Cisco Unified Contact Center Express up to 12.5(1)_SU03_ES06 Web-based Management Interface cross site scripting

Summaryinfo

A vulnerability classified as problematic was found in Cisco Unified Contact Center Express. Affected is an unknown function of the component Web-based Management Interface. The manipulation results in cross site scripting. This vulnerability was named CVE-2025-20279. The attack may be performed from remote. There is no available exploit. Upgrading the affected component is advised.

Detailsinfo

A vulnerability, which was classified as problematic, was found in Cisco Unified Contact Center Express. Affected is an unknown function of the component Web-based Management Interface. The manipulation with an unknown input leads to a cross site scripting vulnerability. CWE is classifying the issue as CWE-79. The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users. This is going to have an impact on integrity. CVE summarizes:

A vulnerability in the web-based management interface of Cisco Unified CCX could allow an authenticated, remote attacker to conduct a stored XSS attack on an affected system. To exploit this vulnerability, the attacker must have valid administrative credentials. This vulnerability is due to improper sanitization of user input to the web-based management interface. An attacker could exploit this vulnerability by submitting a malicious script through the interface. A successful exploit could allow the attacker to conduct a stored XSS attack on the affected system.

The advisory is available at sec.cloudapps.cisco.com. This vulnerability is traded as CVE-2025-20279 since 10/10/2024. The exploitability is told to be easy. It is possible to launch the attack remotely. Additional levels of successful authentication are necessary for exploitation. Successful exploitation requires user interaction by the victim. The technical details are unknown and an exploit is not available. This vulnerability is assigned to T1059.007 by the MITRE ATT&CK project.

Upgrading eliminates this vulnerability.

The vulnerability is also documented in the vulnerability database at EUVD (EUVD-2025-16885). If you want to get best quality of vulnerability data, you may have to visit VulDB.

Productinfo

Vendor

• Cisco

Name

• Unified Contact Center Express

Version

• 8.5(1)
• 9.0(2)SU3ES04
• 10.0(1)SU1
• 10.0(1)SU1ES04
• 10.5(1)
• 10.5(1)SU1
• 10.5(1)SU1ES10
• 10.6(1)
• 10.6(1)SU1
• 10.6(1)SU2
• 10.6(1)SU2ES04
• 10.6(1)SU3
• 10.6(1)SU3ES01
• 10.6(1)SU3ES02
• 10.6(1)SU3ES03
• 11.0(1)SU1
• 11.0(1)SU1ES02
• 11.0(1)SU1ES03
• 11.5(1)ES01
• 11.5(1)SU1
• 11.5(1)SU1ES01
• 11.5(1)SU1ES02
• 11.5(1)SU1ES03
• 11.6(1)
• 11.6(1)ES01
• 11.6(1)ES02
• 11.6(2)
• 11.6(2)ES01
• 11.6(2)ES02
• 11.6(2)ES03
• 11.6(2)ES04
• 11.6(2)ES05
• 11.6(2)ES06
• 11.6(2)ES07
• 11.6(2)ES08
• 12.0(1)
• 12.0(1)ES01
• 12.0(1)ES02
• 12.0(1)ES03
• 12.0(1)ES04
• 12.5(1)
• 12.5(1)ES01
• 12.5(1)ES02
• 12.5(1)ES03
• 12.5(1)SU1
• 12.5(1)SU2
• 12.5(1)SU3
• 12.5(1)_SU01_ES01
• 12.5(1)_SU01_ES02
• 12.5(1)_SU01_ES03
• 12.5(1)_SU02_ES01
• 12.5(1)_SU02_ES02
• 12.5(1)_SU02_ES03
• 12.5(1)_SU02_ES04
• 12.5(1)_SU03_ES01
• 12.5(1)_SU03_ES02
• 12.5(1)_SU03_ES03
• 12.5(1)_SU03_ES04
• 12.5(1)_SU03_ES05
• 12.5(1)_SU03_ES06

License

• commercial

Website

• Vendor: https://www.cisco.com/

CPE 2.3info

• 🔍
• 🔍
• 🔍

CPE 2.2info

• 🔍
• 🔍
• 🔍

CVSSv4info

CVSSv3info

CVSSv2info

Exploitinginfo

Threat Intelligenceinfo

Countermeasuresinfo

Timelineinfo

Sourcesinfo

Entryinfo

If you want to get best quality of vulnerability data, you may have to visit VulDB.

Discussion