THREATOPS
THREAT OPSThreat News › Cisco Unified Communications Manager Server-Side Request Forgery Vulnerability

Cisco Unified Communications Manager Server-Side Request Forgery Vulnerability

lowcisco_psirtPublished 2026-07-01

<p>A vulnerability in Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications Manager Session Management Edition (Unified CM SME) could allow an unauthenticated, remote attacker to conduct server-side request forgery (SSRF) attacks through an affected device.</p> <p>This vulnerability is due to improper input validation for specific HTTP requests. An attacker could explo

Indicators of compromise

Original source: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cucm-ssrf-cXPnHcW?vs_f=Cisco%20Security%20Advisory%26vs_cat=Security%20Intelligence%26vs_type=RSS%26vs_p=Cisco%20Unified%20Communications%20Manager%20Server-Side%20Request%20Forgery%20Vulnerability%26vs_k=1