CVE-2025-20288 – Cisco Unified Intelligence Center SSRF Vulnerability

CVE ID : CVE-2025-20288

Published : July 16, 2025, 5:15 p.m. | 1 hour, 20 minutes ago

Description : A vulnerability in the web-based management interface of Cisco Unified Intelligence Center could allow an unauthenticated, remote attacker to conduct a server-side request forgery (SSRF) attack through an affected device.

This vulnerability is due to improper input validation for specific HTTP requests. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected device. A successful exploit could allow the attacker to send arbitrary network requests that are sourced from the affected device.

Severity: 5.8 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…