CVE-2026-20081

Medienbericht

EPSS 0.04%
Veröffentlicht 15.04.2026 16:03:23
Zuletzt bearbeitet 28.04.2026 16:13:29
Quelle psirt@cisco.com
CVE-Watchlists
Login
Unerledigt
Login

Cisco Unity Connection Arbitrary File Download Vulnerability

Multiple vulnerabilities in Cisco Unity Connection could allow an authenticated, remote attacker to download arbitrary files from an affected system. To exploit these vulnerabilities, the attacker must have valid administrative credentials. 

These vulnerabilities are due to improper sanitization of user input to the web-based management interface. An attacker could exploit these vulnerabilities by sending a crafted HTTPS request. A successful exploit could allow the attacker to download arbitrary files from an affected system.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 5

NVD 12 VulnDex Vulnerability Enrichment 1

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Cisco ≫ Unity Connection Version <= 12.5

Cisco ≫ Unity Connection Version14.0

Cisco ≫ Unity Connection Version14su1

Cisco ≫ Unity Connection Version14su2

Cisco ≫ Unity Connection Version14su3

Cisco ≫ Unity Connection Version14su3a

Cisco ≫ Unity Connection Version14su4

Cisco ≫ Unity Connection Version14su5

Cisco ≫ Unity Connection Version15.0

Cisco ≫ Unity Connection Version15su1

Cisco ≫ Unity Connection Version15su2

Cisco ≫ Unity Connection Version15su3

VulnDex Vulnerability Enrichment

Diese Information steht angemeldeten Benutzern zur Verfügung.

Zu dieser CVE wurde keine Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.04%	0.115

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
psirt@cisco.com	6.5	2.8	3.6	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

CWE-23 Relative Path Traversal

The product uses external input to construct a pathname that should be within a restricted directory, but it does not properly neutralize sequences such as ".." that can resolve to a location that is outside of that directory.

https://www.heise.de/news/Cisco-Kritische-Codeschmuggel-Luecken-in-ISE-und-mehr-geschlossen-11259815.html

Media Report

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-unity-file-download-RmKEVWPx

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2026-20081

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2026-20081

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2026-20081

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2026-20081