CVE-2025-20374

Name of the Vulnerable Software and Affected Versions Cisco Unified CCX (affected versions not specified)

Description A flaw exists in the web UI of Cisco Unified CCX that may allow a remote attacker with administrative privileges to perform a directory traversal and access arbitrary resources. This is caused by inadequate input validation within specific UI features. An attacker could exploit this by sending a specially crafted request to the web UI, potentially gaining read access to files on the operating system.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.