Cisco Unified Intell. Center SSRF & Info Disclosure (CVE-2023-20061)
CVE-2023-20061 Published on March 3, 2023
Cisco Unified Intelligence Center Vulnerabilities
Multiple vulnerabilities in Cisco Unified Intelligence Center could allow an authenticated, remote attacker to collect sensitive information or perform a server-side request forgery (SSRF) attack on an affected system. Cisco plans to release software updates that address these vulnerabilities.
Vulnerability Analysis
CVE-2023-20061 can be exploited with network access, and requires small amount of user privileges. This vulnerability is considered to have a low attack complexity. The potential impact of an exploit of this vulnerability is considered to have a high impact on confidentiality, with no impact on integrity and availability.
Weakness Type
What is an Information Disclosure Vulnerability?
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.
CVE-2023-20061 has been classified to as an Information Disclosure vulnerability or weakness.
Products Associated with CVE-2023-20061
You can be notified by email with stack.watch whenever vulnerabilities like CVE-2023-20061 are published in these products:
Affected Versions
Cisco Unified Intelligence Center Version n/a is affected by CVE-2023-20061Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.