免费扫描
LOWCVE-2025-20277CVSS 3.4

思科 Unified Contact Center Express 路径遍历漏洞

平台

cisco

组件

cisco-unified-contact-center-express

修复版本

10.6.1

10.5.1

10.6.1

12.0.1

10.0.1

10.6.1

11.0.1

11.5.1

10.5.1

11.6.1

11.6.1

12.5.1

12.5.1

12.5.1

12.5.1

12.5.1

12.5.1

12.5.1

12.5.1

12.5.1

12.5.1

12.5.1

12.5.1

11.6.1

11.6.1

12.5.1

12.0.1

12.5.1

12.5.1

11.6.1

12.5.1

12.0.1

12.0.1

11.6.1

12.0.1

11.6.1

11.6.1

11.6.1

11.6.1

10.6.1

11.0.1

10.6.1

10.5.1

10.0.1

11.5.1

11.6.1

11.5.1

9.0.1

10.6.1

10.6.1

11.6.1

10.6.1

11.5.1

11.5.1

8.5.1

11.0.1

12.5.1

12.5.1

12.5.1

12.5.1

AI Confidence: highNVDEPSS 0.0%已审阅: 2026年5月
在NVD查看
保存
正在翻译为您的语言…

CVE-2025-20277 describes a Path Traversal vulnerability affecting Cisco Unified Contact Center Express. This flaw allows an authenticated, local attacker to potentially execute arbitrary code on the affected device. The vulnerability impacts versions 10.0(1)SU1 through 12.5(1)SU3. Cisco has advised users to upgrade to a patched version to remediate this issue.

影响与攻击场景翻译中…

Successful exploitation of CVE-2025-20277 could grant an attacker complete control over the Cisco Unified CCX device. This includes the ability to modify system configurations, steal sensitive data (call recordings, user credentials), and potentially pivot to other systems on the network. The requirement for administrative credentials limits the initial attack vector, but once gained, the impact is significant. The attack requires a crafted web request followed by a specific command via SSH, suggesting a degree of technical sophistication is needed, but the potential for remote code execution makes this a serious concern.

利用背景翻译中…

CVE-2025-20277 was publicly disclosed on June 4, 2025. The CVSS score of 3.4 (LOW) indicates a relatively low probability of exploitation, but the potential impact warrants attention. There are currently no publicly available proof-of-concept exploits, but the path traversal nature of the vulnerability makes it likely that one will emerge. This vulnerability is not currently listed on the CISA KEV catalog.

哪些人处于风险中翻译中…

Organizations heavily reliant on Cisco Unified Contact Center Express for their contact center operations are at significant risk. This includes businesses with legacy deployments of older, unpatched versions (10.0(1)SU1–12.5(1)SU3) and those with limited resources for timely patching. Shared hosting environments where multiple tenants share a single CCX instance are also particularly vulnerable.

检测步骤翻译中…

• linux / server:

journalctl -u ccx | grep -i "path traversal"

• cisco / server:

show running-config | grep -i "path traversal"

• generic web:

curl -I <CCX_IP>/<vulnerable_endpoint> | grep -i "path traversal"

攻击时间线

  1. Disclosure

    disclosure

威胁情报

漏洞利用状态

概念验证未知
CISA KEVNO
互联网暴露

EPSS

0.04% (12% 百分位)

CISA SSVC

利用情况none
可自动化no
技术影响total

CVSS 向量

威胁情报· CVSS 3.1CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N3.4LOWAttack VectorLocal攻击者如何到达目标Attack ComplexityLow利用漏洞所需的条件Privileges RequiredHigh攻击所需的认证级别User InteractionNone是否需要受害者采取行动ScopeUnchanged超出受影响组件的影响范围ConfidentialityLow敏感数据泄露风险IntegrityLow数据未授权篡改风险AvailabilityNone服务中断风险nextguardhq.com · CVSS v3.1 基础分数
这些指标意味着什么?
Attack Vector
本地 — 攻击者需要系统上的本地会话或Shell。
Attack Complexity
低 — 无需特殊条件,可以稳定地利用漏洞。
Privileges Required
高 — 需要管理员或特权账户。
User Interaction
无 — 攻击自动且无声,受害者无需任何操作。
Scope
未改变 — 影响仅限于脆弱组件本身。
Confidentiality
低 — 可访问部分数据。
Integrity
低 — 攻击者可修改部分数据,影响有限。
Availability
无 — 无可用性影响。

