Unified Contact Center Express@11.5(1)su1es03 Security Vulnerabilities and Issues — Unified Contact Center Express@11.5(1)su1es03 CVE List

Lucene search

CiscoUnified Contact Center Express11.5(1)su1es03

8 matches found

CVE•added 2025/05/21 5:15 p.m.•58 views

CVE-2025-20113

A vulnerability in Cisco Unified Intelligence Center could allow an authenticated, remote attacker to elevate privileges to Administrator for a limited set of functions on an affected system. This vulnerability is due to insufficient server-side validation of user-supplied parameters in API or HTTP...

7.1CVSS6.8AI score0.00071EPSS

CVE•added 2025/05/21 5:15 p.m.•47 views

CVE-2025-20114

A vulnerability in the API of Cisco Unified Intelligence Center could allow an authenticated, remote attacker to perform a horizontal privilege escalation attack on an affected system. This vulnerability is due to insufficient validation of user-supplied parameters in API requests. An attacker coul...

4.3CVSS5AI score0.00045EPSS

CVE•added 2025/06/04 5:15 p.m.•44 views

CVE-2025-20275

A vulnerability in the file opening process of Cisco Unified Contact Center Express (Unified CCX) Editor could allow an unauthenticated attacker to execute arbitrary code on an affected device. This vulnerability is due to insecure deserialization of Java objects by the affected software. An attack...

7.8CVSS5.9AI score0.00194EPSS

CVE•added 2025/06/04 5:15 p.m.•43 views

CVE-2025-20279

A vulnerability in the web-based management interface of Cisco Unified CCX could allow an authenticated, remote attacker to conduct a stored XSS attack on an affected system. To exploit this vulnerability, the attacker must have valid administrative credentials. This vulnerability is due to imprope...

4.8CVSS4.9AI score0.00039EPSS

CVE•added 2025/06/04 5:15 p.m.•42 views

CVE-2025-20277

A vulnerability in the web-based management interface of Cisco Unified CCX could allow an authenticated, local attacker to execute arbitrary code on an affected device. To exploit this vulnerability, the attacker must have valid administrative credentials. This vulnerability is due to improper limi...

6.7CVSS4.9AI score0.00017EPSS

CVE•added 2025/06/04 5:15 p.m.•40 views

CVE-2025-20276

A vulnerability in the web-based management interface of Cisco Unified CCX could allow an authenticated, remote attacker to execute arbitrary code on an affected device. To exploit this vulnerability, the attacker must have valid administrative credentials. This vulnerability is due to insecure des...

7.2CVSS7.9AI score0.00169EPSS

CVE•added 2025/07/16 5:15 p.m.•10 views

CVE-2025-20274

A vulnerability in the web-based management interface of Cisco Unified Intelligence Center could allow an authenticated, remote attacker to upload arbitrary files to an affected device. This vulnerability is due to improper validation of files that are uploaded to the web-based management interface...

8.8CVSS7.4AI score0.00252EPSS

CVE•added 2025/07/16 5:15 p.m.•6 views

CVE-2025-20288

A vulnerability in the web-based management interface of Cisco Unified Intelligence Center could allow an unauthenticated, remote attacker to conduct a server-side request forgery (SSRF) attack through an affected device. This vulnerability is due to improper input validation for specific HTTP requ...

5.8CVSS6.8AI score0.00024EPSS