Kareem Mohamed

**Name of the Vulnerable Software and Affected Versions** Cisco Unified Intelligence Center (affected versions not specified) **Description** The issue is related to the implementation of the application programming interface in the Cisco Unified Intelligence Center reporting tool, which lacks protection of service data. This could allow a remote attacker to gain unauthorized access to the device. An authenticated, remote attacker may collect sensitive information or perform a server-side request forgery (SSRF) attack on an affected system. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Cisco Unified Intelligence Center (affected versions not specified) **Description** The issue is related to multiple vulnerabilities in Cisco Unified Intelligence Center that could allow an authenticated, remote attacker to collect sensitive information or perform a server-side request forgery (SSRF) attack on an affected system. This is due to a lack of protection for service data, which can be exploited using a specially crafted HTTP request. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.