VulnerAlert



CISCO
JAVA
04-06-2025 21:05

CVE-2025-20276 Vulnerabilidad documentada

3.8 LOW
Tags
#java
#exploit
#web
#nifi
#admin
#cisco
#vulnerability
#affected
#authenticated
#arbitrary
#remote
#root
#privilege
#execute
#allow
#attack
#affect
Descripción
A vulnerability in the web-based management interface of Cisco Unified CCX could allow an authenticated, remote attacker to execute arbitrary code on affected device. To exploit this vulnerability, must have valid administrative credentials.  This is due insecure deserialization Java objects by software. An sending a crafted object A successful underlying operating system device as low-privilege user. also undertake further actions elevate their privileges root.
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-uccx-multi-UhOTvPGL
Referencia
Link externo
Ver detalles

Fuente
https://nvd.nist.gov/vuln/detail/CVE-2025-20276
Resultados similares
Coincidentes en almenos en 50% de los tags
05-06-2025 CVE-2025-5680
A vulnerability classified as critical was found in Shenzhen Dashi Tongzhou Information Technol...
Ver información
05-06-2025 CVE-2020-8929
A mis-handling of invalid unicode characters in the Java implementation of Tink versions prior ...
Ver información
Icons made by Freepik from www.flaticon.com
Este Proyecto fue cofinanciado por el Consejo Nacional de Ciencia y Tecnología (CONACYT) a través del PROINNOVA 2021/2023
Proyecto realizado por