受影响的软件

组件cisco-unified-contact-center-express
供应商Cisco
影响范围修复版本
10.6(1) – 10.6(1)10.6.1
10.5(1)SU1 – 10.5(1)SU110.5.1
10.6(1)SU3 – 10.6(1)SU310.6.1
12.0(1) – 12.0(1)12.0.1
10.0(1)SU1 – 10.0(1)SU110.0.1
10.6(1)SU1 – 10.6(1)SU110.6.1
11.0(1)SU1 – 11.0(1)SU111.0.1
11.5(1)SU1 – 11.5(1)SU111.5.1
10.5(1) – 10.5(1)10.5.1
11.6(1) – 11.6(1)11.6.1
11.6(2) – 11.6(2)11.6.1
12.5(1) – 12.5(1)12.5.1
12.5(1)SU1 – 12.5(1)SU112.5.1
12.5(1)SU2 – 12.5(1)SU212.5.1
12.5(1)SU3 – 12.5(1)SU312.5.1
12.5(1)_SU03_ES01 – 12.5(1)_SU03_ES0112.5.1
12.5(1)_SU03_ES02 – 12.5(1)_SU03_ES0212.5.1
12.5(1)_SU02_ES03 – 12.5(1)_SU02_ES0312.5.1
12.5(1)_SU02_ES04 – 12.5(1)_SU02_ES0412.5.1
12.5(1)_SU02_ES02 – 12.5(1)_SU02_ES0212.5.1
12.5(1)_SU01_ES02 – 12.5(1)_SU01_ES0212.5.1
12.5(1)_SU01_ES03 – 12.5(1)_SU01_ES0312.5.1
12.5(1)_SU02_ES01 – 12.5(1)_SU02_ES0112.5.1
11.6(2)ES07 – 11.6(2)ES0711.6.1
11.6(2)ES08 – 11.6(2)ES0811.6.1
12.5(1)_SU01_ES01 – 12.5(1)_SU01_ES0112.5.1
12.0(1)ES04 – 12.0(1)ES0412.0.1
12.5(1)ES02 – 12.5(1)ES0212.5.1
12.5(1)ES03 – 12.5(1)ES0312.5.1
11.6(2)ES06 – 11.6(2)ES0611.6.1
12.5(1)ES01 – 12.5(1)ES0112.5.1
12.0(1)ES03 – 12.0(1)ES0312.0.1
12.0(1)ES01 – 12.0(1)ES0112.0.1
11.6(2)ES05 – 11.6(2)ES0511.6.1
12.0(1)ES02 – 12.0(1)ES0212.0.1
11.6(2)ES04 – 11.6(2)ES0411.6.1
11.6(2)ES03 – 11.6(2)ES0311.6.1
11.6(2)ES02 – 11.6(2)ES0211.6.1
11.6(2)ES01 – 11.6(2)ES0111.6.1
10.6(1)SU3ES03 – 10.6(1)SU3ES0310.6.1
11.0(1)SU1ES03 – 11.0(1)SU1ES0311.0.1
10.6(1)SU3ES01 – 10.6(1)SU3ES0110.6.1
10.5(1)SU1ES10 – 10.5(1)SU1ES1010.5.1
10.0(1)SU1ES04 – 10.0(1)SU1ES0410.0.1
11.5(1)SU1ES03 – 11.5(1)SU1ES0311.5.1
11.6(1)ES02 – 11.6(1)ES0211.6.1
11.5(1)ES01 – 11.5(1)ES0111.5.1
9.0(2)SU3ES04 – 9.0(2)SU3ES049.0.1
10.6(1)SU2 – 10.6(1)SU210.6.1
10.6(1)SU2ES04 – 10.6(1)SU2ES0410.6.1
11.6(1)ES01 – 11.6(1)ES0111.6.1
10.6(1)SU3ES02 – 10.6(1)SU3ES0210.6.1
11.5(1)SU1ES02 – 11.5(1)SU1ES0211.5.1
11.5(1)SU1ES01 – 11.5(1)SU1ES0111.5.1
8.5(1) – 8.5(1)8.5.1
11.0(1)SU1ES02 – 11.0(1)SU1ES0211.0.1
12.5(1)_SU03_ES03 – 12.5(1)_SU03_ES0312.5.1
12.5(1)_SU03_ES04 – 12.5(1)_SU03_ES0412.5.1
12.5(1)_SU03_ES05 – 12.5(1)_SU03_ES0512.5.1
12.5(1)_SU03_ES06 – 12.5(1)_SU03_ES0612.5.1

弱点分类 (CWE)

CWE-22

时间线

  1. 已保留
  2. 发布日期
  3. 修改日期
  4. EPSS 更新日期
未修复 — 披露已354天

缓解措施和替代方案翻译中…

The primary mitigation for CVE-2025-20277 is to upgrade to a patched version of Cisco Unified Contact Center Express as soon as it becomes available. If an immediate upgrade is not possible, restrict access to the web-based management interface to only trusted administrators. Implement strong authentication measures, including multi-factor authentication, to prevent unauthorized access. Consider using a web application firewall (WAF) to filter potentially malicious requests targeting the vulnerable endpoint. Monitor system logs for suspicious activity, particularly SSH login attempts and unusual web requests.

修复方法

将思科 Unified Contact Center Express 更新到不受此漏洞影响的版本。请参阅思科安全公告以获取更多详细信息和已修复的版本。

CVE 安全通讯

漏洞分析和关键警报直接发送到您的邮箱。

常见问题翻译中…

What is CVE-2025-20277 — Path Traversal in Cisco Unified CCX?

CVE-2025-20277 is a vulnerability in Cisco Unified Contact Center Express allowing authenticated local attackers to execute code via a path traversal flaw. It affects versions 10.0(1)SU1–12.5(1)SU3.

Am I affected by CVE-2025-20277 in Cisco Unified CCX?

If you are using Cisco Unified Contact Center Express versions 10.0(1)SU1 through 12.5(1)SU3, you are potentially affected by this vulnerability. Check your current version and upgrade if necessary.

How do I fix CVE-2025-20277 in Cisco Unified CCX?

The recommended fix is to upgrade to a patched version of Cisco Unified Contact Center Express as soon as it becomes available. Until then, restrict access and monitor logs.

Is CVE-2025-20277 being actively exploited?

As of June 4, 2025, there are no confirmed reports of active exploitation, but the vulnerability's nature suggests potential for future exploitation.

Where can I find the official Cisco advisory for CVE-2025-20277?

Please refer to the official Cisco Security Advisory for CVE-2025-20277 on the Cisco website (search for the CVE ID on Cisco.com).

你的项目受影响吗?

上传你的依赖文件,立即了解此CVE和其他CVE是否影响你。

免费扫描搜索 CVE