CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2026-20045

A vulnerability in Cisco Unified Communications Manager (Unified CM), Cisco Unified Communications Manager Session Management Edition (Unified CM SME), Cisco Unified Communications Manager IM & Presence Service (Unified CM IM&P), Cisco Unity Connection, and Cisco Webex Calling Dedicated Instance could allow an unauthenticated, remote attacker to execute arbitrary commands on the underlying operating system of an affected device.  This vulnerability is due to improper validation of user-supplied input in HTTP requests. An attacker could exploit this vulnerability by sending a sequence of crafted HTTP requests to the web-based management interface of an affected device. A successful exploit could allow the attacker to obtain user-level access to the underlying operating system and then elevate privileges to root. Note: Cisco has assigned this security advisory a Security Impact Rating (SIR) of Critical rather than High as the score indicates. The reason is that exploitation of this vulnerability could result in an attacker elevating privileges to root.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.018

EPSS Ranking 82.2%

CVSS Severity

CVSS v3 Score 8.2

Proposed Action

Cisco Unified Communications Manager (Unified CM), Cisco Unified Communications Manager Session Management Edition (Unified CM SME), Cisco Unified Communications Manager IM & Presence Service (Unified CM IM&P), Cisco Unity Connection, and Cisco Webex Calling Dedicated Instance contain a code injection vulnerability that could allow the attacker to obtain user-level access to the underlying operating system and then elevate privileges to root.

Ransomware Campaign

Unknown

References

Products affected by CVE-2026-20045

Cisco » Unified Communications Manager » Version: 12.5

cpe:2.3:a:cisco:unified_communications_manager:12.5
Cisco » Unified Communications Manager » Version: 12.5(1)

cpe:2.3:a:cisco:unified_communications_manager:12.5(1)
Cisco » Unified Communications Manager » Version: 12.5(1)su1

cpe:2.3:a:cisco:unified_communications_manager:12.5(1)su1
Cisco » Unified Communications Manager » Version: 12.5(1)su2

cpe:2.3:a:cisco:unified_communications_manager:12.5(1)su2
Cisco » Unified Communications Manager » Version: 12.5(1)su3

cpe:2.3:a:cisco:unified_communications_manager:12.5(1)su3
Cisco » Unified Communications Manager » Version: 12.5(1)su4

cpe:2.3:a:cisco:unified_communications_manager:12.5(1)su4
Cisco » Unified Communications Manager » Version: 12.5(1)su5

cpe:2.3:a:cisco:unified_communications_manager:12.5(1)su5
Cisco » Unified Communications Manager » Version: 12.5(1)su6

cpe:2.3:a:cisco:unified_communications_manager:12.5(1)su6
Cisco » Unified Communications Manager » Version: 12.5(1)su7

cpe:2.3:a:cisco:unified_communications_manager:12.5(1)su7
Cisco » Unified Communications Manager » Version: 12.5(1.10000.22)

cpe:2.3:a:cisco:unified_communications_manager:12.5(1.10000.22)
Cisco » Unified Communications Manager » Version: 12.5.1su8

cpe:2.3:a:cisco:unified_communications_manager:12.5.1su8
Cisco » Unified Communications Manager » Version: 12.6

cpe:2.3:a:cisco:unified_communications_manager:12.6
Cisco » Unified Communications Manager » Version: 12.6(1)

cpe:2.3:a:cisco:unified_communications_manager:12.6(1)
Cisco » Unified Communications Manager » Version: 14.0

cpe:2.3:a:cisco:unified_communications_manager:14.0
Cisco » Unified Communications Manager » Version: 14.0(1.10000.20)

cpe:2.3:a:cisco:unified_communications_manager:14.0(1.10000.20)
Cisco » Unified Communications Manager » Version: 14.0su2a

cpe:2.3:a:cisco:unified_communications_manager:14.0su2a
Cisco » Unified Communications Manager » Version: 14su1

cpe:2.3:a:cisco:unified_communications_manager:14su1
Cisco » Unified Communications Manager » Version: 14su2

cpe:2.3:a:cisco:unified_communications_manager:14su2
Cisco » Unified Communications Manager » Version: 14su3

cpe:2.3:a:cisco:unified_communications_manager:14su3
Cisco » Unified Communications Manager » Version: 15.0.1.13010-1

cpe:2.3:a:cisco:unified_communications_manager:15.0.1.13010-1
Cisco » Unified Communications Manager » Version: 15.0.1.13011-1

cpe:2.3:a:cisco:unified_communications_manager:15.0.1.13011-1
Cisco » Unified Communications Manager » Version: 15.0.1.13012-1

cpe:2.3:a:cisco:unified_communications_manager:15.0.1.13012-1
Cisco » Unified Communications Manager » Version: 15.0.1.13013-1

cpe:2.3:a:cisco:unified_communications_manager:15.0.1.13013-1
Cisco » Unified Communications Manager » Version: 15.0.1.13014-1

cpe:2.3:a:cisco:unified_communications_manager:15.0.1.13014-1
Cisco » Unified Communications Manager » Version: 15.0.1.13015-1

cpe:2.3:a:cisco:unified_communications_manager:15.0.1.13015-1
Cisco » Unified Communications Manager » Version: 15.0.1.13016-1

cpe:2.3:a:cisco:unified_communications_manager:15.0.1.13016-1
Cisco » Unified Communications Manager » Version: 15.0.1.13017-1

cpe:2.3:a:cisco:unified_communications_manager:15.0.1.13017-1
Cisco » Unified Communications Manager Im And Presence Service » Version: Any

cpe:2.3:a:cisco:unified_communications_manager_im_and_presence_service:*
Cisco » Unified Communications Manager Im And Presence Service » Version: 12.5

