Hot: actively covered. 🔥 Hotsec.cloudapps.cisco.com

Cisco Unified Communications Manager Server-Side Request Forgery Vulnerability (opens in new tab)

Covered by 13 sources See all sources covering this story including BleepingComputer, The Register · 4 in the last 6h

A vulnerability in Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications Manager Session Management Edition (Unified CM SME) could allow an unauthenticated, remote attacker to conduct server-side request forgery (SSRF) attacks through an affected device. This vulnerability is due to improper input validation for specific HTTP requests. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected device. A successful exploit could a...

Read the original article
Sign in to keep reading the full article.
Sign UpLog In

Covered in 18 articles · 4 in the last 6h

BleepingComputer·

Cisco Unified CM flaw CVE-2026-20230 now exploited in attacks

Feeds
BleepingComputer·

Cisco warns of critical Unified CM flaw with PoC exploit code

Feeds
The Register·

Yet another Cisco SD-WAN 0-day under attack, and no patch in sight

Discussed on Hacker News
Feeds
View all 18 ›

Keyboard Shortcuts

Navigation

Next / previous post
j/k
Open post
oorEnter
Preview post
v

Post Actions

Love post
a
Like post
l
Dislike post
d
Undo reaction
u
Save / unsave
s

Recommendations

Add interest / feed
Enter
Not interested
x

Go to

Home
gh
Interests
gi
Feeds
gf
Likes
gl
History
gy
Changelog
gc
Settings
gs
Discover
gb
Search
/

General

Show this help
?
Submit feedback
!
Close modal / unfocus
Esc

Press ? anytime to show this help