CVE-2025-20114

Name of the Vulnerable Software and Affected Versions Cisco Unified Intelligence Center (affected versions not specified)

Description The issue is due to insufficient validation of user-supplied parameters in API requests, allowing an authenticated, remote attacker to perform a horizontal privilege escalation attack. An attacker could exploit this by submitting crafted API requests to execute an insecure direct object reference attack, potentially accessing specific data associated with different users on the affected system.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.