cpe:2.3:a:cisco:unified_communications_manager_im_and_presence_service:12.5
Cisco » Unified Communications Manager Im And Presence Service » Version: 12.5(1)

cpe:2.3:a:cisco:unified_communications_manager_im_and_presence_service:12.5(1)
Cisco » Unified Communications Manager Im And Presence Service » Version: 12.5(1)su1

cpe:2.3:a:cisco:unified_communications_manager_im_and_presence_service:12.5(1)su1
Cisco » Unified Communications Manager Im And Presence Service » Version: 12.5(1)su2

cpe:2.3:a:cisco:unified_communications_manager_im_and_presence_service:12.5(1)su2
Cisco » Unified Communications Manager Im And Presence Service » Version: 12.5(1)su3

cpe:2.3:a:cisco:unified_communications_manager_im_and_presence_service:12.5(1)su3
Cisco » Unified Communications Manager Im And Presence Service » Version: 12.5(1)su4

cpe:2.3:a:cisco:unified_communications_manager_im_and_presence_service:12.5(1)su4
Cisco » Unified Communications Manager Im And Presence Service » Version: 12.5(1)su5

cpe:2.3:a:cisco:unified_communications_manager_im_and_presence_service:12.5(1)su5
Cisco » Unified Communications Manager Im And Presence Service » Version: 12.5(1)su6

cpe:2.3:a:cisco:unified_communications_manager_im_and_presence_service:12.5(1)su6
Cisco » Unified Communications Manager Im And Presence Service » Version: 12.5(1)su7

cpe:2.3:a:cisco:unified_communications_manager_im_and_presence_service:12.5(1)su7
Cisco » Unified Communications Manager Im And Presence Service » Version: 12.5(1)su8

cpe:2.3:a:cisco:unified_communications_manager_im_and_presence_service:12.5(1)su8
Cisco » Unified Communications Manager Im And Presence Service » Version: 12.5(1)su9

cpe:2.3:a:cisco:unified_communications_manager_im_and_presence_service:12.5(1)su9
Cisco » Unified Communications Manager Im And Presence Service » Version: 12.5su8

cpe:2.3:a:cisco:unified_communications_manager_im_and_presence_service:12.5su8
Cisco » Unified Communications Manager Im And Presence Service » Version: 14.0

cpe:2.3:a:cisco:unified_communications_manager_im_and_presence_service:14.0
Cisco » Unified Communications Manager Im And Presence Service » Version: 14.0(1)

cpe:2.3:a:cisco:unified_communications_manager_im_and_presence_service:14.0(1)
Cisco » Unified Communications Manager Im And Presence Service » Version: 14.0su1

cpe:2.3:a:cisco:unified_communications_manager_im_and_presence_service:14.0su1
Cisco » Unified Communications Manager Im And Presence Service » Version: 14.0su2

cpe:2.3:a:cisco:unified_communications_manager_im_and_presence_service:14.0su2
Cisco » Unified Communications Manager Im And Presence Service » Version: 14.0su2a

cpe:2.3:a:cisco:unified_communications_manager_im_and_presence_service:14.0su2a
Cisco » Unified Communications Manager Im And Presence Service » Version: 14.0su4

cpe:2.3:a:cisco:unified_communications_manager_im_and_presence_service:14.0su4
Cisco » Unified Communications Manager Im And Presence Service » Version: 14su

cpe:2.3:a:cisco:unified_communications_manager_im_and_presence_service:14su
Cisco » Unity Connection » Version: 12.5

cpe:2.3:a:cisco:unity_connection:12.5
Cisco » Unity Connection » Version: 12.5(1)

cpe:2.3:a:cisco:unity_connection:12.5(1)
Cisco » Unity Connection » Version: 12.5(1)su1

cpe:2.3:a:cisco:unity_connection:12.5(1)su1
Cisco » Unity Connection » Version: 12.5(1)su2

cpe:2.3:a:cisco:unity_connection:12.5(1)su2
Cisco » Unity Connection » Version: 12.5(1)su3

cpe:2.3:a:cisco:unity_connection:12.5(1)su3
Cisco » Unity Connection » Version: 12.5(1)su4

cpe:2.3:a:cisco:unity_connection:12.5(1)su4
Cisco » Unity Connection » Version: 12.5(1)su5

cpe:2.3:a:cisco:unity_connection:12.5(1)su5
Cisco » Unity Connection » Version: 12.5(1)su6

cpe:2.3:a:cisco:unity_connection:12.5(1)su6
Cisco » Unity Connection » Version: 12.5(1)su7

cpe:2.3:a:cisco:unity_connection:12.5(1)su7
Cisco » Unity Connection » Version: 12.5(1)su8

cpe:2.3:a:cisco:unity_connection:12.5(1)su8
Cisco » Unity Connection » Version: 12.5(1)su8a

cpe:2.3:a:cisco:unity_connection:12.5(1)su8a
Cisco » Unity Connection » Version: 12.5(1)su9

cpe:2.3:a:cisco:unity_connection:12.5(1)su9
Cisco » Unity Connection » Version: 12.5su2

cpe:2.3:a:cisco:unity_connection:12.5su2
Cisco » Unity Connection » Version: 14.0

cpe:2.3:a:cisco:unity_connection:14.0
Cisco » Unity Connection » Version: 14su1

cpe:2.3:a:cisco:unity_connection:14su1
Cisco » Unity Connection » Version: 14su2

cpe:2.3:a:cisco:unity_connection:14su2
Cisco » Unity Connection » Version: 14su3

cpe:2.3:a:cisco:unity_connection:14su3
Cisco » Unity Connection » Version: 15.0

cpe:2.3:a:cisco:unity_connection:15.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2026-20045

Products

Pricing

Contact Us