Volerion logoVolerion
Volerion logoVolerion

Cisco Unified Intelligence Center Server-Side Request Forgery Vulnerability

Vulnerability

A server-side request forgery (SSRF) vulnerability has been identified in the web-based management interface of Cisco Unified Intelligence Center. This vulnerability allows an unauthenticated, remote attacker to send arbitrary network requests from the affected device. The issue arises from improper input validation of certain HTTP requests.

Impact

Exploitation of this vulnerability could enable an attacker to conduct SSRF attacks, potentially allowing access to internal services or resources that are not normally exposed to external networks.

Remediation

Cisco has released software updates to address this vulnerability. For Cisco Unified Intelligence Center, users can upgrade to version 12.5(1) SU ES05 or 12.6(2) ES05. For Cisco Unified Contact Center Express, users should migrate to a fixed release. Consult the Cisco Product Security Incident Response Team (PSIRT) for guidance on the upgrade process.

Added: Jul 16, 2025, 5:38 PM
Updated: Jul 16, 2025, 5:38 PM

Vulnerability Rating

Custom Algorithm
spread
2.6
impact
0.6
exploitability
7.0
remediation
7.7
relevance
0.2
threat
0.0
urgency
2.9
incentive
5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.