Cisco unified communications manager
This hub aggregates every CVE we track for Cisco unified communications manager, a product in the communications space. Use it to gauge the current risk picture and drill into individual advisories.
60
CVEs tracked
3
Critical
12
High
1
In CISA KEV
Severity distribution
MEDIUM45HIGH12CRITICAL3
Monthly trend
0
2
0
0
3
0
0
0
0
0
1
1
1
0
1
1
0
0
1
0
0
0
0
1
2024-072026-06
Latest CVEs
The 15 most recently published vulnerabilities affecting Cisco unified communications manager.
- CVE-2026-20230A vulnerability in Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications Manager Session Management Edition (Unified CM SME) could allow an unauthenticated, remote atta...8.6
- CVE-2026-20045Cisco Unified Communications Products Remote Code Execution VulnerabilityKEV8.2
- CVE-2025-20361Cisco Unified Communications Manager Stored Cross-Site Scripting Vulnerability4.8
- CVE-2025-20326Cisco Unified Communications Manager Cross-Site Request Forgery Vulnerability4.3
- CVE-2025-20309Cisco Unified Communications Manager Static SSH Credentials Vulnerability10.0
- CVE-2025-20278Cisco Unified Communications Products Command Injection Vulnerability6.0
- CVE-2025-20112Cisco Unified Communications Products Privilege Escalation Vulnerability5.1
- CVE-2020-3420Cisco Unified Communications Manager Stored Cross-Site Scripting Vulnerability5.4
- CVE-2020-3532Cisco Unified Communications Products Cross-Site Scripting Vulnerability6.1
- CVE-2024-20511Cisco Unified Communications Manager Cross-Site Scripting Vulnerability6.1
- CVE-2024-20488Cisco Unified Communications Manager Cross-Site Scripting Vulnerability6.1
- CVE-2024-20375A vulnerability in the SIP call processing function of Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications Manager Session Management Edition (Unified CM SME) could a...8.6
- CVE-2024-20253A vulnerability in multiple Cisco Unified Communications and Contact Center Solutions products could allow an unauthenticated, remote attacker to execute arbitrary code on an affected device. This ...9.9
- CVE-2023-20259A vulnerability in an API endpoint of multiple Cisco Unified Communications Products could allow an unauthenticated, remote attacker to cause high CPU utilization, which could impact access to the ...8.6
- CVE-2023-20266A vulnerability in Cisco Emergency Responder, Cisco Unified Communications Manager (Unified CM), Cisco Unified Communications Manager Session Management Edition (Unified CM SME), and Cisco Unity Co...6.5
Product normalization is registry-driven with AI assist and human review. How it works