Vulnslist

find the latest Cisco vulnerabilities

Multiple Cisco Contact Center Products Vulnerabilities

cisco-sa-cc-mult-vuln-gK4TFXSn · Medium · Published · Updated

Multiple vulnerabilities in Cisco Unified Contact Center Express (Unified CCX), Cisco Unified Contact Center Enterprise (Unified CCE), Cisco Packaged Contact Center Enterprise (Packaged CCE), and Cisco Unified Intelligence Center (CUIC) could allow an authenticated, remote attacker to disclose sensitive information, download arbitrary files, execute arbitrary commands, and elevate privileges to root. To exploit these vulnerabilities, the attacker must have valid credentials. For more information about these vulnerabilities, see the Details section of this advisory. This advisory is available at the following link:https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cc-mult-vuln-gK4TFXSn

Cisco advisory ·CSAF JSON

Workarounds

There are no workarounds that address these vulnerabilities.

CVEsCVE-2025-20374, CVE-2025-20375, CVE-2025-20376, CVE-2025-20377
Cisco Bug IDsCSCwq53352, CSCwq36646, CSCwq36645, CSCwq36567, CSCwq36596
CVSS ScoreBase 4.3
Base 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:X/RL:X/RC:X
Base 6.5 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N/E:X/RL:X/RC:X
Base 4.9 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N/E:X/RL:X/RC:X
Product Names From Source
Cisco Unified Contact Center Enterprise, Cisco Unified Contact Center Express, Cisco Packaged Contact Center Enterprise

Related Products

Product CVE Evidence