Cisco

Unity Connection

55 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
8.8

CVE-2026-20034

Medienbericht
  • EPSS 0.45%
  • Veröffentlicht 06.05.2026 16:16:05
  • Zuletzt bearbeitet 06.05.2026 18:59:53

A vulnerability in the web-based management interface of Cisco Unity Connection could allow an authenticated, remote attacker to execute arbitrary code on an affected device. This vulnerability is due to insufficient validation of user-supplied in...

7.2

CVE-2026-20035

Medienbericht
  • EPSS 0.02%
  • Veröffentlicht 06.05.2026 16:15:57
  • Zuletzt bearbeitet 06.05.2026 18:59:53

A vulnerability in the web UI of Cisco Unity Connection Web Inbox could allow an unauthenticated, remote attacker to conduct SSRF attacks through an affected device. This vulnerability is due to improper input validation for specific HTTP requests...

6.1

CVE-2026-20059

Medienbericht
  • EPSS 0.04%
  • Veröffentlicht 15.04.2026 16:11:22
  • Zuletzt bearbeitet 28.04.2026 16:31:07

A vulnerability in the web-based management interface of Cisco Unity Connection could allow an unauthenticated, remote attacker to conduct a reflected XSS attack against a user of the interface. This vulnerability exists because the web-based mana...

6.5

CVE-2026-20061

Medienbericht
  • EPSS 0.02%
  • Veröffentlicht 15.04.2026 16:11:20
  • Zuletzt bearbeitet 28.04.2026 16:30:48

A vulnerability in the web-based management interface of Cisco Unity Connection could allow an authenticated, remote attacker to perform an SQL injection attack against an affected device. To exploit this vulnerability, the attacker must have valid u...

4.7

CVE-2026-20060

Medienbericht
  • EPSS 0.03%
  • Veröffentlicht 15.04.2026 16:11:20
  • Zuletzt bearbeitet 28.04.2026 16:30:29

A vulnerability in the web-based management interface of Cisco Unity Connection could allow an unauthenticated, remote attacker to redirect a user to a malicious web page. This vulnerability is due to improper input validation of HTTP request para...

6.5

CVE-2026-20081

Medienbericht
  • EPSS 0.04%
  • Veröffentlicht 15.04.2026 16:03:23
  • Zuletzt bearbeitet 28.04.2026 16:13:29

Multiple vulnerabilities in Cisco Unity Connection could allow an authenticated, remote attacker to download arbitrary files from an affected system. To exploit these vulnerabilities, the attacker must have valid administrative credentials.&nbsp...

6.5

CVE-2026-20078

Medienbericht
  • EPSS 0.04%
  • Veröffentlicht 15.04.2026 16:03:16
  • Zuletzt bearbeitet 28.04.2026 16:14:03

Multiple vulnerabilities in Cisco Unity Connection could allow an authenticated, remote attacker to download arbitrary files from an affected system. To exploit these vulnerabilities, the attacker must have valid administrative credentials.&nbsp...

9.8

CVE-2026-20045

Warnung Medienbericht
  • EPSS 4.1%
  • Veröffentlicht 21.01.2026 16:26:20
  • Zuletzt bearbeitet 13.02.2026 21:37:06

A vulnerability in Cisco Unified Communications Manager (Unified CM), Cisco Unified Communications Manager Session Management Edition (Unified CM SME), Cisco Unified Communications Manager IM & Presence Service (Unified CM IM&P), Cisco Unity ...

6.7

CVE-2025-20278

  • EPSS 0.05%
  • Veröffentlicht 04.06.2025 16:18:20
  • Zuletzt bearbeitet 31.07.2025 15:02:05

A vulnerability in the CLI of multiple Cisco Unified Communications products could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system of an affected device as the root user. This vulnerability i...

5.1

CVE-2025-20112

  • EPSS 0.07%
  • Veröffentlicht 21.05.2025 16:19:24
  • Zuletzt bearbeitet 15.04.2026 00:35:42

A vulnerability in multiple Cisco Unified Communications and Contact Center Solutions products could allow an authenticated, local attacker to elevate privileges to root on an affected device. This vulnerability is due to excessive permissions tha...