Server-Side Request Forgery (SSRF) in Cisco Unified Communications Manager and Cisco Unified Communications Manager Session Management Edition - CVE-2026-20230
Published: June 4, 2026
Vulnerability identifier: #VU133306
CSH Severity: High
CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:H/VA:N/SC:L/SI:L/SA:N/E:U/U:Amber
CVE-ID: CVE-2026-20230
CWE-ID: CWE-918
Exploitation vector: Remote access
Exploit availability:
No public exploit available
Vendor: Cisco Systems, Inc
Affected software:
Cisco Unified Communications Manager
Cisco Unified Communications Manager Session Management Edition
Cisco Unified Communications Manager
Cisco Unified Communications Manager Session Management Edition
Detailed vulnerability description
The vulnerability allows a remote attacker to write files to the underlying operating system.
The vulnerability exists due to server-side request forgery in the WebDialer service when handling crafted HTTP requests. A remote attacker can send a crafted HTTP request to write files to the underlying operating system.
Only instances with the WebDialer service enabled are vulnerable. The written files could be used later to elevate privileges to root.
How to mitigate CVE-2026-20230
Install security update from vendor's website.