VYPR
Medium severity4.3NVD Advisory· Published Nov 5, 2025· Updated Apr 15, 2026

CVE-2025-20377

CVE-2025-20377

Description

A vulnerability in the API subsystem of Cisco Unified Intelligence Center could allow an authenticated, remote attacker to obtain sensitive information from an affected system.

This vulnerability is due to improper validation of requests to certain API endpoints. An attacker could exploit this vulnerability by sending a valid request to a specific API endpoint within the affected system. A successful exploit could allow a low-privileged user to view sensitive information on the affected system that should be restricted. To exploit this vulnerability, the attacker must have valid user credentials on the affected system.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

1

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.