17 matches found
Exploit for CVE-2026-20230
CVE-2026-20230 Scanner A Python-based scanner and validation...
CVE-2026-20230
A vulnerability in Cisco Unified Communications Manager Unified CM and Cisco Unified Communications Manager Session Management Edition Unified CM SME could allow an unauthenticated, remote attacker to conduct server-side request forgery SSRF attacks through an affected device. This vulnerability ...
Cisco Unified Communications Manager (CUCM) 14.x < 14SU6 / 15.x < 15SU5 SSRF (cisco-sa-cucm-ssrf-cXPnHcW)
According to its self-reported version, Cisco Unified Communications Manager is affected by a server-side request forgery SSRF vulnerability. - A vulnerability in Cisco Unified Communications Manager Unified CM and Cisco Unified Communications Manager Session Management Edition Unified CM SME cou...
Cisco Patches CVE-2026-20230 in Unified CM as Exploit Code Goes Public
Cisco has patched a bug in Unified Communications Manager that lets an unauthenticated attacker on the network write files to the box and, from there, climb to root. It is tracked as CVE-2026-20230, and proof-of-concept exploit code is already public. Cisco's PSIRT says it has not seen the flaw...
Lack of transparency in Cisco Unified Communications Manager
Cisco has identified a vulnerability in Unified Communications Manager CM and Unified Communications Manager Session Management Edition CM SME. A malicious individual could exploit this vulnerability to carry out a Server-Side Request Forgery SSRF attack. Successful exploitation could result in t...
CVE-2026-20230
A vulnerability in Cisco Unified Communications Manager Unified CM and Cisco Unified Communications Manager Session Management Edition Unified CM SME could allow an unauthenticated, remote attacker to conduct server-side request forgery SSRF attacks through an affected device. This vulnerability ...
CVE-2026-20230
A vulnerability in Cisco Unified Communications Manager Unified CM and Cisco Unified Communications Manager Session Management Edition Unified CM SME could allow an unauthenticated, remote attacker to conduct server-side request forgery SSRF attacks through an affected device. This vulnerability ...
EUVD-2026-34137
A vulnerability in Cisco Unified Communications Manager Unified CM and Cisco Unified Communications Manager Session Management Edition Unified CM SME could allow an unauthenticated, remote attacker to conduct server-side request forgery SSRF attacks through an affected device. This vulnerability ...
CVE-2026-20230
A vulnerability in Cisco Unified Communications Manager Unified CM and Cisco Unified Communications Manager Session Management Edition Unified CM SME could allow an unauthenticated, remote attacker to conduct server-side request forgery SSRF attacks through an affected device. This vulnerability ...
CVE-2026-20230
A vulnerability in Cisco Unified Communications Manager Unified CM and Cisco Unified Communications Manager Session Management Edition Unified CM SME could allow an unauthenticated, remote attacker to conduct server-side request forgery SSRF attacks through an affected device. This vulnerability ...
CVE-2026-20230
CVE-2026-20230 affects Cisco Unified Communications Manager (CUCM) and Unified CM SME. The issue is due to improper input validation in specific HTTP requests, enabling an unauthenticated attacker to perform server-side request forgery (SSRF) and, if exploited, write files on the OS that could be...
Cisco Unified Communications Manager Server-Side Request Forgery Vulnerability
A vulnerability in Cisco Unified Communications Manager Unified CM and Cisco Unified Communications Manager Session Management Edition Unified CM SME could allow an unauthenticated, remote attacker to conduct server-side request forgery SSRF attacks through an affected device. This vulnerability ...
PT-2026-45987
Name of the Vulnerable Software and Affected Versions Cisco Unified Communications Manager affected versions not specified Cisco Unified Communications Manager Session Management Edition affected versions not specified Description An issue in the WebDialer service of Cisco Unified Communications...
CVE-2013-3450
Cross-site request forgery CSRF vulnerability in the User WebDialer page in Cisco Unified Communications Manager Unified CM allows remote attackers to hijack the authentication of arbitrary users for requests that dial calls, aka Bug ID CSCui13028...
Cross site request forgery (csrf)
Cross-site request forgery CSRF vulnerability in the User WebDialer page in Cisco Unified Communications Manager Unified CM allows remote attackers to hijack the authentication of arbitrary users for requests that dial calls, aka Bug ID CSCui13028...
CVE-2013-3450
Cisco Unified Communications Manager's User WebDialer is affected by CVE-2013-3450, a CSRF vulnerability caused by insufficient CSRF protections. An unauthenticated, remote attacker could exploit this to hijack a user’s authenticated session and initiate dialed calls on behalf of the affected use...
Cisco Unified Communications Manager User Web Dialer Cross-Site Request Forgery Vulnerability
A vulnerability in the User WebDialer page of Cisco Unified Communications Manager Unified CM could allow an unauthenticated, remote attacker to conduct a cross-site request forgery CSRF attack. The vulnerability is due to insufficient CSRF protections. An attacker could exploit this vulnerabilit...