How severe is CVE-2025-20113?

This vulnerability has a severity rating of HIGH with a CVSS score of 7.1 out of 10.

What type of vulnerability is CVE-2025-20113?

This is classified as CWE-602, which is a common weakness in software security.

CVE-2025-20113

HIGH Year: 2025

CVSS v3 Score

7.1

High

Weakness Type

CWE-602

View all →

Vulnerability Description

A vulnerability in Cisco Unified Intelligence Center could allow an authenticated, remote attacker to elevate privileges to Administrator for a limited set of functions on an affected system. This vulnerability is due to insufficient server-side validation of user-supplied parameters in API or HTTP requests. An attacker could exploit this vulnerability by submitting a crafted API or HTTP request to an affected system. A successful exploit could allow the attacker to access, modify, or delete data beyond the sphere of their intended access level, including obtaining potentially sensitive information stored in the system.

CVE-2022-3308

HIGH

CVSS:7.4(High)

Insufficient policy enforcement in developer tools in Google Chrome prior to 106.0.5249.62 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security...

CWE-6022022

CVE-2020-8162

HIGH

CVSS:7.5(High)

A client side enforcement of server side security vulnerability exists in rails < 5.2.4.2 and rails < 6.0.3.1 ActiveStorage's S3 adapter that allows the Content-Length of a direct file upload to be mo...

CWE-6022020

CVE-2020-27268

MEDIUM

CVSS:6.5(Medium)

In SOOIL Developments Co., Ltd Diabecare RS, AnyDana-i and AnyDana-A, a client-side control vulnerability in the insulin pump and its AnyDana-i and AnyDana-A mobile applications allows physically prox...

CWE-6022020

CVE-2022-3047

MEDIUM

CVSS:6.5(Medium)

Insufficient policy enforcement in Extensions API in Google Chrome prior to 105.0.5195.52 allowed an attacker who convinced a user to install a malicious extension to bypass downloads policy via a cra...

CWE-6022022

CVE-2022-3310

MEDIUM

CVSS:6.5(Medium)

Insufficient policy enforcement in custom tabs in Google Chrome on Android prior to 106.0.5249.62 allowed an attacker who convinced the user to install an application to bypass same origin policy via ...

CWE-6022022

CVE-2023-0704

MEDIUM

CVSS:6.5(Medium)

Insufficient policy enforcement in DevTools in Google Chrome prior to 110.0.5481.77 allowed a remote attacker to bypass same origin policy and proxy settings via a crafted HTML page. (Chromium securit...

CWE-6022023

CVE-2025-20113

Vulnerability Description

Related Vulnerabilities

CVE-2022-3308

CVE-2020-8162

CVE-2020-27268

CVE-2022-3047

CVE-2022-3310

CVE-2023-0704