Cisco Cisco Unity Connection
31 CVEs affecting Cisco Cisco Unity Connection. Latest disclosed: 2026-05-06. Critical: 1, High: 6.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2024-20253 | Critical | 9.9 | 2024-01-26 | A vulnerability in multiple Cisco Unified Communications and Contact Center Solutions products could allow an unauthenticated, remote attacker to execute arbit… |
CVE-2026-20034 | High | 8.8 | 2026-05-06 | A vulnerability in the web-based management interface of Cisco Unity Connection could allow an authenticated, remote attacker to execute arbitrary code on an a… |
CVE-2021-1362 | High | 8.8 | 2021-04-08 | A vulnerability in the SOAP API endpoint of Cisco Unified Communications Manager, Cisco Unified Communications Manager Session Management Edition, Cisco Unifie… |
CVE-2023-20259 | High | 8.6 | 2023-10-04 | A vulnerability in an API endpoint of multiple Cisco Unified Communications Products could allow an unauthenticated, remote attacker to cause high CPU utilizat… |
CVE-2026-20045 | High | 8.2 | 2026-01-21 | A vulnerability in Cisco Unified Communications Manager (Unified CM), Cisco Unified Communications Manager Session Management Edition (Unified CM SME), Cisco U… |
CVE-2024-20272 | High | 7.3 | 2024-01-17 | A vulnerability in the web-based management interface of Cisco Unity Connection could allow an unauthenticated, remote attacker to upload arbitrary files to an… |
CVE-2026-20035 | High | 7.2 | 2026-05-06 | A vulnerability in the web UI of Cisco Unity Connection Web Inbox could allow an unauthenticated, remote attacker to conduct SSRF attacks through an affected d… |
CVE-2026-20081 | Medium | 6.5 | 2026-04-15 | Multiple vulnerabilities in Cisco Unity Connection could allow an authenticated, remote attacker to download arbitrary files from an affected system. To e… |
CVE-2026-20078 | Medium | 6.5 | 2026-04-15 | Multiple vulnerabilities in Cisco Unity Connection could allow an authenticated, remote attacker to download arbitrary files from an affected system. To e… |
CVE-2023-20266 | Medium | 6.5 | 2023-08-30 | A vulnerability in Cisco Emergency Responder, Cisco Unified Communications Manager (Unified CM), Cisco Unified Communications Manager Session Management Editio… |
CVE-2026-20059 | Medium | 6.1 | 2026-04-15 | A vulnerability in the web-based management interface of Cisco Unity Connection could allow an unauthenticated, remote attacker to conduct a reflected XSS atta… |
CVE-2020-3532 | Medium | 6.1 | 2024-11-18 | A vulnerability in the web-based management interface of Cisco Unified Communications Manager, Cisco Unified Communications Manager Session Managemen… |
CVE-2022-20800 | Medium | 6.1 | 2022-07-06 | A vulnerability in the web-based management interface of Cisco Unified Communications Manager (Unified CM), Cisco Unified Communications Manager Session Manage… |
CVE-2021-1409 | Medium | 6.1 | 2021-04-08 | Multiple vulnerabilities in the web-based management interface of Cisco Unified Communications Manager (Unified CM), Cisco Unified Communications Manager IM &a… |
CVE-2021-1408 | Medium | 6.1 | 2021-04-08 | Multiple vulnerabilities in the web-based management interface of Cisco Unified Communications Manager (Unified CM), Cisco Unified Communications Manager IM &a… |
CVE-2021-1407 | Medium | 6.1 | 2021-04-08 | Multiple vulnerabilities in the web-based management interface of Cisco Unified Communications Manager (Unified CM), Cisco Unified Communications Manager IM &a… |
CVE-2021-1380 | Medium | 6.1 | 2021-04-08 | Multiple vulnerabilities in the web-based management interface of Cisco Unified Communications Manager (Unified CM), Cisco Unified Communications Manager IM &a… |
CVE-2020-3282 | Medium | 6.1 | 2020-07-02 | A vulnerability in the web-based management interface of Cisco Unified Communications Manager, Cisco Unified Communications Manager Session Management Edition… |
CVE-2019-12707 | Medium | 6.1 | 2019-10-02 | A vulnerability in the web-based interface of multiple Cisco Unified Communications products could allow an unauthenticated, remote attacker to conduct a cross… |
CVE-2019-1685 | Medium | 6.1 | 2019-02-21 | A vulnerability in the Security Assertion Markup Language (SAML) single sign-on (SSO) interface of Cisco Unity Connection could allow an unauthenticated, remot… |