Security News > 2024 > January > Cisco Fixes High-Risk Vulnerability Impacting Unity Connection Software

Cisco Fixes High-Risk Vulnerability Impacting Unity Connection Software
2024-01-11 04:55

Cisco has released software updates to address a critical security flaw impacting Unity Connection that could permit an adversary to execute arbitrary commands on the underlying system. Tracked as CVE-2024-20272 (CVSS score: 7.3), the vulnerability is an arbitrary file upload bug residing in the web-based management interface and is the result of a lack of authentication in a specific


News URL

https://thehackernews.com/2024/01/cisco-fixes-high-risk-vulnerability.html

Related news

Related Vulnerability

DATE CVE VULNERABILITY TITLE RISK
2024-01-17 CVE-2024-20272 Unspecified vulnerability in Cisco Unity Connection
A vulnerability in the web-based management interface of Cisco Unity Connection could allow an unauthenticated, remote attacker to upload arbitrary files to an affected system and execute commands on the underlying operating system.
network
low complexity
cisco
critical
 9.8
9.8

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Cisco 4398 230 3044 1817 593 5684