HIGHVulnerability
Verified
Global

CISA KEV: Cisco Unified Communications Manager — Cisco Unified Communications Manager Server-Side Request Forgery (SSRF) Vulnerability

·Source: CISA KEV

Updated:

Executive Summary

Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications Manager Session Management Edition (Unified CM SME) contain a server-side request forgery (SSRF) Vulnerability that could allow an unauthenticated, remote attacker to write files to the underlying operating system that could be used later to elevate to root.

Analysis

Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications Manager Session Management Edition (Unified CM SME) contain a server-side request forgery (SSRF) Vulnerability that could allow an unauthenticated, remote attacker to write files to the underlying operating system that could be used later to elevate to root. Added to CISA Known Exploited Vulnerabilities catalog on 2026-06-25. Remediation due: 2026-06-28.

Indicators of Compromise (1)

CVE (1)
CVE-2026-20230
Source Attribution

Originally published by CISA KEV on Jun 25, 2026. Verified by: CISA.

Related Threats