CVE-2025-20288

MEDIUM EPSS 24.1%
Published Jul 16, 202511mo ago · Modified Jun 17, 20261w ago
5.3 CVSS 3.1
Medium
Find Similar
Published Jul 16, 2025 11mo ago
Last Modified Jun 17, 2026 1w ago

Description

A vulnerability in the web-based management interface of Cisco Unified Intelligence Center could allow an unauthenticated, remote attacker to conduct a server-side request forgery (SSRF) attack through an affected device. This vulnerability is due to improper input validation for specific HTTP requests. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected device. A successful exploit could allow the attacker to send arbitrary network requests that are sourced from the affected device.

CVSS Details

Base Score
5.3
Exploitability
3.9
Impact
1.4
Vector string
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
Attack Vector Network
Attack Complexity Low
Privileges Required None
User Interaction None
Scope Unchanged
Confidentiality None
Integrity Low
Availability None

Threat Intelligence

EPSS Exploit Probability
24.1% percentile
Exploit & Patch Status
No Known Exploit
No Patch Available

Weaknesses 1

CWE-918 Server-Side Request Forgery (SSRF) Validation

Affected Products 69

VendorProductVersionRange
ciscounified_intelligence_center10.5\(1\)any
ciscounified_intelligence_center11.0\(1\)any
ciscounified_intelligence_center11.0\(2\)any
ciscounified_intelligence_center11.0\(3\)any
ciscounified_intelligence_center11.5\(1\)any
ciscounified_intelligence_center11.6\(1\)any
ciscounified_intelligence_center12.0\(1\)any
ciscounified_intelligence_center12.5\(1\)any
ciscounified_intelligence_center12.5\(1\)suany
ciscounified_intelligence_center12.6\(1\)any
ciscounified_intelligence_center12.6\(1\)_es05_etany
ciscounified_intelligence_center12.6\(1\)_etany
ciscounified_intelligence_center12.6\(2\)any
ciscounified_contact_center_express10.5\(1\)any
ciscounified_contact_center_express10.5\(1\)su1any
ciscounified_contact_center_express10.5\(1\)su1es10any
ciscounified_contact_center_express10.6\(1\)any
ciscounified_contact_center_express10.6\(1\)su1any
ciscounified_contact_center_express10.6\(1\)su2any
ciscounified_contact_center_express10.6\(1\)su2es04any
ciscounified_contact_center_express10.6\(1\)su3any
ciscounified_contact_center_express10.6\(1\)su3es01any
ciscounified_contact_center_express10.6\(1\)su3es02any
ciscounified_contact_center_express10.6\(1\)su3es03any
ciscounified_contact_center_express11.0\(1\)su1any
ciscounified_contact_center_express11.0\(1\)su1es02any
ciscounified_contact_center_express11.0\(1\)su1es03any
ciscounified_contact_center_express11.5\(1\)es01any
ciscounified_contact_center_express11.5\(1\)su1any
ciscounified_contact_center_express11.5\(1\)su1es01any
ciscounified_contact_center_express11.5\(1\)su1es02any
ciscounified_contact_center_express11.5\(1\)su1es03any
ciscounified_contact_center_express11.6\(1\)any
ciscounified_contact_center_express11.6\(1\)es01any
ciscounified_contact_center_express11.6\(1\)es02any
ciscounified_contact_center_express11.6\(2\)any
ciscounified_contact_center_express11.6\(2\)es01any
ciscounified_contact_center_express11.6\(2\)es02any
ciscounified_contact_center_express11.6\(2\)es03any
ciscounified_contact_center_express11.6\(2\)es04any
ciscounified_contact_center_express11.6\(2\)es05any
ciscounified_contact_center_express11.6\(2\)es06any
ciscounified_contact_center_express11.6\(2\)es07any
ciscounified_contact_center_express11.6\(2\)es08any
ciscounified_contact_center_express12.0\(1\)any
ciscounified_contact_center_express12.0\(1\)es01any
ciscounified_contact_center_express12.0\(1\)es02any
ciscounified_contact_center_express12.0\(1\)es03any
ciscounified_contact_center_express12.0\(1\)es04any
ciscounified_contact_center_express12.5\(1\)any
ciscounified_contact_center_express12.5\(1\)_su01_es01any
ciscounified_contact_center_express12.5\(1\)_su01_es02any
ciscounified_contact_center_express12.5\(1\)_su01_es03any
ciscounified_contact_center_express12.5\(1\)_su02_es01any
ciscounified_contact_center_express12.5\(1\)_su02_es02any
ciscounified_contact_center_express12.5\(1\)_su02_es03any
ciscounified_contact_center_express12.5\(1\)_su02_es04any
ciscounified_contact_center_express12.5\(1\)_su03_es01any
ciscounified_contact_center_express12.5\(1\)_su03_es02any
ciscounified_contact_center_express12.5\(1\)_su03_es03any
ciscounified_contact_center_express12.5\(1\)_su03_es04any
ciscounified_contact_center_express12.5\(1\)_su03_es05any
ciscounified_contact_center_express12.5\(1\)_su03_es06any
ciscounified_contact_center_express12.5\(1\)es01any
ciscounified_contact_center_express12.5\(1\)es02any
ciscounified_contact_center_express12.5\(1\)es03any
ciscounified_contact_center_express12.5\(1\)su1any
ciscounified_contact_center_express12.5\(1\)su2any
ciscounified_contact_center_express12.5\(1\)su3any

References 1

  • sec.cloudapps.cisco.com https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cuis-ssrf-JSuDjeV
    Vendor Advisory

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.