Unified Intelligence Center@11.5(1) Security Vulnerabilities and Issues — Unified Intelligence Center@11.5(1) CVE List

Lucene search

CiscoUnified Intelligence Center11.5(1)

7 matches found

CVE•added 2025/05/21 5:15 p.m.•58 views

CVE-2025-20113

A vulnerability in Cisco Unified Intelligence Center could allow an authenticated, remote attacker to elevate privileges to Administrator for a limited set of functions on an affected system. This vulnerability is due to insufficient server-side validation of user-supplied parameters in API or HTTP...

7.1CVSS6.8AI score0.00071EPSS

CVE•added 2017/09/21 5:29 a.m.•56 views

CVE-2017-12248

A vulnerability in the web framework code of Cisco Unified Intelligence Center Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web interface of an affected system. The vulnerability is due to insufficient input validation...

6.1CVSS6AI score0.00232EPSS

CVE•added 2017/09/21 5:29 a.m.•54 views

CVE-2017-12254

A vulnerability in the web interface of Cisco Unified Intelligence Center could allow an unauthenticated, remote attacker to perform a Document Object Model (DOM)-based cross-site scripting attack. The vulnerability is due to insufficient input validation of some parameters passed to the web server...

6.1CVSS6.4AI score0.00319EPSS

CVE•added 2025/05/21 5:15 p.m.•47 views

CVE-2025-20114

A vulnerability in the API of Cisco Unified Intelligence Center could allow an authenticated, remote attacker to perform a horizontal privilege escalation attack on an affected system. This vulnerability is due to insufficient validation of user-supplied parameters in API requests. An attacker coul...

4.3CVSS5AI score0.00045EPSS

CVE•added 2017/09/21 5:29 a.m.•40 views

CVE-2017-12253

A vulnerability in the Cisco Unified Intelligence Center could allow an unauthenticated, remote attacker to execute unwanted actions. The vulnerability is due to a lack of cross-site request forgery (CSRF) protection. An attacker could exploit this vulnerability by tricking the user of a web applic...

8.8CVSS8.8AI score0.00329EPSS

CVE•added 2025/07/16 5:15 p.m.•10 views

CVE-2025-20274

A vulnerability in the web-based management interface of Cisco Unified Intelligence Center could allow an authenticated, remote attacker to upload arbitrary files to an affected device. This vulnerability is due to improper validation of files that are uploaded to the web-based management interface...

8.8CVSS7.4AI score0.00252EPSS

CVE•added 2025/07/16 5:15 p.m.•6 views

CVE-2025-20288

A vulnerability in the web-based management interface of Cisco Unified Intelligence Center could allow an unauthenticated, remote attacker to conduct a server-side request forgery (SSRF) attack through an affected device. This vulnerability is due to improper input validation for specific HTTP requ...

5.8CVSS6.8AI score0.00024EPSS