Zurück zur Liste

Cisco Unified Communications Manager Server-Side Request Forgery Vulnerability — CISCO-SA-CUCM-SSRF-CXPNHCW

Cisco · Cisco · CISCO-SA-CUCM-SSRF-CXPNHCW

ID
CISCO-SA-CUCM-SSRF-CXPNHCW

Datum
2026-06-03

Activity
2026-06-03

Quelle
Cisco

Vendor
Cisco

Risiko
critical

Zusammenfassung

A vulnerability in Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications Manager Session Management Edition (Unified CM SME) could allow an unauthenticated, remote attacker to conduct server-side request forgery (SSRF) attacks through an affected device. This vulnerability is due to improper input validation for specific HTTP requests. An attacker could exploit this vulnerability by…

Produkt

Cisco Unified Communications Manager Server-Side Request Forgery

Was tun?

Allgemeine, vorsichtige Schritte (bitte prüfe die offizielle Quelle für Details):

Priorisiere sofort Patches oder Mitigations (hohes akutes Risiko).
Identifiziere betroffene Produktversionen und prüfe, ob du betroffen bist.
Spiele Hersteller-Updates/Patches ein oder setze empfohlene Mitigations um.
Lies das offizielle Advisory für betroffene Versionen und konkrete Schritte.

Offizielles Advisory

Mehr dazu

Cisco Cisco 2026-W23

Cisco Catalyst SD-WAN Manager Authenticated Privilege Escalation Vulnerability

2026-06-12 CISCO-SA-SDWAN-PRIVESC-4UXFRDZX

mediumCisco Cisco 2026-W24

Arbitrary Code Execution via Crafted Keras Config for Model Loading

2026-06-06 CVE-2025-1550

highGitHub GitHub 2026-W23

Cross-site Scripting (XSS) in mindsdb/mindsdb

2026-06-06 CVE-2024-3575

mediumGitHub GitHub 2026-W23

Django has an Improper Handling of Length Parameter Inconsistency

2026-06-06 CVE-2026-5766

mediumGitHub GitHub 2026-W23

Django Uses Cache Containing Sensitive Information

2026-06-06 CVE-2026-6907

lowGitHub GitHub 2026-W23

Django vulnerable to privilege abuse in GenericInlineModelAdmin

2026-06-06 CVE-2026-4277

lowGitHub GitHub 2026-W23