Cisco Unified Communications Manager is a call processing component of Ciscoβs Unified Communications System. Unified Communications Manager Session Management Edition is the session management version of Unified Communications Manager. An arbitrary file read vulnerability exists in Unified CM and Unified CM SME, which stems from a Web-based management interface that does not properly validate user-supplied input and could be exploited to access sensitive files on the underlying operating system.