CVE-2026-20230
Cisco Unified Communications Manager Server-Side Request Forgery (SSRF) Vulnerability
⚠ KEV
Description
Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications Manager Session Management Edition (Unified CM SME) contain a server-side request forgery (SSRF) Vulnerability that could allow an unauthenticated, remote attacker to write files to the underlying operating system that could be used later to elevate to root.
How to fix CVE-2026-20230
No package mapping is available — consult the references below for vendor-specific guidance.
Is CVE-2026-20230 being exploited?
Yes — CVE-2026-20230 is on the CISA Known Exploited Vulnerabilities (KEV) catalog. Patch immediately.
Affected packages (0)
No package mapping in OSV.