Cisco Unified Contact Center Express up to UCCX 15.0.1 Editor Application missing authentication

Summaryinfo

A vulnerability was found in Cisco Unified Contact Center Express. It has been rated as critical. This affects an unknown part of the component Editor Application. The manipulation leads to missing authentication. This vulnerability is traded as CVE-2025-20358. It is possible to initiate the attack remotely. There is no exploit available. Upgrading the affected component is advised.

Detailsinfo

A vulnerability was found in Cisco Unified Contact Center Express. It has been rated as critical. This issue affects an unknown function of the component Editor Application. The manipulation with an unknown input leads to a missing authentication vulnerability. Using CWE to declare the problem leads to CWE-306. The product does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources. Impacted is confidentiality, integrity, and availability. The summary by CVE is:

A vulnerability in the Contact Center Express (CCX) Editor application of Cisco Unified CCX could allow an unauthenticated, remote attacker to bypass authentication and obtain administrative permissions pertaining to script creation and execution. This vulnerability is due to improper authentication mechanisms in the communication between the CCX Editor and an affected Unified CCX server. An attacker could exploit this vulnerability by redirecting the authentication flow to a malicious server and tricking the CCX Editor into believing the authentication was successful. A successful exploit could allow the attacker to create and execute arbitrary scripts on the underlying operating system of an affected Unified CCX server, as an internal non-root user account.

The advisory is shared at sec.cloudapps.cisco.com. The identification of this vulnerability is CVE-2025-20358 since 10/10/2024. The exploitation is known to be easy. The attack may be initiated remotely. No form of authentication is needed for a successful exploitation. Neither technical details nor an exploit are publicly available. The price for an exploit might be around USD $0-$5k at the moment (estimation calculated on 11/08/2025).

Upgrading eliminates this vulnerability.

The vulnerability is also documented in the vulnerability database at EUVD (EUVD-2025-37891). Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

Productinfo

Vendor

• Cisco

Name

• Unified Contact Center Express

Version

• 10.5(1)
• 10.5(1)SU1
• 10.5(1)SU1ES10
• 10.6(1)
• 10.6(1)SU1
• 10.6(1)SU2
• 10.6(1)SU2ES04
• 10.6(1)SU3
• 10.6(1)SU3ES01
• 10.6(1)SU3ES02
• 10.6(1)SU3ES03
• 11.0(1)SU1
• 11.0(1)SU1ES02
• 11.0(1)SU1ES03
• 11.5(1)ES01
• 11.5(1)SU1
• 11.5(1)SU1ES01
• 11.5(1)SU1ES02
• 11.5(1)SU1ES03
• 11.6(1)
• 11.6(1)ES01
• 11.6(1)ES02
• 11.6(2)
• 11.6(2)ES01
• 11.6(2)ES02
• 11.6(2)ES03
• 11.6(2)ES04
• 11.6(2)ES05
• 11.6(2)ES06
• 11.6(2)ES07
• 11.6(2)ES08
• 12.0(1)
• 12.0(1)ES01
• 12.0(1)ES02
• 12.0(1)ES03
• 12.0(1)ES04
• 12.5(1)
• 12.5(1)ES01
• 12.5(1)ES02
• 12.5(1)ES03
• 12.5(1)SU1
• 12.5(1)SU2
• 12.5(1)SU3
• 12.5(1)_SU01_ES01
• 12.5(1)_SU01_ES02
• 12.5(1)_SU01_ES03
• 12.5(1)_SU02_ES01
• 12.5(1)_SU02_ES02
• 12.5(1)_SU02_ES03
• 12.5(1)_SU02_ES04
• 12.5(1)_SU03_ES01
• 12.5(1)_SU03_ES02
• 12.5(1)_SU03_ES03
• 12.5(1)_SU03_ES04
• 12.5(1)_SU03_ES05
• 12.5(1)_SU03_ES06
• UCCX 15.0.1

License

• commercial

Website

• Vendor: https://www.cisco.com/

CPE 2.3info

• 🔒
• 🔒
• 🔒

CPE 2.2info

• 🔒
• 🔒
• 🔒

CVSSv4info

CVSSv3info

CVSSv2info

Exploitinginfo

Threat Intelligenceinfo

Countermeasuresinfo

Timelineinfo

Sourcesinfo

Entryinfo

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

Discussion