This vulnerability is due to insufficient server-side validation of user-supplied parameters in API or HTTP requests. An attacker could exploit this vulnerability by submitting a crafted API or HTTP request to an affected system. A successful exploit could allow the attacker to access, modify, or delete data beyond the sphere of their intended access level, including obtaining potentially sensitive information stored in the system.
CVSS Score Summary
Base Score: %!f(string=#) (HIGH)
View Full CVE Details
