Cisco Unified Communications Manager Server-Side Request Forgery Vulnerability — CISCO-SA-CUCM-SSRF-CXPNHCW
Cisco · Cisco · CISCO-SA-CUCM-SSRF-CXPNHCW
ID
CISCO-SA-CUCM-SSRF-CXPNHCW
CISCO-SA-CUCM-SSRF-CXPNHCW
Date
Activity
Source
Cisco
Cisco
Vendor
Cisco
Cisco
Threat
critical
critical
Summary
A vulnerability in Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications Manager Session Management Edition (Unified CM SME) could allow an unauthenticated, remote attacker to conduct server-side request forgery (SSRF) attacks through an affected device. This vulnerability is due to improper input validation for specific HTTP requests. An attacker could exploit this vulnerability by…
Product
Cisco Unified Communications Manager Server-Side Request Forgery
What to do
General, cautious steps (verify details in the official source):
- Prioritize patching or mitigation immediately (treat as actively risky).
- Identify affected product versions in your inventory and verify whether you are impacted.
- Apply vendor patches/updates or recommended mitigations as soon as available.
- Read the official advisory for exact affected versions and remediation steps.